403 Access Denied

You are not authorized to view this page.

If you have already configured the Manager application to allow access and you have used your browsers back button, used a saved book-mark or similar then you may have triggered the cross-site request forgery (CSRF) protection that has been enabled for the HTML interface of the Manager application. You will need to reset this protection by returning to the main Manager page. Once you return to this page, you will be able to continue using the Manager appliction’s HTML interface normally. If you continue to see this access denied message, check that you have the necessary permissions to access this application.

If you have not changed any configuration files, please examine the file conf/tomcat-users.xml in your installation. That file must contain the credentials to let you use this webapp.

For example, to add the manager-gui role to a user named tomcat with a password of s3cret, add the following to the config file listed above.

Note that for Tomcat 7 onwards, the roles required to use the manager application were changed from the single manager role to the following four roles. You will need to assign the role(s) required for the functionality you wish to access.

manager-gui - allows access to the HTML GUI and the status pages
manager-script - allows access to the text interface and the status pages
manager-jmx - allows access to the JMX proxy and the status pages
manager-status - allows access to the status pages only
The HTML interface is protected against CSRF but the text and JMX interfaces are not. To maintain the CSRF protection:

Users with the manager-gui role should not be granted either the manager-script or manager-jmx roles.
If the text or jmx interfaces are accessed through a browser (e.g. for testing since these interfaces are intended for tools not humans) then the browser must be closed afterwards to terminate the session.

一般遇到此问题的解决方案是:
D:\tomcat-8.5.34\conf/tomcat-users.xml
在此文件中添加用户和角色:

但是tomcat8.5 更改之后,仍然访问拒绝。

还需步骤如下:
D:\tomcat-8.5.34/webapps/manager/META-INF/context.xml

备注:将
Valve className=”org.apache.catalina.valves.RemoteAddrValve”
allow=”127.\d+.\d+.\d+|::1|0:0:0:0:0:0:0:1” /> 注解掉。

之后就可以访问 localhost:8080/manager/html页面

JavaWeb——tomcat manager 403 Access Denied .You are not authorized to view this page.的更多相关文章

  1. tomcat在浏览器输入用户名和密码后报错Tomcat Manager App--403 Access Denied You are not authorized to view this page

    报错截图:Tomcat Manager App--403 Access Denied You are not authorized to view this page 解决办法: 1.关闭Tomcat ...

  2. Tomcat8访问管理页面localhost出现:403 Access Denied

    问题: Access Denied You are not authorized to view this page. If you have already configured the Manag ...

  3. Tomcat的Manager显示403 Access Denied

    管理tomcat的时候遇到了以下问题: 1.刚开始需要用户名密码,不知道用户名和密码是什么,但是输入什么都不正确. 解决办法: 自己在tomcat-users.xml中按格式添加用户 conf文件夹里 ...

  4. Tomcat 9.0 配置问题 403 Access Denied

    tomcat9.0 管理页面如:http://10.10.10.10:8080/manager/html出现如下错误: 403 Access Denied 1.需要配置: Tomcat/conf/to ...

  5. tomcat管理页面403 Access Denied的解决方法

    安装tomcat,配置好tomcat环境变量以后,访问manager app页面,出现403 Access Denied错误,解决的方法如下: 首先在conf/tomcat-users.xml文件里面 ...

  6. tomcat8 管理页面403 Access Denied的解决方法

      安装tomcat,配置好tomcat环境变量以后,访问manager app页面,出现403 Access Denied错误,解决的方法如下: 首先在conf/tomcat-users.xml文件 ...

  7. linux 访问tomcat 管理页面时 You are not authorized to view this page 403(真实可用)

    ava代码 收藏代码 You are not authorized to view this page. If you have not changed any configuration files ...

  8. 运行JavaWeb项目报错Access denied for user 'root'@'localhost' (using password: YES)

    问题重现:(以下讨论范围仅限Windows环境): C:\AppServ\MySQL> mysql -u root -p Enter password: ERROR 1045 (28000):  ...

  9. 403 Access Denied :进入Tomcat的manager时拒绝访问

    解决办法: https://blog.csdn.net/Hello_World_QWP/article/details/79581174

随机推荐

  1. Linux c 获取cpu使用率

    部分代码改编自来自http://blog.csdn.net/primeprime/article/details/41458731 主要的原理就是获取top -n 1 | grep Cpu执行的结果, ...

  2. HTML5⑥

    <!DOCTYPE html> <html> <head lang="en"> <meta charset="UTF-8&quo ...

  3. chrome扩展应用实例

    chrome extensions 基本组成,唯一必要的文件就是manifest.json这个应用的配置清单 manifest.json中前三个参数为必要参数,其他的可选: { "name ...

  4. 查看shell 命令 路径

    type [root@web01 ~]# type mount mount is /bin/mount which [root@web01 ~]# type ifconfig ifconfig is ...

  5. Unable to load DLL 'api-ms-win-core-localization-l1-2-0.dll': 找不到指定的模块

    asp.net mvc 4.6 发布到WinServer2008R2 SP1 提示 错误 Unable to load DLL 'api-ms-win-core-localization-l1-2-0 ...

  6. React项目新手指南

    对于程序员而言:驼峰和下划线之间是一场宗派战争:大括号是否换行会成为一种党派:逗号写在行尾还是行首的人来自不同星球…… 然而,无规矩不成方圆,任何一个团队,要想有高质量的产出,第一步必须要对一些基本的 ...

  7. Layer For Mobile 弹窗 input输入文字后,点击取消确定按钮失效(需点击两次)

    webapp中使用Layer For Mobile弹出弹窗,修改昵称输入文字后,ios手机中,如果不先点击收起键盘,两个按钮点击之后无效... 两个按钮的方法是写在这里的——> 最后只能吧点击按 ...

  8. 基于Verilog的按键检测实验

    一.模块框图及基本思路 detect_module:检测按键输入脚的电平边沿变化 delay_10ms_module:延时消抖,输出按键有效信号 debounce_module:前两个模块的组合模块 ...

  9. Python 进程池的异步方法

    import time from multiprocessing import Process,Pool def f1(n): time.sleep(0.5) # print(n) return n* ...

  10. Python 测试多进程的时间

    import time from multiprocessing import Process def f1(): time.sleep(2) print("子进程1号") def ...