问题:

403 Access Denied

You are not authorized to view this page.

If you have already configured the Manager application to allow access and you have used your browsers back button, used a saved book-mark or similar then you may have triggered the cross-site request forgery (CSRF) protection that has been enabled for the HTML interface of the Manager application. You will need to reset this protection by returning to the main Manager page. Once you return to this page, you will be able to continue using the Manager appliction's HTML interface normally. If you continue to see this access denied message, check that you have the necessary permissions to access this application.

If you have not changed any configuration files, please examine the file conf/tomcat-users.xml in your installation. That file must contain the credentials to let you use this webapp.

For example, to add the manager-gui role to a user named tomcat with a password of s3cret, add the following to the config file listed above.

<role rolename="manager-gui"/>
<user username="tomcat" password="s3cret" roles="manager-gui"/>
Note that for Tomcat 7 onwards, the roles required to use the manager application were changed from the single manager role to the following four roles. You will need to assign the role(s) required for the functionality you wish to access. manager-gui - allows access to the HTML GUI and the status pages
manager-script - allows access to the text interface and the status pages
manager-jmx - allows access to the JMX proxy and the status pages
manager-status - allows access to the status pages only
The HTML interface is protected against CSRF but the text and JMX interfaces are not. To maintain the CSRF protection: Users with the manager-gui role should not be granted either the manager-script or manager-jmx roles.
If the text or jmx interfaces are accessed through a browser (e.g. for testing since these interfaces are intended for tools not humans) then the browser must be closed afterwards to terminate the session.

tomcat-users.xml配置内容为:

<!--
<role rolename="tomcat"/>
<role rolename="role1"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="both" password="tomcat" roles="tomcat,role1"/>
<user username="role1" password="tomcat" roles="role1"/>
-->
<user username="admin" password="admin" roles="manager"/> </tomcat-users>

解决方案:

<user username="admin" password="admin" roles="manager"/>改为:

<user username="admin" password="admin" roles="manager-gui"/>即可。

原因是tomcat8中role已经manager换为manager-gui了。

Tomcat8访问管理页面localhost出现:403 Access Denied的更多相关文章

  1. tomcat访问管理页面出现:403 Access Denied 解决方法

    点击红色框框出现以下403错误 打开context.xml文件 vim /usr/local/tomcat/webapps/manager/META-INF/context.xml <Conte ...

  2. 访问nginx-php页面的时候 报access denied.

    访问页面的时候出现这个时access denied 只需到/usr/local/php/etc/php.ini中修改一下 把这个注释掉 ;open_basedir =  把这个值赋值为1  cgi.f ...

  3. Linux Tomcat8 访问管理页面 403 Access Denied

    http://blog.csdn.net/u012167045/article/details/61624226 1:修改conf/tomcat-users.xml配置文件 2:vi /usr/loc ...

  4. tomcat8 管理页面403 Access Denied的解决方法

      安装tomcat,配置好tomcat环境变量以后,访问manager app页面,出现403 Access Denied错误,解决的方法如下: 首先在conf/tomcat-users.xml文件 ...

  5. tomcat管理页面403 Access Denied的解决方法

    安装tomcat,配置好tomcat环境变量以后,访问manager app页面,出现403 Access Denied错误,解决的方法如下: 首先在conf/tomcat-users.xml文件里面 ...

  6. JavaWeb——tomcat manager 403 Access Denied .You are not authorized to view this page.

    403 Access Denied You are not authorized to view this page. If you have already configured the Manag ...

  7. Tomcat 9.0 配置问题 403 Access Denied

    tomcat9.0 管理页面如:http://10.10.10.10:8080/manager/html出现如下错误: 403 Access Denied 1.需要配置: Tomcat/conf/to ...

  8. Tomcat的Manager显示403 Access Denied

    管理tomcat的时候遇到了以下问题: 1.刚开始需要用户名密码,不知道用户名和密码是什么,但是输入什么都不正确. 解决办法: 自己在tomcat-users.xml中按格式添加用户 conf文件夹里 ...

  9. mysqladmin: connect to server at 'localhost' failed error: 'Access denied for user 'root'@'localhost' (using password: YES)'

    就当作自己忘记Mysql密码把,忘记密码的解决方法 一.mysql登录错误mysqladmin: connect to server at 'localhost' failederror: 'Acce ...

随机推荐

  1. IBatisNet:让insert操作返回新增记录的主键值

    项目引用ibatis包: IBatisNet.Common.dll --文件版本1.6.2.0 IBatisNet.DataAccess.dll IBatisNet.DataMapper.dll 项目 ...

  2. 学习ASP.NET MVC(五)——我的第一个ASP.NET MVC CURD页面

    在上一篇文章中我们已经创建了实体类,在这一篇文章中,我将创建一个新的控制器类——BookController,使用BookController对Books表中的数据进行CURD操作的方法,并使用视图模 ...

  3. Liferay7 BPM门户开发之45: 集成Activiti文件上传部署流程BPMN模型

    开发文件上传,部署流程模板. 首先,开发jsp页面,deploy.jsp <%@ include file="/init.jsp" %> <h3>${RET ...

  4. input---checked小问题

    想必有很多做前端同学都遇到了这么一个问题. 那就是checkbox.那就是我们通过jquery设置选中的时候,发现checked属性已经设置上去了 但是选中的样式却没有. 我们做一个简单的测试:看下面 ...

  5. MVVM模式下,ViewModel和View,Model有什么区别

    摘自正美的5群 Model:很简单,就是业务逻辑相关的数据对象,通常从数据库映射而来,我们可以说是与数据库对应的model. View:也很简单,就是展现出来的用户界面. 基本上,绝大多数软件所做的工 ...

  6. 数据可视化(1)--Chart.js

    Chart.js是一个HTML5图表库,使用canvas元素来展示各式各样的客户端图表,支持折线图.柱形图.雷达图.饼图.环形图等.在每种图表中,还包含了大量的自定义选项,包括动画展示形式. Char ...

  7. Python编码问题整理

    认识常见编码 GB2312是中国规定的汉字编码,也可以说是简体中文的字符集编码 GBK 是 GB2312的扩展 ,除了兼容GB2312外,它还能显示繁体中文,还有日文的假名 cp936:中文本地系统是 ...

  8. 赞!15个来自 CodePen 的酷炫 CSS 动画效果

    CodePen 是一个在线的前端代码编辑和展示网站,能够编写代码并即时预览效果.你在上面可以在线分享自己的 Web 作品,也可以欣赏到世界各地的优秀开发者在网页中实现的各种令人惊奇的效果. 今天这篇文 ...

  9. 【模式匹配】Aho-Corasick自动机

    1. 多模匹配 AC自动机(Aho-Corasick Automaton)是多模匹配算法的一种.所谓多模匹配,是指在字符串匹配中,模式串有多个.前面所介绍的KMP.BM为单模匹配,即模式串只有一个.假 ...

  10. 关于WEB Service&WCF&WebApi实现身份验证之WCF篇(1)

    WCF身份验证一般常见的方式有:自定义用户名及密码验证.X509证书验证.ASP.NET成员资格(membership)验证.SOAP Header验证.Windows集成验证.WCF身份验证服务(A ...