Problem:
403Access deniedyou is not authorized to view Thispage. If you had already configured the Manager application to allow access and you had used your browsers back button, used a Saved Book-mark or similar then your may had triggered the Cross-site request forgery (CSRF) protection that had been enabled forThe HTMLInterfaceof the Manager application. You'll need to reset ThisProtection by returning to the main Manager page. OncereturnTo Thispage, you'll be able toContinue usingThe Manager appliction's HTML interface normally. If you continue to see this access denied a message, check that it has the necessary permissions to access this Applicatio N.If you have not changed any configuration files, please examine the file conf/tomcat-users.xmlinchYour installation. That file must contain the credentials ThisWebApp. For example, to add the manager-GUI role to a user named Tomcat with a password of S3cret, add the following to the config file listed above.<role rolename="Manager-gui"/><user username="Tomcat"password="S3cret"roles="Manager-gui"/>Note that forTomcat7onwards, the roles required to use the manager application were changed fromThe single manager role to the following four roles. You'll need to assign the role (s) required forThe functionality wish to Access.manager-gui-allows access to the HTML GUI and the status Pagesmanager-script-allows access to the textInterfaceAnd the status Pagesmanager-JMX-allows access to the JMX proxy and the status Pagesmanager-status-allows access to the status pages onlythe HTMLInterface is protectedagainst CSRF But the text and JMX interfaces is not. To maintain the CSRF protection:users with the manager-gui role should not being granted either the Manager-script or manager-jmx roles. If the text or JMX interfaces is accessed through a browser (e.g. forTesting since these interfaces is intended forTools not humans) then the browser must is closed afterwards to terminate the session.
Tomcat-users.xml Configuration content is:
<!--<role Rolename="Tomcat"/> <role rolename="Role1"/> <user username="Tomcat"password="Tomcat"roles="Tomcat"/> <user username="both"password="Tomcat"roles="Tomcat,role1"/> <user username="Role1"password="Tomcat"roles="Role1"/>--> <user username="Admin"password="Admin"roles="Manager"/> </tomcat-users>
Solution:
<user username="admin " password="admin " roles=" Manager "/> instead:
<user username="admin " password="admin " roles= " Manager-gui "/> can be."
The reason is that role in TOMCAT8 has changed manager to Manager-gui.