问题:

403 Access Denied

You are not authorized to view this page.

If you have already configured the Manager application to allow access and you have used your browsers back button, used a saved book-mark or similar then you may have triggered the cross-site request forgery (CSRF) protection that has been enabled for the HTML interface of the Manager application. You will need to reset this protection by returning to the main Manager page. Once you return to this page, you will be able to continue using the Manager appliction's HTML interface normally. If you continue to see this access denied message, check that you have the necessary permissions to access this application.

If you have not changed any configuration files, please examine the file conf/tomcat-users.xml in your installation. That file must contain the credentials to let you use this webapp.

For example, to add the manager-gui role to a user named tomcat with a password of s3cret, add the following to the config file listed above.

<role rolename="manager-gui"/>

<user username="tomcat" password="s3cret" roles="manager-gui"/>

Note that for Tomcat 7 onwards, the roles required to use the manager application were changed from the single manager role to the following four roles. You will need to assign the role(s) required for the functionality you wish to access.

manager-gui - allows access to the HTML GUI and the status pages

manager-script - allows access to the text interface and the status pages

manager-jmx - allows access to the JMX proxy and the status pages

manager-status - allows access to the status pages only

The HTML interface is protected against CSRF but the text and JMX interfaces are not. To maintain the CSRF protection:

Users with the manager-gui role should not be granted either the manager-script or manager-jmx roles.

If the text or jmx interfaces are accessed through a browser (e.g. for testing since these interfaces are intended for tools not humans) then the browser must be closed afterwards to terminate the session.

tomcat-users.xml配置内容为:

<!--

  <role rolename="tomcat"/>

  <role rolename="role1"/>

  <user username="tomcat" password="tomcat" roles="tomcat"/>

  <user username="both" password="tomcat" roles="tomcat,role1"/>

  <user username="role1" password="tomcat" roles="role1"/>

-->

     <user username="admin" password="admin" roles="manager"/> 

</tomcat-users>

解决方案:

<user username="admin" password="admin" roles="manager"/>改为:

<user username="admin" password="admin" roles="manager-gui"/>即可。

原因是tomcat8中role已经manager换为manager-gui了。

Tomcat8访问管理页面localhost出现:403 Access Denied的更多相关文章

  1. tomcat访问管理页面出现:403 Access Denied 解决方法

    点击红色框框出现以下403错误 打开context.xml文件 vim /usr/local/tomcat/webapps/manager/META-INF/context.xml <Conte ...

  2. 访问nginx-php页面的时候 报access denied.

    访问页面的时候出现这个时access denied 只需到/usr/local/php/etc/php.ini中修改一下 把这个注释掉 ;open_basedir =  把这个值赋值为1  cgi.f ...

  3. Linux Tomcat8 访问管理页面 403 Access Denied

    http://blog.csdn.net/u012167045/article/details/61624226 1:修改conf/tomcat-users.xml配置文件 2:vi /usr/loc ...

  4. tomcat8 管理页面403 Access Denied的解决方法

      安装tomcat,配置好tomcat环境变量以后,访问manager app页面,出现403 Access Denied错误,解决的方法如下: 首先在conf/tomcat-users.xml文件 ...

  5. tomcat管理页面403 Access Denied的解决方法

    安装tomcat,配置好tomcat环境变量以后,访问manager app页面,出现403 Access Denied错误,解决的方法如下: 首先在conf/tomcat-users.xml文件里面 ...

  6. JavaWeb——tomcat manager 403 Access Denied .You are not authorized to view this page.

    403 Access Denied You are not authorized to view this page. If you have already configured the Manag ...

  7. Tomcat 9.0 配置问题 403 Access Denied

    tomcat9.0 管理页面如:http://10.10.10.10:8080/manager/html出现如下错误: 403 Access Denied 1.需要配置: Tomcat/conf/to ...

  8. Tomcat的Manager显示403 Access Denied

    管理tomcat的时候遇到了以下问题: 1.刚开始需要用户名密码,不知道用户名和密码是什么,但是输入什么都不正确. 解决办法: 自己在tomcat-users.xml中按格式添加用户 conf文件夹里 ...

  9. mysqladmin: connect to server at 'localhost' failed error: 'Access denied for user 'root'@'localhost' (using password: YES)'

    就当作自己忘记Mysql密码把,忘记密码的解决方法 一.mysql登录错误mysqladmin: connect to server at 'localhost' failederror: 'Acce ...

随机推荐

  1. IOS Socket 03-建立连接与登录

    1. 搭建python服务器 这里我们用到python服务器Socket Server.如何运行Server?下面介绍 1)通过百度云下载文件 http://pan.baidu.com/s/1i5yb ...

  2. 爱上MVC~一个Action多套View模版的设计

    回到目录 模块化 这个问题是在做模块化设计时出现的,在Lind.DDD.Plugins模块里,需要对应的模块实体,模块管理者,模块标识接口等,开发时,如果你的功能点属于一个模块,需要实现IPlugin ...

  3. Atitit  代理与分销系统(1)  子代理 充值总额功能设计概览 sum() groubpy subagt

    Atitit  代理与分销系统(1)  子代理 充值总额功能设计概览 sum() groubpy subagt Keyword 分组与聚合操作. 一个for做分组...里面的做聚合... 数据g操作查 ...

  4. 使用JSExcelXML.js导出Excel模板

      github地址:https://github.com/464884492/JSExcelXml 业务系统显示效果图 导出模板图 功能描述    世间万物总是相生相克,既然我们的客户要求有导出Ex ...

  5. Python - 动手写个ORM

    Python - 动手写个ORM 任务: 模拟简单的ORM - Object Relational Mapping 为model添加create方法 代码很简单,直接上 字段类型类 class Fie ...

  6. XML学习笔记2——DTD

    在上一篇笔记中,将文档类型分类时,曾经根据文档是否使用并遵守了DTD或Schema来区分为格式良好的XML和有效的XML,那么什么是DTD和Schema呢?DTD和Schema都是用来规范XML文档的 ...

  7. C#委托(delegate)

    C#中委托(delegate)是一种安全地封装方法的类型,委托是面向对象的.类型安全的. 使用委托的步骤: 1.声明委托 public delegate void DelegateHandler(st ...

  8. javascript类型系统——布尔Boolean类型

    × 目录 [1]定义 [2]应用场景 [3]转为布尔[4]实例方法 前面的话 布尔值Boolean类型可能是三种包装对象Number.String和Boolean中最简单的一种.Number和Stri ...

  9. javase基础复习攻略《八》

    进入第八篇,我们开始讨论JAVA的IO初步.在JAVA程序中,对数据的输入\输出操作以"流"(stream)方式进行,J2SDK提供了各种各样的"流"类,用于获 ...

  10. hdu1962Corporative Network带权回路

    /* 有N个企业,每个企业想要实现通信,要用线路来连接,线路的长度为abs(a-b)%1000; 如果企业a 链接到了企业b 那么b就是the center of the serving! 然后有两种 ...