I just installed tomcat 9.0.37 on my ubuntu 20.04 system. The install
worked just fine, no errors of any kind.
I modified the tomcat-users.xml file to have the following content
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<tomcat-users xmlns="http://tomcat.apache.org/xml";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="http://tomcat.apache.org/xml
tomcat-users.xsd"
version="1.0">
<!--
NOTE: By default, no user is included in the "manager-gui" role required
to operate the "/manager/html" web application. If you wish to use this
app,
you must define such a user - the username and password are arbitrary. It
is
strongly recommended that you do NOT use one of the users in the
commented out
section below since they are intended for use with the examples web
application.
-->
<!--
NOTE: The sample user and role entries below are intended for use with
the
examples web application. They are wrapped in a comment and thus are
ignored
when reading this file. If you wish to configure these users for use with
the
examples web application, do not forget to remove the <!.. ..> that
surrounds
them. You will also need to set the passwords to something appropriate.
-->
<!--
<role rolename="tomcat"/>
<role rolename="role1"/>
<user username="tomcat" password="<must-be-changed>" roles="tomcat"/>
<user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
<user username="role1" password="<must-be-changed>" roles="role1"/>
-->
<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="manager-status"/>
<role rolename="manager-jmx"/>
<user username="my_username" password="my-secret-password"
roles="admin-gui,manager-gui,manager-script,manager-jmx,manager-status/>
</tomcat-users>
I stopped and restarted tomcat
When I visit http://localhost:8080 I see the expected page. When I click on
the "Manager App" button I enter the username and password I entered into
my tomcat users file. But it never accepts my username/password, it just
keeps re-issuing the prompt. I looked at the files in the logs directory
and in the cataline logfile I saw the following message
11-Jul-2020 11:31:12.804 WARNING [http-nio-8080-exec-2]
org.apache.catalina.realm.LockOutRealm.filterLockedAccounts An attempt was
made to authenticate the locked user [my_username]
There were no other messages in the logfile pertaining to my user.
How do I resolve this issue ?
Thanks.
==================
Barry Kimelman
Winnipeg, Manitoba, Canada
