403 Access Denied on Tomcat 8 Manager App without prompting for user/password

tomcat tomcat8

I have set up tomcat 8 according to this, and I have the following tomcat-users.xml file:

<?xml version="1.0" encoding="UTF-8"?>
<tomcat-users xmlns="http://tomcat.apache.org/xml"
              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
              version="1.0"> 
  <role rolename="manager-gui"/>
  <role rolename="manager-script"/>

  <user username="notadmin" password="not_real_pass" roles="manager-gui"/>
  <user username="cargo" password="not_real_pass" roles="manager-script"/>
<tomcat-users/>

When I try to access the Manager App, I get rejected with 403 without any prompt for username and password.

What did I miss in the config?

Edit1: Added full xml file.


This may be work.

Find the CATALINA_HOME/webapps/manager/META-INF/context.xml file and add the comment markers around the Valve.

<Context antiResourceLocking="false" privileged="true" >

<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->

</Context>

You can find more details at this page.


The solution that worked for me is edit context.xml files in both $CATALINA_HOME/webapps/manager/META-INF and $CATALINA_HOME/webapps/host-manager/META-INF where my ip is 123.123.123.123.

<Context antiResourceLocking="false" privileged="true" >
  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|123.123.123.123" />
</Context>

I installed Tomcat 8.5 on Ubuntu and edited $CATALINA_HOME/conf/tomcat-users.xml:

<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<user username="myuser" password="mypass" roles="admin-gui,manager-gui"/>

However, I still couldn't access both Tomcat Web Application Manager (localhost:8080/manager/html) and Tomcat Virtual Host Manager (localhost:8080/host-manager/html) until I edited context.xml files.


Correct answer can be found here

Looks like this issue can be reproduced while folowing mentioned tutorial on unix machines. Also noticed that author uses TC 8.0.33
Win (and OSX) do not have such issue, at least on my env:

Server version:        Apache Tomcat/8.5.4
Server built:          Jul 6 2016 08:43:30 UTC
Server number:         8.5.4.0
OS Name:               Windows 8.1
OS Version:            6.3
Architecture:          amd64
Java Home:             C:\TOOLS\jdk1.8.0_101\jre
JVM Version:           1.8.0_101-b13
JVM Vendor:            Oracle Corporation
CATALINA_BASE:         C:\TOOLS\tomcat\apache-tomcat-8.5.4
CATALINA_HOME:         C:\TOOLS\tomcat\apache-tomcat-8.5.4

After tomcat-users.xml is modified by adding role and user Tomcat Web Application Manager can be accessed on Tomcat/8.5.4.

Related

Minimum and maximum date in UIDatePicker
Using PCP (Port Control Protocol) in practice?
How to include hidden files in ls pattern match?
Windows 10 automatic daylight savings adjustment not working?
How to backup multiple partitions in one image and restore
Search within PDF files in Windows search
Increase Firefox Speed?
How does one find GPUs that use UEFI GOP instead of legacy VBIOS?
Why does Google Chrome forget my logins and passwords every time I close it?
Remove Firefox Custom Search
diff for multiple files
Losing internet access when creating ethernet bridge for OpenVPN