Tomcat with HTTPD front end. Manager app not accessible

Solution 1:

This is an educated guess. I think this might be a case of both the Manager part and Apache using HTTP authentication headers for authentication.

When the client connects to http://localhost/manager, Apache asks for authentication credentials for LDAP authentication. The client will then send the authentication information to Apache, which accepts the requests and passes it to Tomcat's manager part.

However, since the credentials are not what were defined for the manager, it returns 403 error.

The solution would be to exclude /manager part from the LDAP authentication. Unfortunately I don't know how that would be done within Apache.

Solution 2:

based on https://stackoverflow.com/questions/5808206/how-to-fix-tomcat-http-status-403-access-to-the-requested-resource-has-been-den

it seems that you are missing a role definition.

In the tomcat-users.xml file add a user with the role manager :

<role rolename="manager"/>
<user username="admin" password="admin" roles="manager"/>