403 Access Denied

You are not authorized to view this page.

If you have already configured the Manager application to allow access and you have used your browsers back button, used a saved book-mark or similar then you may have triggered the cross-site request forgery (CSRF) protection that has been enabled for the HTML interface of the Manager application. You will need to reset this protection by returning to the main Manager page. Once you return to this page, you will be able to continue using the Manager appliction’s HTML interface normally. If you continue to see this access denied message, check that you have the necessary permissions to access this application.

If you have not changed any configuration files, please examine the file conf/tomcat-users.xml in your installation. That file must contain the credentials to let you use this webapp.

For example, to add the manager-gui role to a user named tomcat with a password of s3cret, add the following to the config file listed above.

Note that for Tomcat 7 onwards, the roles required to use the manager application were changed from the single manager role to the following four roles. You will need to assign the role(s) required for the functionality you wish to access.

manager-gui - allows access to the HTML GUI and the status pages
manager-script - allows access to the text interface and the status pages
manager-jmx - allows access to the JMX proxy and the status pages
manager-status - allows access to the status pages only
The HTML interface is protected against CSRF but the text and JMX interfaces are not. To maintain the CSRF protection:

Users with the manager-gui role should not be granted either the manager-script or manager-jmx roles.
If the text or jmx interfaces are accessed through a browser (e.g. for testing since these interfaces are intended for tools not humans) then the browser must be closed afterwards to terminate the session.

一般遇到此问题的解决方案是:
D:\tomcat-8.5.34\conf/tomcat-users.xml
在此文件中添加用户和角色:

但是tomcat8.5 更改之后,仍然访问拒绝。

还需步骤如下:
D:\tomcat-8.5.34/webapps/manager/META-INF/context.xml

备注:将
Valve className=”org.apache.catalina.valves.RemoteAddrValve”
allow=”127.\d+.\d+.\d+|::1|0:0:0:0:0:0:0:1” /> 注解掉。

之后就可以访问 localhost:8080/manager/html页面

JavaWeb——tomcat manager 403 Access Denied .You are not authorized to view this page.的更多相关文章

  1. tomcat在浏览器输入用户名和密码后报错Tomcat Manager App--403 Access Denied You are not authorized to view this page

    报错截图:Tomcat Manager App--403 Access Denied You are not authorized to view this page 解决办法: 1.关闭Tomcat ...

  2. Tomcat8访问管理页面localhost出现:403 Access Denied

    问题: Access Denied You are not authorized to view this page. If you have already configured the Manag ...

  3. Tomcat的Manager显示403 Access Denied

    管理tomcat的时候遇到了以下问题: 1.刚开始需要用户名密码,不知道用户名和密码是什么,但是输入什么都不正确. 解决办法: 自己在tomcat-users.xml中按格式添加用户 conf文件夹里 ...

  4. Tomcat 9.0 配置问题 403 Access Denied

    tomcat9.0 管理页面如:http://10.10.10.10:8080/manager/html出现如下错误: 403 Access Denied 1.需要配置: Tomcat/conf/to ...

  5. tomcat管理页面403 Access Denied的解决方法

    安装tomcat,配置好tomcat环境变量以后,访问manager app页面,出现403 Access Denied错误,解决的方法如下: 首先在conf/tomcat-users.xml文件里面 ...

  6. tomcat8 管理页面403 Access Denied的解决方法

      安装tomcat,配置好tomcat环境变量以后,访问manager app页面,出现403 Access Denied错误,解决的方法如下: 首先在conf/tomcat-users.xml文件 ...

  7. linux 访问tomcat 管理页面时 You are not authorized to view this page 403(真实可用)

    ava代码 收藏代码 You are not authorized to view this page. If you have not changed any configuration files ...

  8. 运行JavaWeb项目报错Access denied for user 'root'@'localhost' (using password: YES)

    问题重现:(以下讨论范围仅限Windows环境): C:\AppServ\MySQL> mysql -u root -p Enter password: ERROR 1045 (28000):  ...

  9. 403 Access Denied :进入Tomcat的manager时拒绝访问

    解决办法: https://blog.csdn.net/Hello_World_QWP/article/details/79581174

随机推荐

  1. Android 音视频深入 十五 FFmpeg 推流mp4文件(附源码下载)

    源码地址https://github.com/979451341/Rtmp 1.配置RTMP服务器 这个我不多说贴两个博客分别是在mac和windows环境上的,大家跟着弄 MAC搭建RTMP服务器h ...

  2. 谈谈我对Linux系统学习的历程回顾

    ​​众所周知,Windows 和Linux 是目前最流行的2个操作系统.Windows系统适合普通用户,它的优势是图形化界面,简单易用,使用起来门槛很低,很容易上手,所以,windows占有了大多数普 ...

  3. ORA-12638: 身份证明检索失败的解决方法

    本地oracle客户端用PLSQL Developer连接远程数据库,每次登录都会在很久之后,出现 ORA-12638: 身份证明检索失败,tnsping 表明TNS配置没有问题. 解决方案: D:\ ...

  4. flask-session 在redis中存储session

    依赖: Flask Flask-Session redis import os from flask import Flask, session, request from flask_session ...

  5. python语法之函数

    函数: 将特定功能代码编写在一个函数里 便于阅读和复用 对一组表达特定功能表达式的封装 使程序模块化 python内置函数: input(),print(),eval()... 函数定义 函数语法格式 ...

  6. Netty的ByteToMessageDecoder/LengthFieldBasedFrameDecoder

    是个inbound handler,channelRead方法里面,用一个bytebuf(cumulation)来把下一个数据包和当前这一个拼在一起,以免同一个请求被拆包.然后callDecode,里 ...

  7. CodeForces - 589B(暴力+排序)

    Dasha decided to bake a big and tasty layer cake. In order to do that she went shopping and bought n ...

  8. 关于使用JPA中@Query注解传递表名/视图名参数的问题

    因碰到需要动态查询不同视图的结果,自己尝试使用@Query注解中传递视图名称参数: @Query("select * from ?1") List<Object> ge ...

  9. JAVA高级篇(一、JVM基本概念)

    一.什么是JVM VM的中文名称叫Java虚拟机,它是由软件技术模拟出计算机运行的一个虚拟的计算机. JVM也充当着一个翻译官的角色,我们编写出的Java程序,是不能够被操作系统所直接识别的,这时候J ...

  10. too many open files(打开的文件过多)解决方法

    https://blog.csdn.net/roy_70/article/details/78423880 版权声明:本文为博主原创文章,未经博主允许不得转载. https://blog.csdn.n ...