The real reasons and solutions for Tomcat Manager Page 403

Source: Internet
Author: User

Version: Tomcat 8.5.8

Issue: Newly installed Tomcat, server Status, manager App, Host manager three pages with other machines accessing Tomcat are displayed 403 (no problem with native access), conf/ Configuration has been added in Tomcat-users.xml:

<role rolename= "Manager-gui"/>

<role rolename= "Admin-gui"/>

<user username= "Tomcat" password= "qazwsx" roles= "Manager-gui,admin-gui"/>


After rebooting, it is still 403, even when trying to use a variety of solutions, there are 404 (cause unknown)


Find online Solutions No fruit, most of the online articles are only mentioned in the Tomcat-users.xml add the above statement, can not solve, through the official documents, English really rotten (with translation software, see smattering), and finally find the real reason.


Open WebApps under the Host-manager and manager, there is a common folder Meta-inf, there are context.xml, the content of this file is:

<context antiresourcelocking= "false" privileged= "true" >

<valve classname= "Org.apache.catalina.valves.RemoteAddrValve"

allow= "127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1"/>

</Context>

By looking at the official documentation, it is known that this code is restricted to visiting IP, 127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1, is a regular expression that represents the native loopback address of IPv4 and IPv6, so this also explains Why do we have access to the admin interface, but the other machines are actually 403.


Find out why, then modify the regular expression here, for example, we only allow intranet segment 192.168.88 Access Management page, then change to this can be:

<context antiresourcelocking= "false" privileged= "true" >

<valve classname= "Org.apache.catalina.valves.RemoteAddrValve"

allow= "192.168.88.*"/>

</Context>


Modify complete, close the browser, reopen Tomcat, problem solving!


Attached: context.xml In addition to restricting IP and host, there are more functions, you can refer to the Official document: Http://tomcat.apache.org/tomcat-8.5-doc/config/valve.html#Remote _address_filter

This article is from the "Progress a little every day" blog, be sure to keep this source http://yujia2016.blog.51cto.com/59379/1878743

The real reasons and solutions for Tomcat Manager Page 403

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.