Solution for Tomcat Manager to display 403 Access Denied

You encountered the following problems when managing tomcat:
 
1. At the beginning, a user name and password are required. I do not know what the user name and password are, but I did not enter any correct information.
 
Solution:
 
Add your own user conf folder in the tomcat-users.xml in the format
 
The default value is commented out, which mainly takes into account the security of the server. If it is a local test, remove the following comment, restart the server, and then enter
 
<Role rolename = "tomcat"/>
 
<Role rolename = "role1"/>
 
<User username = "tomcat" password = "tomcat" roles = "tomcat"/>
 
<User username = "both" password = "tomcat" roles = "tomcat, role1"/>
 
<User username = "role1" password = "tomcat" roles = "role1"/>
 
The user and password are clear at a glance.
 
 
2. After Entering the manager interface, the 403 Access Denied is displayed.
 
Solution:
 
See this passage in the conf/tomcat-users.xml file:
 
NOTE: By default, no user is logged in the "manager-gui" role required
 
To operate the "/manager/html" web application. If you want to use this app,
 
You must define such a user-the username and password are arbitrary.
 
To ensure security, tomcat does not have the manager-gui management permission by default.
 
You need to add the management permission (role) on your own ).
 
You need to add such permissions (roles)
 
<Role rolename = "manager-gui"/>
 
And then add it to the user name.
 
<User username = "tomcat" password = "tomcat" roles = "tomcat, manager-gui"/>
 
So OK.
 

<? Xml version = '1. 0' encoding = 'utf-8'?>
<! --
Licensed to the Apache Software Foundation (ASF) under one or more
Contributor license agreements. See the NOTICE file distributed
This work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(The "License"); you may not use this file except T in compliance
The License. You may obtain a copy of the License

Http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
Distributed under the License is distributed on an "as is" BASIS,
Without warranties or conditions of any kind, either express or implied.
See the License for the specific language governing permissions and
Limitations under the License.
-->
<Tomcat-users>
<! --
NOTE: By default, no user is logged in the "manager-gui" role required
To operate the "/manager/html" web application. If you want to use this app,
You must define such a user-the username and password are arbitrary.
-->
<! --
NOTE: The sample user and role entries below are wrapped in a comment
And thus are ignored when reading this file. Do not forget to remove
<!.. ...> That surrounds them.
-->

<! --
<Role rolename = "tomcat"/>
<Role rolename = "role1"/>
<User username = "tomcat" password = "tomcat" roles = "tomcat"/>
<User username = "both" password = "tomcat" roles = "tomcat, role1"/>
<User username = "role1" password = "tomcat" roles = "role1"/>
-->
<Role rolename = "manager-gui"/>
<Role rolename = "admin-gui"/>
<User username = "ming" password = "064417" roles = "manager-gui, admin-gui"/>

</Tomcat-users>

Load Balancing between Apache and multiple Tomcat clusters in Linux

Nginx Tomcat Cluster load balancing solution notes

Instance details Tomcat component installation + Nginx reverse proxy Tomcat + Apache use mod_jk and mod_proxy Reverse Proxy and load balancing

Build an Apache + Tomcat environment (JK deployment process)

In-depth analysis of Tomcat PDF

Tomcat details: click here
Tomcat: click here

This article permanently updates the link address: