Hello Enrico, I build an RPM from source file (https://archive.apache.org/dist/tomcat/tomcat-9/v%{version}/bin/apache-tomcat-%{version}.tar.gz) with manager application enabled.
In both tests I had installed the RPM fresh and generated the hash of password using /opt/tomcat/bin/digest.sh file. Strangely, I had failure with 9.0.30 as well. Btw, I'm installing the tomcat on CentOS 8.1 with jre1.8 (1.8.0_162). Please do let me know if you need any other information from my system. Thanks, Vishal -----Original Message----- From: Enrico Olivelli <eolive...@gmail.com> Sent: Thursday, February 27, 2020 5:11 AM To: Tomcat Users List <users@tomcat.apache.org> Subject: Re: /manager/text/list fails in 9.0.31, works in 9.0.27 I am investingating this issue with NetBeans and Tomcat 9.0.31 https://issues.apache.org/jira/browse/NETBEANS-3917 This problem report MAY be related, NetBeans is not able to list applications or to access the /manager/text API. It works well with 9.0.30. I will be back with news if it is a Tomcat issue or a NetBeans one. From Tomcat release notes I see nothing about a potential breakage. Using a fresh new untarred Tomcat 9.0.31 does not work. If I remove the "lib" directory and I replace it with the one from Tomcat 9.0.30 all works as expected. Regards Enrico Il giorno gio 27 feb 2020 alle ore 09:07 Mark Thomas <ma...@apache.org> ha scritto: > > On 26/02/2020 18:57, Vishal Agrawal wrote: > > Hello, > > > > I have manager endpoint enabled in my tomcat install. > > > > When I list the manager endoing in tomcat 9.0.31, I get a 401 > > Unauthorized error - > > > > curl -u tomcat:secret http://127.0.0.1:8080/manager/text/list > > > > <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" > > "http://www.w3.org/TR/html4/strict.dtd";> > > <html> > > <head> > > <title>401 Unauthorized</title> > > ... > > </html> > > > > > > However, when I call it in tomcat 9.0.27 it works as expected... > > > > curl -u tomcat:secret http://127.0.0.1:8080/manager/text/list in tomcat > > 9.0.27 it works as expected... > > OK - Listed applications for virtual host [localhost] > > /manager:running:0:manager > > > > The password is configured in tomcat-users.xml using the output from > > /opt/tomcat/bin/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2f > > digest.sh&c=E,1,3tDk5vwY_zoM19PIwVKe3fyfwRAXV_7a8MrPXyx5XiQ5db4bmp89 > > IB1v74yX6cNBQO6ob5X1vfgWGe5Fe0T0DHm6eweKRmHiAyvxG_4cIwsd218AJPe3&typ > > o=1 -a sha-512 -h > > org.apache.catalina.realm.MessageDigestCredentialHandler secret > > secret:ca858d2d5c3e86702ed03b90b1808205a4dc795330deac90380dd3642bcab > > 92a$1$b5affd62902693d01f95bb8798b9c02982dbe58038d5e5064a77fa8a009515 > > 61cf63d5491a33d86fb2bee930335f3e3ceb324a8a8459d2966231392072ff4d82 > > > >> cat /opt/tomcat/conf/tomcat-users.xml > > ... > > <role rolename="manager-script"/> > > <user username="user1" > > password="7244776efd3bbf6f9a56dfdc6443f898d39b13623ea349929ecf66748cde0923$1$22aab528369d6c453adca7e4928fff24f77110d15bd2e9786554c2dcdf628847a88f9a459e8cec0c942545a83156ca737eb0edb700563d00f926cb8f29fc4d73" > > roles="manager-script"/> ... > > > > I compared the conf folders in both 9.0.27 and 9.0.31 and they appear to be > > identical. > > > > Can someone please help me what I may need to configure more? > > I've just tested the latest 9.0.x code and this works as expected for > me. There have been no code changes in this area since 9.0.31. > Further, I don't see anything likely to be relevant in the history > between 9.0.27 and 9.0.31. > > I've tested the "ca858..." and the "72447..." credential string above. > The "ca858..." string works. The "72447..." does not. Not sure what > went wrong but that incorrect credential string is the issue. > > Mark > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
