Tomcat Manager keeps asking for Authentication

Sat, 22 Dec 2018 01:12:27 -0800 


I am running Netbean 8.2 and am trying to study a web project from github.

It was stated that certain pages are constrained by the Tomcat Role, in order 
to view the Admin panel.

So, what I did was to alter the Tomcat C:\Program Files\Apache Software 
Foundation\Apache Tomcat 8.0.27\conf\tomcat-user.xml

And here's what I added:

<tomcat-users>
    <role rolename="tomcat"/>
    <role rolename="role1"/>
    <role rolename="manager-gui"/>
    <user password="tomcat" roles="tomcat,manager-gui" username="tomcat"/>
    <user password="tomcat" roles="tomcat,role1" username="both"/>
    <user password="tomcat" roles="role1" username="role1"/>
    <user password="pass" roles="manager-script, administrator" username="me"/>
</tomcat-users>

Error message :
Deployment error: Access to Tomcat server has not been authorized. Set the 
correct username and password with the "manager-script" role in the Tomcat 
customizer in the Server Manager.
See the server log for details.

I also tried below but it can't work also.

<tomcat-users>
    <role rolename="tomcat"/>
    <role rolename="role1"/>
    <role rolename="administrator"/>
    <user password="tomcat" roles="tomcat,administrator" username="tomcat"/>
    <user password="tomcat" roles="tomcat,role1" username="both"/>
    <user password="tomcat" roles="role1" username="role1"/>
    <user password="pass" roles="manager-script, administrator" username="me"/>
</tomcat-users>

Here's the constraint that is imposed at the web.xml under WEB/INF:

 -- You can restrict access to admin pages by uncommenting the code below-->
   <security-role>
      <description>administrator of the website</description>
      <role-name>administrator</role-name>
   </security-role>
   <security-constraint>
      <web-resource-collection>
         <web-resource-name>Admin Login</web-resource-name>
         <url-pattern>/admin_panel/*</url-pattern>
         <url-pattern>/admin/*</url-pattern>
      </web-resource-collection>
      <auth-constraint>
         <role-name>administrator</role-name>
      </auth-constraint>
   </security-constraint>
   
   <login-config>
      <auth-method>BASIC</auth-method>
      <realm-name>Admin Login</realm-name>
   </login-config> -->

Please let me know what I have done wrong.

Tks.

Here's the screenshot of 
https://ibb.co/0V3CCcs

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to