When I opened tomcat in netbeans today, I found that password verification is required, which was previously not required. The cause has not been found. I guess there may be two factors, one is the recent installation of IIS, and the other is the upgrade of netbeans. However, I think the most likely factor is that I accidentally modified the tomcat configuration file.
The solution from the Internet is to look at the tomcat-user.xml file, the user name and password information in that. But after the modification is still not good, and later found that I modified is the installation directory of the tomcat-user.xml files, that is, the Catalina base Directory files, actually works is the Catalina base Directory files, and indeed, after viewing the tomcat-user.xml file under Catalina base, you can successfully log in using the username and password in it.
I read an article about website security on the InternetArticleIt makes sense. To make your website safer than most people's websites, an extremely simple way is to use as few default configurations as possible, such as the port number. You also need to set a password. I believe that many beginners (such as me) do not like to set passwords for Tomcat Manager, which may be a breakthrough for attacks by others.