Dan, Thanks for the help. I opened the server.xml.orig file (from the Tomcat installation) and copied the GlobalNamingResources and Engine and restarted Tomcat. Afterwards I was able to login using the username and password located in the tomcat-users.xml file.
Thanks, Justin LaRose Database & Web Services Administrator NEXCOM (757) 631-3443 justin.lar...@nexweb.org From: Daniel Mikusa <dmik...@vmware.com> To: Tomcat Users List <users@tomcat.apache.org> Date: 11/16/2011 02:21 PM Subject: Re: tomcat manager/status question Justin, Assuming that is the entire file, it looks like you do not have a UserDatabase or a Realm defined. You need to define a UserDatabase Resource tag and a Realm for the security configuration. This is required by the manager application perform authentication and authorization. This configuration will look something like the following (non-essential elements removed for brevity)... <Server..> <GlobalNamingResources> <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" /> </GlobalNamingResources> <Service...> <Engine...> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/> </Engine> </Service> </Server> For a complete example, grab a fresh copy of Tomcat and take a look at the server.xml file that is packaged with it. It has both of these elements defined and some comments which explain how it works. Dan On Wed, 2011-11-16 at 11:04 -0800, Justin Larose wrote: > I have copied my server.xml file below. > ______________ > > <Server port="8405" shutdown="Shutdown.SerenaCommonTomcat"> > <!-- <Listener > className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" > /> --> > <Listener className="org.apache.catalina.core.JasperListener"/> > <Listener > className="org.apache.catalina.mbeans.ServerLifecycleListener"/> > <Listener > className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/> > > <Service name="Catalina"> > > <Connector connectionTimeout="20000" port="18080" > protocol="HTTP/1.1" redirectPort="8443" server="Unknown Web Server/1.0"/> > > <!-- Define a SSL HTTP/1.1 Connector on port 8443, using only > 128-bit+ encryption (remove ciphers attribute if not needed). --> > <!-- <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" > maxThreads="150" scheme="https" secure="true" clientAuth="false" > sslProtocol="TLS" ciphers="TLS_DHE_RSA_WITH_AES_128_CBC_SHA, > SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, > TLS_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA" > server="Unknown Web Server/1.0"/> --> > > <Connector SSLEnabled="true" acceptCount="100" clientAuth="false" > disableUploadTimeout="true" enableLookups="false" keyAlias="tomcat" > keystoreFile="conf/sample-ssl.jks" keystorePass="*****" > maxHttpHeaderSize="8192" maxSpareThreads="75" maxThreads="150" > minSpareThreads="25" port="8443" scheme="https" secure="true" > sslProtocol="TLS" strategy="ms" truststoreFile="conf/sample-ssl.jks" > truststorePass="*****"/> > > <Connector SSLEnabled="true" acceptCount="100" clientAuth="true" > disableUploadTimeout="true" enableLookups="false" keyAlias="tomcat" > keystoreFile="conf/sample-ssl.jks" keystorePass="*****" > maxHttpHeaderSize="8192" maxSpareThreads="75" maxThreads="150" > minSpareThreads="25" port="8543" scheme="https" secure="true" > sslProtocol="TLS" strategy="ms" truststoreAlgorithm="AnyCert" > truststoreFile="conf/sample-ssl.jks" truststorePass="*****"/> > > <!-- Define an AJP 1.3 Connector on port 8409. --> > <Connector port="8409" protocol="AJP/1.3" redirectPort="8443" > server="Unknown Web Server/1.0"/> > > <Engine defaultHost="localhost" name="Catalina"> > <Host appBase="webapps" autoDeploy="true" name="localhost" > unpackWARs="true" xmlNamespaceAware="false" xmlValidation="false"/> > </Engine> > > </Service> > </Server> > > > _______________ > > Thanks, > Justin LaRose > Database & Web Services Administrator > NEXCOM > (757) 631-3443 > justin.lar...@nexweb.org > > > > From: Daniel Mikusa <dmik...@vmware.com> > To: Tomcat Users List <users@tomcat.apache.org> > Date: 11/14/2011 04:26 PM > Subject: Re: tomcat manager/status question > > > Justin, > > Your "conf/tomcat-users.xml" looks fine to me. I copied and pasted it > into a stock Tocmat 6.0.33 server on my machine and it worked fine. > > At this point, you might want to also post your "conf/server.xml" file. > > Dan > > > > On Mon, 2011-11-14 at 13:00 -0800, Justin Larose wrote: > > Yes I have restarted tomcat after editing this file: > > > > <?xml version='1.0' encoding='cp1252'?> > > <tomcat-users> > > <role rolename="manager-gui"/> > > <user username="admin" password="********" roles="manager-gui" > /> > > </tomcat-users> > > > > > > > > Thanks, > > Justin LaRose > > Database & Web Services Administrator > > NEXCOM > > (757) 631-3443 > > justin.lar...@nexweb.org > > > > > > > > From: Daniel Mikusa <dmik...@vmware.com> > > To: Tomcat Users List <users@tomcat.apache.org> > > Date: 11/14/2011 02:32 PM > > Subject: Re: tomcat manager/status question > > > > > > Justin, > > > > What exactly do you have in your "conf/tomcat-users.xml" file? If you > > could include the contents of the file inline here, that would be > > helpful. > > > > Don't forget to redact passwords and other sensitive info. > > > > Dan > > > > > > On Mon, 2011-11-14 at 11:18 -0800, Justin Larose wrote: > > > Question: I upgraded my Tomcat version to 6.0 using the > > > apache-tomcat-6.0.33.exe file and I am trying to access the manager > > > and the status pages here: localhost:port\index.jsp > > > I get to the default Tomcat page and select "status" and I get a login > > > prompt. After entering the username and password that I have > > > configured in the \conf\tomcat-users.xml > > > file it just asks for the password again and again. After the 3rd > > > attempt it will default to the 401 page that talks about configuring > > > the tomcat-users.xml file. I also get the same error after selecting > > > the "manager" link as well. > > > > > > Do I need to install another portion of Tomcat to get this feature to > > > work? > > > > > > > > > > > > Thanks, > > > Justin LaRose > > > Database & Web Services Administrator > > > NEXCOM > > > (757) 631-3443 > > > justin.lar...@nexweb.org > > > > > > > > > ****************************************************************************** > > > This email and any files transmitted with it are intended solely for > > > the use of the individual or agency to whom they are addressed. > > > If you have received this email in error please notify the Navy > > > Exchange Service Command e-mail administrator. This footnote > > > also confirms that this email message has been scanned for the > > > presence of computer viruses. > > > > > > Thank You! > > > > > > ****************************************************************************** > > > > > >
