I have rebooted. Startup.sh Same tomcat-users.xml no other changes .
With manager button chrome going straight to 401. With Firefox manager button - login box appears works with username tomgui password tomcat as expected. On Tue, 18 Aug 2020, 21:55 Anwar AliKhan, <anwaralikhan...@gmail.com> wrote: > > *With this tomcat-users.xml*<role rolename="manager-script"/> > <role rolename="manager-gui"/> > <role rolename="admin-gui"/> > <role rolename="tomee-admin" /> <!-- Activate/create these lines to get > access to TomEE GUI --> > <role rolename="manager"/> > <user username="tomcat" password="tomcat" roles="admin-script"/> > <user username="tomtest" password="tomtest" roles="manager-gui"/> > > > *Test*curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list > *Result*: > OK - Listed hosts > [localhost]:[] > > > I make same username and password for both admin-script & manager-gui > <role rolename="manager-script"/> > <role rolename="manager-gui"/> > <role rolename="admin-gui"/> > <role rolename="tomee-admin" /> <!-- Activate/create these lines to get > access to TomEE GUI --> > <role rolename="manager"/> > <user username="tomcat" password="tomcat" roles="admin-script"/> > <user username="tomcat" password="tomcat" roles="manager-gui"/> > > > *Test*curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list > *Result:* > curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list > <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" " > http://www.w3.org/TR/html4/strict.dtd";> > <html> > <head> > <title>403 Access Denied</title> > <style type="text/css"> > <!-- > BODY > {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;font-size:12px;} > H1 > {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} > PRE, TT {border: 1px dotted #525D76} > A {color : black;}A.name {color : black;} > > > > *I change different username same password for both admin-script & > manager-gui*<role rolename="manager-script"/> > <role rolename="manager-gui"/> > <role rolename="admin-gui"/> > <role rolename="tomee-admin" /> <!-- Activate/create these lines to get > access to TomEE GUI --> > <role rolename="manager"/> > <user username="tomcat" password="tomcat" roles="admin-script"/> > <user username="tomtest" password="tomcat" roles="manager-gui"/> > > > *Test *curl -u tomcat:tomcat > http://localhost:8080/host-manager/text/list > *Result*: > OK - Listed hosts > [localhost]:[] > > > *Confirmation Test The username must be unique* > <role rolename="manager-script"/> > <role rolename="manager-gui"/> > <role rolename="admin-gui"/> > <role rolename="tomee-admin" /> <!-- Activate/create these lines to get > access to TomEE GUI --> > <role rolename="manager"/> > <user username="tomscript" password="tomcat" roles="admin-script"/> > <user username="tomgui" password="tomcat" roles="manager-gui"/> > <user username="tomadmin" password="tomcat" roles="admin-gui"/> > <user username="tomee" password="tomee" roles="tomee-admin"/> > <user username="admin" password="" roles="manager"/> > > > curl -u *tomscript*:tomcat http://localhost:8080/host-manager/text/list > OK - Listed hosts > [localhost]:[] > > > > <http://www.backbutton.co.uk/> > > > On Tue, 18 Aug 2020, 21:21 Anwar AliKhan, <anwaralikhan...@gmail.com> > wrote: > >> *This works* >> curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list >> OK - Listed hosts >> [localhost]:[] >> >> >> I have rebooted and restarted the browser. >> *BUT with the same tomcat-users.xml * >> >> *It is now going straight to 401.* >> >> *with all three URL* >> *http://localhost:8080/manager/status >> <http://localhost:8080/manager/status>* >> http://localhost:8080/manager/html >> http://localhost:8080/host-manager/html >> >> *tomcat-usersxml* >> >> <role rolename="manager-gui"/> >> <role rolename="manager-script"/> >> <role rolename="admin-gui"/> >> <role rolename="tomee-admin" /> <!-- Activate/create these lines to get >> access to TomEE GUI --> >> <role rolename="manager"/> >> <user username="tomcat" password="tomcat" >> roles="manager-gui,admin-script,admin-gui,tomee-admin,manager"/> >> >> 401 Unauthorized >> You are not authorized to view this page. If you have not changed any >> configuration files, please examine the file conf/tomcat-users.xml in your >> installation. That file must contain the credentials to let you use this >> webapp. >> >> For example, to add the manager-gui role to a user named tomcat with a >> password of s3cret, add the following to the config file listed above. >> >> <role rolename="manager-gui"/> >> <user username="tomcat" password="s3cret" roles="manager-gui"/> >> Note that for Tomcat 7 onwards, the roles required to use the manager >> application were changed from the single manager role to the following four >> roles. You will need to assign the role(s) required for the functionality >> you wish to access. >> >> manager-gui - allows access to the HTML GUI and the status pages >> manager-script - allows access to the text interface and the status pages >> manager-jmx - allows access to the JMX proxy and the status pages >> manager-status - allows access to the status pages only >> The HTML interface is protected against CSRF but the text and JMX >> interfaces are not. To maintain the CSRF protection: >> >> Users with the manager-gui role should not be granted either the >> manager-script or manager-jmx roles. >> If the text or jmx interfaces are accessed through a browser (e.g. for >> testing since these interfaces are intended for tools not humans) then the >> browser must be closed afterwards to terminate the session. >> <http://www.backbutton.co.uk/> >> >> >> On Tue, 18 Aug 2020, 20:46 , <jonmcalexan...@wellsfargo.com.invalid> >> wrote: >> >>> I was going to say it sounds like a persistent cookie... >>> >>> >>> Dream * Excel * Explore * Inspire >>> Jon McAlexander >>> Asst Vice President >>> >>> Middleware Product Engineering >>> Enterprise CIO | Platform Services | Middleware | Infrastructure >>> Solutions >>> >>> 8080 Cobblestone Rd | Urbandale, IA 50322 >>> MAC: F4469-010 >>> Tel 515-988-2508 | Cell 515-988-2508 >>> >>> jonmcalexan...@wellsfargo.com >>> >>> >>> This message may contain confidential and/or privileged information. If >>> you are not the addressee or authorized to receive this for the addressee, >>> you must not use, copy, disclose, or take any action based on this message >>> or any information herein. If you have received this message in error, >>> please advise the sender immediately by reply e-mail and delete this >>> message. Thank you for your cooperation. >>> >>> -----Original Message----- >>> From: Mark Thomas <ma...@apache.org> >>> Sent: Tuesday, August 18, 2020 1:57 PM >>> To: users@tomcat.apache.org >>> Subject: Re: Login appears only once >>> >>> On 18/08/2020 19:45, Anwar AliKhan wrote: >>> > I rebooted the machine , then the login box appeared . >>> > Obviously this is not an ideal solution! >>> >>> Did you close the browser between tests? >>> >>> Mark >>> >>> >>> > On Tue, 18 Aug 2020, 19:07 Anwar AliKhan, <anwaralikhan...@gmail.com> >>> wrote: >>> > >>> >> Hi, >>> >> I deployed an app called tomee using the tomcat manager app. >>> >> >>> >> The first time I selected the app in the tomcat manager to run it. >>> >> a login appeared asking for username and password. >>> >> >>> >> I had not set it up. So it took me to the 403 page . >>> >> >>> >> Now I have set up tomee-admin user. >>> >> >>> >> I stopped restarted tomcat for it to register the contents of >>> >> tomcat-users.xml I no longer get the login Box. It goes straight to >>> >> the 403 page. >>> >> >>> >> *what is the problem ? Thanks for your help* >>> >> >>> >> >>> >> >>> >> <role rolename="manager-gui"/> >>> >> <!-- Activate/create these lines to get access to TomEE GUI --> <role >>> >> rolename="tomee-admin" /> <user username="tomcat" password="s3cret" >>> >> roles="manager-gui"/> <user username="admin" password="" >>> >> roles="manager"/> <user username="tomee" password="tomee" >>> >> roles="tomee-admin" /> HTTP Status 403 – Forbidden >>> >> ------------------------------ >>> >> >>> >> *Type* Status Report >>> >> >>> >> *Message* Access to the requested resource has been denied >>> >> >>> >> *Description* The server understood the request but refuses to >>> >> authorize it. >>> >> ------------------------------ >>> >> Apache Tomcat/9.0.37 >>> >> >>> > >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >>> For additional commands, e-mail: users-h...@tomcat.apache.org >>> >>
