-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Karl,
On 1/25/16 7:41 AM, Karl Hauschildt wrote: > Hmmm... It appears that the requests are coming in as the > tomcatadmin user which makes sense as that's what the deploy task > is configured to use. In this cased, the target box is Linux and > there is no tomcatadmin setup. When the sysadmin's get in ... Remember that the username used for HTTP authentication has no connection to system-level users. The username used in the Ant tasks to deploy your web applications only has to agree with those users you have configured in conf/tomcat-users.xml (on the target server where the manager app is actually running). Also remember that Tomcat won't re-load conf/tomcat-users.xml while it's running... you'll have to bounce Tomcat to pick-up any changes you make. Hope that helps, - -chris > On Mon, Jan 25, 2016 at 7:17 AM, Mark Thomas <ma...@apache.org> > wrote: > >> On 25/01/2016 12:02, Karl Hauschildt wrote: >>> Specifically what would I do to enable the logging? I raised >>> the level(s) to FINEST and DEBUG wherever I saw them at >>> something higher. Thanks again. >> >> http://tomcat.apache.org/tomcat-8.0-doc/config/valve.html#Access_Log_ Valve >> >> >> Mark >> >> >>> >>> On Mon, Jan 25, 2016 at 6:57 AM, Mark Thomas <ma...@apache.org> >>> wrote: >>> >>>> On 25/01/2016 11:42, Karl Hauschildt wrote: >>>>> Hi Mark: >>>>> >>>>> This is what I have in the tomcat-users.xml. And I've tried >>>>> pairing it >>>> down >>>>> to all the various combo's per suggestions in searches. >>>>> Behavior never changes. >>>>> >>>>> <role rolename="manager-gui"/> <role >>>>> rolename="manager-script"/> <role rolename="manager-jmx"/> >>>>> <role rolename="manager-status"/> <user >>>>> username="tomcatadmin" password="tomcatpwd" >>>>> roles="manager-gui,manager-script,manager-jmx,manager-status"/> >>>>> >>>>> >>>>> Thanks for taking the time to think about this. >>>> >>>> OK. Make sure you have actually removed all the XML comment >>>> markers from around those entries. >>>> >>>> Next, be aware that allocating the manager-gui and >>>> manager-script roles to the same user exposes you to CSRF >>>> attacks. Not necessarily an issue as long as you are a) aware >>>> and b) careful (i.e. if you connect to the manager gui don't >>>> do anything else in the same browser and close the browser >>>> completely when you are done. >>>> >>>> After that, I'd modify your access log configuration to log >>>> the name of the authenticated user and then see what it says >>>> when you try and >> deploy. >>>> >>>> Mark >>>> >>>> >>>>> >>>>> On Mon, Jan 25, 2016 at 2:41 AM, Mark Thomas >>>>> <m...@homeinbox.net> >> wrote: >>>>> >>>>>> On 24 January 2016 21:49:40 GMT+00:00, Karl Hauschildt < >>>>>> karl.hauschi...@gmail.com> wrote: >>>>>>> >>>>>>> >>>>>>> Background: >>>>>>> >>>>>>> JAVA Web application, Eclipse workspace with an ANT >>>>>>> build.xml. >>>>>>> >>>>>>> Using Windows, this project builds using java 1.7, >>>>>>> deploys to >> multiple >>>>>>> Solaris environments running Tomcat 5, 6 or 7 and runs >>>>>>> cleanly. >>>>>>> >>>>>>> >>>>>>> >>>>>>> I have to deploy the preceding to a Linux environment >>>>>>> with Tomcat 8. Which is running JAVA 1.8 >>>>>>> >>>>>>> >>>>>>> >>>>>>> Problem: >>>>>>> >>>>>>> The deploy task fails with: BUILD FAILED.... >>>>>>> java.io.IOException: >> Error >>>>>>> writing request body to server >>>>>>> >>>>>>> Looking in the Tomcat, localhost.log, I see: "PUT >>>>>>> /manager/deploy?path=%2FFXInSite&update=true HTTP/1.1" >>>>>>> 403 3196 >>>>>>> >>>>>>> The other logs contain no errors or warnings. >>>>>>> >>>>>>> >>>>>>> >>>>>>> Investigations: >>>>>>> >>>>>>> I have set the Tomcat (catalina) logging levels to >>>>>>> DEBUG and FINEST. >>>>>>> >>>>>>> I can get into the tomcat and the manager on the same >>>>>>> port as what >> the >>>>>>> delpoyment uses. >>>>>>> >>>>>>> The user that Tomcat is running under ( not root ) has >>>>>>> full >> permissions >>>>>>> to all folders. >>>>>>> >>>>>>> I have compared the server.xml and web.xml >>>>>>> configuration files >> between >>>>>>> Linux and Solaris and they are essentially identical. >>>>>>> >>>>>>> Google searches for anything to do with ANT and the >>>>>>> delpoy task, >> Tomcat >>>>>>> 403 errors, permissions have been unsucessful. >>>>>>> >>>>>>> >>>>>>> >>>>>>> Thank you for your time and consideration. >>>>>> >>>>>> What user have you configured for the deploy task? >>>>>> >>>>>> What roles have you configured for that user? >>>>>> >>>>>> Mark >>>>>> >>>>>> >>>>>> >>>>>> ----------------------------------------------------------------- - ---- >>>>>> >>>>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>>>>> For additional commands, e-mail: >>>>>> users-h...@tomcat.apache.org >>>>>> >>>>>> >>>>> >>>> >>>> >>>> ------------------------------------------------------------------- - -- >>>> >>>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>>> For additional commands, e-mail: >>>> users-h...@tomcat.apache.org >>>> >>>> >>> >> >> >> --------------------------------------------------------------------- >> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> > -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlamr18ACgkQ9CaO5/Lv0PDqywCgpu2TFoXj3FXB6qocfqWnX26j 0mYAn1zCobDmGmUvU5J0Y3xEWjMyaNa4 =O+ZJ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
