问题:

403 Access Denied

You are not authorized to view this page.

If you have already configured the Manager application to allow access and you have used your browsers back button, used a saved book-mark or similar then you may have triggered the cross-site request forgery (CSRF) protection that has been enabled for the HTML interface of the Manager application. You will need to reset this protection by returning to the main Manager page. Once you return to this page, you will be able to continue using the Manager appliction's HTML interface normally. If you continue to see this access denied message, check that you have the necessary permissions to access this application.

If you have not changed any configuration files, please examine the file conf/tomcat-users.xml in your installation. That file must contain the credentials to let you use this webapp.

For example, to add the manager-gui role to a user named tomcat with a password of s3cret, add the following to the config file listed above.

<role rolename="manager-gui"/>

<user username="tomcat" password="s3cret" roles="manager-gui"/>

Note that for Tomcat 7 onwards, the roles required to use the manager application were changed from the single manager role to the following four roles. You will need to assign the role(s) required for the functionality you wish to access.

manager-gui - allows access to the HTML GUI and the status pages

manager-script - allows access to the text interface and the status pages

manager-jmx - allows access to the JMX proxy and the status pages

manager-status - allows access to the status pages only

The HTML interface is protected against CSRF but the text and JMX interfaces are not. To maintain the CSRF protection:

Users with the manager-gui role should not be granted either the manager-script or manager-jmx roles.

If the text or jmx interfaces are accessed through a browser (e.g. for testing since these interfaces are intended for tools not humans) then the browser must be closed afterwards to terminate the session.

tomcat-users.xml配置内容为:

<!--

  <role rolename="tomcat"/>

  <role rolename="role1"/>

  <user username="tomcat" password="tomcat" roles="tomcat"/>

  <user username="both" password="tomcat" roles="tomcat,role1"/>

  <user username="role1" password="tomcat" roles="role1"/>

-->

     <user username="admin" password="admin" roles="manager"/> 

</tomcat-users>

解决方案:

<user username="admin" password="admin" roles="manager"/>改为:

<user username="admin" password="admin" roles="manager-gui"/>即可。

原因是tomcat8中role已经manager换为manager-gui了。

Tomcat8访问管理页面localhost出现:403 Access Denied的更多相关文章

  1. tomcat访问管理页面出现:403 Access Denied 解决方法

    点击红色框框出现以下403错误 打开context.xml文件 vim /usr/local/tomcat/webapps/manager/META-INF/context.xml <Conte ...

  2. 访问nginx-php页面的时候 报access denied.

    访问页面的时候出现这个时access denied 只需到/usr/local/php/etc/php.ini中修改一下 把这个注释掉 ;open_basedir =  把这个值赋值为1  cgi.f ...

  3. Linux Tomcat8 访问管理页面 403 Access Denied

    http://blog.csdn.net/u012167045/article/details/61624226 1:修改conf/tomcat-users.xml配置文件 2:vi /usr/loc ...

  4. tomcat8 管理页面403 Access Denied的解决方法

      安装tomcat,配置好tomcat环境变量以后,访问manager app页面,出现403 Access Denied错误,解决的方法如下: 首先在conf/tomcat-users.xml文件 ...

  5. tomcat管理页面403 Access Denied的解决方法

    安装tomcat,配置好tomcat环境变量以后,访问manager app页面,出现403 Access Denied错误,解决的方法如下: 首先在conf/tomcat-users.xml文件里面 ...

  6. JavaWeb——tomcat manager 403 Access Denied .You are not authorized to view this page.

    403 Access Denied You are not authorized to view this page. If you have already configured the Manag ...

  7. Tomcat 9.0 配置问题 403 Access Denied

    tomcat9.0 管理页面如:http://10.10.10.10:8080/manager/html出现如下错误: 403 Access Denied 1.需要配置: Tomcat/conf/to ...

  8. Tomcat的Manager显示403 Access Denied

    管理tomcat的时候遇到了以下问题: 1.刚开始需要用户名密码,不知道用户名和密码是什么,但是输入什么都不正确. 解决办法: 自己在tomcat-users.xml中按格式添加用户 conf文件夹里 ...

  9. mysqladmin: connect to server at 'localhost' failed error: 'Access denied for user 'root'@'localhost' (using password: YES)'

    就当作自己忘记Mysql密码把,忘记密码的解决方法 一.mysql登录错误mysqladmin: connect to server at 'localhost' failederror: 'Acce ...

随机推荐

  1. 十分钟搞定CSS选择器

    在最近的web开发中是不是就会用到一些选择器,发现很多尤其是CSS3新增的不太熟悉,在此总结一下. 优先级 不同级别 1. 在属性后面使用 !important 会覆盖页面内任何位置定义的元素样式. ...

  2. KindEditor编辑器For DotNet控件

    KindEditor很不错,刚接触不久,非常喜欢.KindEditor网站有ForPHP等扩展的,没有ForNet的. 我是搞.net开发的,就用它简单封装了一个控件,拖过来即可使用,使用更加简单.源 ...

  3. CSS折行小记

    最近项目中遇到字段内容过长的显示问题. 后来在网上找了资料,http://www.php100.com/html/webkaifa/DIV_CSS/2009/0416/2453.html  用了td( ...

  4. swagger:The World's Most Popular Framework for APIs.

    swagger官网:http://swagger.io/ swagger ui demo:http://petstore.swagger.io 让API文档总是与API定义同步更新,是一件非常有价值的 ...

  5. Atitit 知识图谱解决方案:提供完整知识体系架构的搜索与知识结果overview

    Atitit 知识图谱解决方案:提供完整知识体系架构的搜索与知识结果overview   知识图谱的表示和在搜索中的展1 提升Google搜索效果3 1.找到最想要的信息.3 2.提供最全面的摘要.4 ...

  6. DOM_05之DOM、BOM常用对象

    1.HTML DOM常用对象之Table:①创建:createTHead():createTBody():createTFoot():②删除:deleteTHead():deleteTFoot():③ ...

  7. Unity5.x在WP8.1中无法使用Reflection API的解决方法

    下班前随便写点,虽然花了不少时间但是最终得到的解决方法还是比较简单的. 第一种方法:使用WinRTLegacy.dll中的类.这个dll在生成的WP project中是自带的无需在unity工程中添加 ...

  8. SAP Business One系统功能介绍

    SAP Business One(简称SAP B One)是一套价格合理.易于实施的综合业务管理解决方案.该解决方案专为中小型企业量身打造,可确保实现公司发展.提高可盈利性和控制力度以及实现业务流程的 ...

  9. Design3:使用HierarchyID构建数据的分层结构

    1,传统的分层结构是父子结构,表结构中有一个ParentID字段自引用表的主键,表示“归属”关系,例如 create table dbo.emph ( ID int not null primary ...

  10. Oracle 11g系列:SQL Plus与PL/SQL

    SQL Plus是Oracle提供的一种用户接口,是数据库与用户之间进行交互的工具. PL/SQL是Oracle的过程化编程语言. 1.登录SQL Plus 利用Windows的[开始]|[运行]命令 ...