Can't access Tomcat 6 Manager app

6
votes

I keep getting prompted for a user name and password when I try to access the following URL:

http://localhost:8080/manager/html

App Server: Tomcat 6.0.35

Browser: Firefox 3.6.18

OS: Centos 5.5

Content of tomcat-users.xml: 

<tomcat-users>
    <role rolename="manager"/>
    <user username="tomcat" password="tomcat" roles="manager"/>
</tomcat-users>

I started Tomcat with: sudo ./startup.sh

I stopped Tomcat with: sudo ./shutdown.sh

5
web-applicationstomcat
Have you tried logging is using user: tomcat, password: tomcat?BeRecursive
have you tried <role rolename="gui-manager"/> ?Wint
According to the file apache-tomcat-6.0.35/webapps/manager/WEB-INF/web.xml, the role manager-gui is supported, so I did try that role as well with no success. I did also try gui-manager with no success.udeleng
When you make these changes, are you restrating Tomcat?clmarquart
Absolutely! I tried a similar thing in osx and it works perfectly fine with FF, Chrome, and Safari. Either I'm missing something really silly or I'm going to kill Centos.udeleng

5 Answers

18
votes

The roles have changed with Apache Tomcat 6 as per the link to the documentation below. http://tomcat.apache.org/tomcat-6.0-doc/manager-howto.html#Configuring_Manager_Application_Access

There are four roles defined by the manager application:

manager-gui - Allows access to the html interface
manager-script - Allows access to the plain text interface
manager-jmx - Allows access to the JMX proxy interface
manager-status - Allows access to the read-only status pages

For your problem, try this:

<role rolename="manager"/>
<role rolename="manager-gui"/>
<role rolename="admin"/>
<user username="user" password="password" roles="admin,manager,manager-gui"/>

Login with user and password.

It works 100%.

1
votes

If you still have issues after setting up tomcat-users.xml, check that this file is being referenced in the standard way from server.xml. Both <GlobalNamingResources> and <Realm> need to be defined.

I pulled the following from a fresh install of Tomcat:

<Server port="8005" shutdown="SHUTDOWN">
 :
  <GlobalNamingResources>
    <!-- Editable user database that can also be used by
         UserDatabaseRealm to authenticate users
    -->
    <Resource name="UserDatabase" auth="Container"
              type="org.apache.catalina.UserDatabase"
              description="User database that can be updated and saved"
              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
              pathname="conf/tomcat-users.xml" />
  </GlobalNamingResources>
  :
  <Service name="Catalina">
    :
    <Engine name="Catalina" defaultHost="localhost">
      <!-- This Realm uses the UserDatabase configured in the global JNDI
           resources under the key "UserDatabase".  Any edits
           that are performed against this UserDatabase are immediately
           available for use by the Realm.  -->
      <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
             resourceName="UserDatabase"/>
      :
    </Engine>
  </Service>
</Server>
0
votes

Update Tomcat-HOME/conf/tomcat-users.xml:

<tomcat-users>
<role rolename="manager"/>
<role rolename="standard"/>
<role rolename="tomcat"/>
<role rolename="admin"/>
<role rolename="role1"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="both" password="tomcat" roles="tomcat,role1"/>
<user username="admin" password="password" roles="standard,manager,admin"/>
<user username="role1" password="tomcat" roles="role1"/>
</tomcat-users>

In ubuntu::

  • Start tomcat: sh startup.sh
  • Stop tomcat: sh shutdown.sh
0
votes

Don' forget to check if your admin application exists in %tomcat_dir%/webapps. If not, you can download it again with the tomcat distribution

0
votes

I had this problem last night and the problem (after making sure the user was created with correct manager-gui role) turned out to be that I was trying to access localhost and there was a RemoteAddrValve in the web app Context file (manager.xml) only allowing access to the manager web app via 127.0.0.1. Yes, localhost resolves to 127.0.0.1, but the valve is very precise. 

<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.0\.0\.1" />