问题:

403 Access Denied

You are not authorized to view this page.

If you have already configured the Manager application to allow access and you have used your browsers back button, used a saved book-mark or similar then you may have triggered the cross-site request forgery (CSRF) protection that has been enabled for the HTML interface of the Manager application. You will need to reset this protection by returning to the main Manager page. Once you return to this page, you will be able to continue using the Manager appliction's HTML interface normally. If you continue to see this access denied message, check that you have the necessary permissions to access this application.

If you have not changed any configuration files, please examine the file conf/tomcat-users.xml in your installation. That file must contain the credentials to let you use this webapp.

For example, to add the manager-gui role to a user named tomcat with a password of s3cret, add the following to the config file listed above.

<role rolename="manager-gui"/>

<user username="tomcat" password="s3cret" roles="manager-gui"/>

Note that for Tomcat 7 onwards, the roles required to use the manager application were changed from the single manager role to the following four roles. You will need to assign the role(s) required for the functionality you wish to access.

manager-gui - allows access to the HTML GUI and the status pages

manager-script - allows access to the text interface and the status pages

manager-jmx - allows access to the JMX proxy and the status pages

manager-status - allows access to the status pages only

The HTML interface is protected against CSRF but the text and JMX interfaces are not. To maintain the CSRF protection:

Users with the manager-gui role should not be granted either the manager-script or manager-jmx roles.

If the text or jmx interfaces are accessed through a browser (e.g. for testing since these interfaces are intended for tools not humans) then the browser must be closed afterwards to terminate the session.

tomcat-users.xml配置内容为:

<!--

  <role rolename="tomcat"/>

  <role rolename="role1"/>

  <user username="tomcat" password="tomcat" roles="tomcat"/>

  <user username="both" password="tomcat" roles="tomcat,role1"/>

  <user username="role1" password="tomcat" roles="role1"/>

-->

     <user username="admin" password="admin" roles="manager"/> 

</tomcat-users>

解决方案:

<user username="admin" password="admin" roles="manager"/>改为:

<user username="admin" password="admin" roles="manager-gui"/>即可。

原因是tomcat8中role已经manager换为manager-gui了。

Tomcat8访问管理页面localhost出现:403 Access Denied的更多相关文章

  1. tomcat访问管理页面出现:403 Access Denied 解决方法

    点击红色框框出现以下403错误 打开context.xml文件 vim /usr/local/tomcat/webapps/manager/META-INF/context.xml <Conte ...

  2. 访问nginx-php页面的时候 报access denied.

    访问页面的时候出现这个时access denied 只需到/usr/local/php/etc/php.ini中修改一下 把这个注释掉 ;open_basedir =  把这个值赋值为1  cgi.f ...

  3. Linux Tomcat8 访问管理页面 403 Access Denied

    http://blog.csdn.net/u012167045/article/details/61624226 1:修改conf/tomcat-users.xml配置文件 2:vi /usr/loc ...

  4. tomcat8 管理页面403 Access Denied的解决方法

      安装tomcat,配置好tomcat环境变量以后,访问manager app页面,出现403 Access Denied错误,解决的方法如下: 首先在conf/tomcat-users.xml文件 ...

  5. tomcat管理页面403 Access Denied的解决方法

    安装tomcat,配置好tomcat环境变量以后,访问manager app页面,出现403 Access Denied错误,解决的方法如下: 首先在conf/tomcat-users.xml文件里面 ...

  6. JavaWeb——tomcat manager 403 Access Denied .You are not authorized to view this page.

    403 Access Denied You are not authorized to view this page. If you have already configured the Manag ...

  7. Tomcat 9.0 配置问题 403 Access Denied

    tomcat9.0 管理页面如:http://10.10.10.10:8080/manager/html出现如下错误: 403 Access Denied 1.需要配置: Tomcat/conf/to ...

  8. Tomcat的Manager显示403 Access Denied

    管理tomcat的时候遇到了以下问题: 1.刚开始需要用户名密码,不知道用户名和密码是什么,但是输入什么都不正确. 解决办法: 自己在tomcat-users.xml中按格式添加用户 conf文件夹里 ...

  9. mysqladmin: connect to server at 'localhost' failed error: 'Access denied for user 'root'@'localhost' (using password: YES)'

    就当作自己忘记Mysql密码把,忘记密码的解决方法 一.mysql登录错误mysqladmin: connect to server at 'localhost' failederror: 'Acce ...

随机推荐

  1. querySelector和querySelectorAll

    jQuery被开发者如此的青睐和它强大的选择器有很大关系,比起笨重的document.getElementById.document.getElementByName… ,查找元素很方便,其实W3C中 ...

  2. jetty

    相关的文章太多了,我只按照自己的意思做简单总结. 参见: http://www.cnblogs.com/duanxz/p/3154982.html http://www.cnblogs.com/win ...

  3. Java基础之String、StringBuffer、StringBuilder

    1:String类:字符串(重点) (1)多个字符组成的一个序列,叫字符串. 生活中很多数据的描述都采用的是字符串的.而且我们还会对其进行操作. 所以,java就提供了这样的一个类供我们使用. (2) ...

  4. 老学员的学习感悟 --prince2认证有什么用

    2007年一月,我加入了荷兰Irdeto(中国)有限公司.刚入公司,我就结识了PRINCE2(受控环境下的项目管理),才知道prince2是英国政府在政府项目中使用的项目管理标准.这一标准早已在欧洲广 ...

  5. Bootstrap~大叔封装的弹层

    回到目录 对于Bootstrap的弹层,插件有很多,今天主要用的是它自带的功能,通过bootstrap提供的模式窗口来实现的,而大叔主要对使用方法进行了封装,开发人员可以自己动态传入弹层的HTML内容 ...

  6. js笔记——理解js中的call及apply

    call及apply在js里经常碰得到,但一直感觉很陌生,不能熟练使用.怎样才能熟练应用呢? 为什么存在call和apply? 在javascript OOP中,我们经常会这样定义: function ...

  7. NFC:Arduino、Android与PhoneGap近场通信

    NFC:Arduino.Android与PhoneGap近场通信(第一本全面讲解NFC应用开发的技术著作移动智能设备近距离通信编程实战入门) [美]Tom Igoe(汤姆.伊戈),Don Colema ...

  8. hadoop安装遇到的各种异常及解决办法

    hadoop安装遇到的各种异常及解决办法 异常一: 2014-03-13 11:10:23,665 INFO org.apache.hadoop.ipc.Client: Retrying connec ...

  9. JSP网站开发基础总结《十》

    经过上一篇的介绍相信大家对JSP提供的过滤器一定有了一个概念,本篇我们就一起再来研究一下关于创建多个过滤器时,如果有两个以上过滤器的过滤规则相同,那么这些过滤器的执行顺序如何呢?答案是根据我们在web ...

  10. backbone库学习-model

    backbone库的结构: http://www.cnblogs.com/nuysoft/archive/2012/03/19/2404274.html 本文所有例子来自于http://blog.cs ...