You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Anwar AliKhan <an...@gmail.com> on 2020/08/18 18:07:53 UTC
Login appears only once
Hi,
I deployed an app called tomee using the tomcat manager app.
The first time I selected the app in the tomcat manager to run it.
a login appeared asking for username and password.
I had not set it up. So it took me to the 403 page .
Now I have set up tomee-admin user.
I stopped restarted tomcat for it to register the contents of
tomcat-users.xml
I no longer get the login Box. It goes straight to the 403 page.
*what is the problem ? Thanks for your help*
<role rolename="manager-gui"/>
<!-- Activate/create these lines to get access to TomEE GUI -->
<role rolename="tomee-admin" />
<user username="tomcat" password="s3cret" roles="manager-gui"/>
<user username="admin" password="" roles="manager"/>
<user username="tomee" password="tomee" roles="tomee-admin" />
HTTP Status 403 – Forbidden
------------------------------
*Type* Status Report
*Message* Access to the requested resource has been denied
*Description* The server understood the request but refuses to authorize it.
------------------------------
Apache Tomcat/9.0.37
Re: Login appears only once : solved
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Anwar,
On 8/18/20 17:42, Anwar AliKhan wrote:
> It came down to browser privacy and security settings. Cleared all
> previous cookies and blocked third party cookies. Now Login appears
> every time in Google chrome.
None of that is necessary. Just "clear logins" from the site and you
are good. At least that's what Firefox calls it when it forgets all
HTTP Basic logins. Maybe Chrome doesn't have that.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl88XucACgkQHPApP6U8
pFgBFQ/8Cmg0sdFBev5CZPr3nDPRj/EdzRcbRShKcckN0ikWPbgAok4QfEzX0uBZ
n/w+EOpyrIgGWs7vmjxpftT8f6eQpRsDPGETNzefad8mpNxhTWhTXsyAkKn8wooP
CZ7iU91xgE/IpAjxAjHeIaFY1wEXlOWR1mM3njSsQLPfMBN/ITJaUSJjcPCzYJpn
VUhrpuOx7K57XF8bf+C4Ucl2A2fJ2LVxj15PmHkH30R34vN3Gk4GYgPvhhxD0Ymv
UgSCTqFy5k33YIZ9kprx3fGuuGDRFv2TtZaTTGGP4MKxYW3i3LvNf89D7yFkn/5i
9bN/uQGX7OthzJ4lCUa4gfothT3xGvMiw/QX4dHQsUOOaqIZCYJKPKh0mppK9xHb
g0UPnlTcJqdXY+BHEduNOHFLalZYECOqtYd0vXxAJv4MCbkRlswV3/TqBZ0Z2QaU
+jLLjBT82oAYEr1oyjzYlRxOVyIxryTnyCgo3S1QTSbs9QY4WHT544M5W+gZChWD
4vSmXfPtkT1I5cizYAH2L2Dcd98vk4LxW97sw00KRRNTu7S5jF1YF7Mv7mJMmcyo
PVveoflXu9uF7NVmDV0CeVGEokt3KsrdfzEx+8n50ZcyguCwv36D5rzIXCP2kFsp
DaENkjjhevDBK882mLTSOdVXP8sGYC3SrK2KGmNPdJaGJBvX0ww=
=pUL9
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Login appears only once : solved
Posted by Anwar AliKhan <an...@gmail.com>.
It came down to browser privacy and security settings.
Cleared all previous cookies and blocked third party cookies.
Now Login appears every time in Google chrome.
On Tue, 18 Aug 2020, 22:13 Anwar AliKhan, <an...@gmail.com> wrote:
> I have rebooted.
> Startup.sh
>
> Same tomcat-users.xml no other changes .
>
>
> With manager button chrome going straight to 401.
>
> With Firefox manager button - login box appears works with username
> tomgui password tomcat as expected.
>
>
>
>
>
>
>
> On Tue, 18 Aug 2020, 21:55 Anwar AliKhan, <an...@gmail.com>
> wrote:
>
>>
>> *With this tomcat-users.xml*<role rolename="manager-script"/>
>> <role rolename="manager-gui"/>
>> <role rolename="admin-gui"/>
>> <role rolename="tomee-admin" /> <!-- Activate/create these lines to get
>> access to TomEE GUI -->
>> <role rolename="manager"/>
>> <user username="tomcat" password="tomcat" roles="admin-script"/>
>> <user username="tomtest" password="tomtest" roles="manager-gui"/>
>>
>>
>> *Test*curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list
>> *Result*:
>> OK - Listed hosts
>> [localhost]:[]
>>
>>
>> I make same username and password for both admin-script & manager-gui
>> <role rolename="manager-script"/>
>> <role rolename="manager-gui"/>
>> <role rolename="admin-gui"/>
>> <role rolename="tomee-admin" /> <!-- Activate/create these lines to get
>> access to TomEE GUI -->
>> <role rolename="manager"/>
>> <user username="tomcat" password="tomcat" roles="admin-script"/>
>> <user username="tomcat" password="tomcat" roles="manager-gui"/>
>>
>>
>> *Test*curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list
>> *Result:*
>> curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list
>> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "
>> http://www.w3.org/TR/html4/strict.dtd">
>> <html>
>> <head>
>> <title>403 Access Denied</title>
>> <style type="text/css">
>> <!--
>> BODY
>> {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;font-size:12px;}
>> H1
>> {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;}
>> PRE, TT {border: 1px dotted #525D76}
>> A {color : black;}A.name {color : black;}
>>
>>
>>
>> *I change different username same password for both admin-script &
>> manager-gui*<role rolename="manager-script"/>
>> <role rolename="manager-gui"/>
>> <role rolename="admin-gui"/>
>> <role rolename="tomee-admin" /> <!-- Activate/create these lines to get
>> access to TomEE GUI -->
>> <role rolename="manager"/>
>> <user username="tomcat" password="tomcat" roles="admin-script"/>
>> <user username="tomtest" password="tomcat" roles="manager-gui"/>
>>
>>
>> *Test *curl -u tomcat:tomcat
>> http://localhost:8080/host-manager/text/list
>> *Result*:
>> OK - Listed hosts
>> [localhost]:[]
>>
>>
>> *Confirmation Test The username must be unique*
>> <role rolename="manager-script"/>
>> <role rolename="manager-gui"/>
>> <role rolename="admin-gui"/>
>> <role rolename="tomee-admin" /> <!-- Activate/create these lines to get
>> access to TomEE GUI -->
>> <role rolename="manager"/>
>> <user username="tomscript" password="tomcat" roles="admin-script"/>
>> <user username="tomgui" password="tomcat" roles="manager-gui"/>
>> <user username="tomadmin" password="tomcat" roles="admin-gui"/>
>> <user username="tomee" password="tomee" roles="tomee-admin"/>
>> <user username="admin" password="" roles="manager"/>
>>
>>
>> curl -u *tomscript*:tomcat http://localhost:8080/host-manager/text/list
>> OK - Listed hosts
>> [localhost]:[]
>>
>>
>>
>> <http://www.backbutton.co.uk/>
>>
>>
>> On Tue, 18 Aug 2020, 21:21 Anwar AliKhan, <an...@gmail.com>
>> wrote:
>>
>>> *This works*
>>> curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list
>>> OK - Listed hosts
>>> [localhost]:[]
>>>
>>>
>>> I have rebooted and restarted the browser.
>>> *BUT with the same tomcat-users.xml *
>>>
>>> *It is now going straight to 401.*
>>>
>>> *with all three URL*
>>> *http://localhost:8080/manager/status
>>> <http://localhost:8080/manager/status>*
>>> http://localhost:8080/manager/html
>>> http://localhost:8080/host-manager/html
>>>
>>> *tomcat-usersxml*
>>>
>>> <role rolename="manager-gui"/>
>>> <role rolename="manager-script"/>
>>> <role rolename="admin-gui"/>
>>> <role rolename="tomee-admin" /> <!-- Activate/create these lines to get
>>> access to TomEE GUI -->
>>> <role rolename="manager"/>
>>> <user username="tomcat" password="tomcat"
>>> roles="manager-gui,admin-script,admin-gui,tomee-admin,manager"/>
>>>
>>> 401 Unauthorized
>>> You are not authorized to view this page. If you have not changed any
>>> configuration files, please examine the file conf/tomcat-users.xml in your
>>> installation. That file must contain the credentials to let you use this
>>> webapp.
>>>
>>> For example, to add the manager-gui role to a user named tomcat with a
>>> password of s3cret, add the following to the config file listed above.
>>>
>>> <role rolename="manager-gui"/>
>>> <user username="tomcat" password="s3cret" roles="manager-gui"/>
>>> Note that for Tomcat 7 onwards, the roles required to use the manager
>>> application were changed from the single manager role to the following four
>>> roles. You will need to assign the role(s) required for the functionality
>>> you wish to access.
>>>
>>> manager-gui - allows access to the HTML GUI and the status pages
>>> manager-script - allows access to the text interface and the status pages
>>> manager-jmx - allows access to the JMX proxy and the status pages
>>> manager-status - allows access to the status pages only
>>> The HTML interface is protected against CSRF but the text and JMX
>>> interfaces are not. To maintain the CSRF protection:
>>>
>>> Users with the manager-gui role should not be granted either the
>>> manager-script or manager-jmx roles.
>>> If the text or jmx interfaces are accessed through a browser (e.g. for
>>> testing since these interfaces are intended for tools not humans) then the
>>> browser must be closed afterwards to terminate the session.
>>> <http://www.backbutton.co.uk/>
>>>
>>>
>>> On Tue, 18 Aug 2020, 20:46 , <jo...@wellsfargo.com.invalid>
>>> wrote:
>>>
>>>> I was going to say it sounds like a persistent cookie...
>>>>
>>>>
>>>> Dream * Excel * Explore * Inspire
>>>> Jon McAlexander
>>>> Asst Vice President
>>>>
>>>> Middleware Product Engineering
>>>> Enterprise CIO | Platform Services | Middleware | Infrastructure
>>>> Solutions
>>>>
>>>> 8080 Cobblestone Rd | Urbandale, IA 50322
>>>> MAC: F4469-010
>>>> Tel 515-988-2508 | Cell 515-988-2508
>>>>
>>>> jonmcalexander@wellsfargo.com
>>>>
>>>>
>>>> This message may contain confidential and/or privileged information. If
>>>> you are not the addressee or authorized to receive this for the addressee,
>>>> you must not use, copy, disclose, or take any action based on this message
>>>> or any information herein. If you have received this message in error,
>>>> please advise the sender immediately by reply e-mail and delete this
>>>> message. Thank you for your cooperation.
>>>>
>>>> -----Original Message-----
>>>> From: Mark Thomas <ma...@apache.org>
>>>> Sent: Tuesday, August 18, 2020 1:57 PM
>>>> To: users@tomcat.apache.org
>>>> Subject: Re: Login appears only once
>>>>
>>>> On 18/08/2020 19:45, Anwar AliKhan wrote:
>>>> > I rebooted the machine , then the login box appeared .
>>>> > Obviously this is not an ideal solution!
>>>>
>>>> Did you close the browser between tests?
>>>>
>>>> Mark
>>>>
>>>>
>>>> > On Tue, 18 Aug 2020, 19:07 Anwar AliKhan, <an...@gmail.com>
>>>> wrote:
>>>> >
>>>> >> Hi,
>>>> >> I deployed an app called tomee using the tomcat manager app.
>>>> >>
>>>> >> The first time I selected the app in the tomcat manager to run it.
>>>> >> a login appeared asking for username and password.
>>>> >>
>>>> >> I had not set it up. So it took me to the 403 page .
>>>> >>
>>>> >> Now I have set up tomee-admin user.
>>>> >>
>>>> >> I stopped restarted tomcat for it to register the contents of
>>>> >> tomcat-users.xml I no longer get the login Box. It goes straight to
>>>> >> the 403 page.
>>>> >>
>>>> >> *what is the problem ? Thanks for your help*
>>>> >>
>>>> >>
>>>> >>
>>>> >> <role rolename="manager-gui"/>
>>>> >> <!-- Activate/create these lines to get access to TomEE GUI -->
>>>> <role
>>>> >> rolename="tomee-admin" /> <user username="tomcat" password="s3cret"
>>>> >> roles="manager-gui"/> <user username="admin" password=""
>>>> >> roles="manager"/> <user username="tomee" password="tomee"
>>>> >> roles="tomee-admin" /> HTTP Status 403 – Forbidden
>>>> >> ------------------------------
>>>> >>
>>>> >> *Type* Status Report
>>>> >>
>>>> >> *Message* Access to the requested resource has been denied
>>>> >>
>>>> >> *Description* The server understood the request but refuses to
>>>> >> authorize it.
>>>> >> ------------------------------
>>>> >> Apache Tomcat/9.0.37
>>>> >>
>>>> >
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>
>>>
Re: Login appears only once
Posted by Anwar AliKhan <an...@gmail.com>.
I have rebooted.
Startup.sh
Same tomcat-users.xml no other changes .
With manager button chrome going straight to 401.
With Firefox manager button - login box appears works with username
tomgui password tomcat as expected.
On Tue, 18 Aug 2020, 21:55 Anwar AliKhan, <an...@gmail.com> wrote:
>
> *With this tomcat-users.xml*<role rolename="manager-script"/>
> <role rolename="manager-gui"/>
> <role rolename="admin-gui"/>
> <role rolename="tomee-admin" /> <!-- Activate/create these lines to get
> access to TomEE GUI -->
> <role rolename="manager"/>
> <user username="tomcat" password="tomcat" roles="admin-script"/>
> <user username="tomtest" password="tomtest" roles="manager-gui"/>
>
>
> *Test*curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list
> *Result*:
> OK - Listed hosts
> [localhost]:[]
>
>
> I make same username and password for both admin-script & manager-gui
> <role rolename="manager-script"/>
> <role rolename="manager-gui"/>
> <role rolename="admin-gui"/>
> <role rolename="tomee-admin" /> <!-- Activate/create these lines to get
> access to TomEE GUI -->
> <role rolename="manager"/>
> <user username="tomcat" password="tomcat" roles="admin-script"/>
> <user username="tomcat" password="tomcat" roles="manager-gui"/>
>
>
> *Test*curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list
> *Result:*
> curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list
> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "
> http://www.w3.org/TR/html4/strict.dtd">
> <html>
> <head>
> <title>403 Access Denied</title>
> <style type="text/css">
> <!--
> BODY
> {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;font-size:12px;}
> H1
> {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;}
> PRE, TT {border: 1px dotted #525D76}
> A {color : black;}A.name {color : black;}
>
>
>
> *I change different username same password for both admin-script &
> manager-gui*<role rolename="manager-script"/>
> <role rolename="manager-gui"/>
> <role rolename="admin-gui"/>
> <role rolename="tomee-admin" /> <!-- Activate/create these lines to get
> access to TomEE GUI -->
> <role rolename="manager"/>
> <user username="tomcat" password="tomcat" roles="admin-script"/>
> <user username="tomtest" password="tomcat" roles="manager-gui"/>
>
>
> *Test *curl -u tomcat:tomcat
> http://localhost:8080/host-manager/text/list
> *Result*:
> OK - Listed hosts
> [localhost]:[]
>
>
> *Confirmation Test The username must be unique*
> <role rolename="manager-script"/>
> <role rolename="manager-gui"/>
> <role rolename="admin-gui"/>
> <role rolename="tomee-admin" /> <!-- Activate/create these lines to get
> access to TomEE GUI -->
> <role rolename="manager"/>
> <user username="tomscript" password="tomcat" roles="admin-script"/>
> <user username="tomgui" password="tomcat" roles="manager-gui"/>
> <user username="tomadmin" password="tomcat" roles="admin-gui"/>
> <user username="tomee" password="tomee" roles="tomee-admin"/>
> <user username="admin" password="" roles="manager"/>
>
>
> curl -u *tomscript*:tomcat http://localhost:8080/host-manager/text/list
> OK - Listed hosts
> [localhost]:[]
>
>
>
> <http://www.backbutton.co.uk/>
>
>
> On Tue, 18 Aug 2020, 21:21 Anwar AliKhan, <an...@gmail.com>
> wrote:
>
>> *This works*
>> curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list
>> OK - Listed hosts
>> [localhost]:[]
>>
>>
>> I have rebooted and restarted the browser.
>> *BUT with the same tomcat-users.xml *
>>
>> *It is now going straight to 401.*
>>
>> *with all three URL*
>> *http://localhost:8080/manager/status
>> <http://localhost:8080/manager/status>*
>> http://localhost:8080/manager/html
>> http://localhost:8080/host-manager/html
>>
>> *tomcat-usersxml*
>>
>> <role rolename="manager-gui"/>
>> <role rolename="manager-script"/>
>> <role rolename="admin-gui"/>
>> <role rolename="tomee-admin" /> <!-- Activate/create these lines to get
>> access to TomEE GUI -->
>> <role rolename="manager"/>
>> <user username="tomcat" password="tomcat"
>> roles="manager-gui,admin-script,admin-gui,tomee-admin,manager"/>
>>
>> 401 Unauthorized
>> You are not authorized to view this page. If you have not changed any
>> configuration files, please examine the file conf/tomcat-users.xml in your
>> installation. That file must contain the credentials to let you use this
>> webapp.
>>
>> For example, to add the manager-gui role to a user named tomcat with a
>> password of s3cret, add the following to the config file listed above.
>>
>> <role rolename="manager-gui"/>
>> <user username="tomcat" password="s3cret" roles="manager-gui"/>
>> Note that for Tomcat 7 onwards, the roles required to use the manager
>> application were changed from the single manager role to the following four
>> roles. You will need to assign the role(s) required for the functionality
>> you wish to access.
>>
>> manager-gui - allows access to the HTML GUI and the status pages
>> manager-script - allows access to the text interface and the status pages
>> manager-jmx - allows access to the JMX proxy and the status pages
>> manager-status - allows access to the status pages only
>> The HTML interface is protected against CSRF but the text and JMX
>> interfaces are not. To maintain the CSRF protection:
>>
>> Users with the manager-gui role should not be granted either the
>> manager-script or manager-jmx roles.
>> If the text or jmx interfaces are accessed through a browser (e.g. for
>> testing since these interfaces are intended for tools not humans) then the
>> browser must be closed afterwards to terminate the session.
>> <http://www.backbutton.co.uk/>
>>
>>
>> On Tue, 18 Aug 2020, 20:46 , <jo...@wellsfargo.com.invalid>
>> wrote:
>>
>>> I was going to say it sounds like a persistent cookie...
>>>
>>>
>>> Dream * Excel * Explore * Inspire
>>> Jon McAlexander
>>> Asst Vice President
>>>
>>> Middleware Product Engineering
>>> Enterprise CIO | Platform Services | Middleware | Infrastructure
>>> Solutions
>>>
>>> 8080 Cobblestone Rd | Urbandale, IA 50322
>>> MAC: F4469-010
>>> Tel 515-988-2508 | Cell 515-988-2508
>>>
>>> jonmcalexander@wellsfargo.com
>>>
>>>
>>> This message may contain confidential and/or privileged information. If
>>> you are not the addressee or authorized to receive this for the addressee,
>>> you must not use, copy, disclose, or take any action based on this message
>>> or any information herein. If you have received this message in error,
>>> please advise the sender immediately by reply e-mail and delete this
>>> message. Thank you for your cooperation.
>>>
>>> -----Original Message-----
>>> From: Mark Thomas <ma...@apache.org>
>>> Sent: Tuesday, August 18, 2020 1:57 PM
>>> To: users@tomcat.apache.org
>>> Subject: Re: Login appears only once
>>>
>>> On 18/08/2020 19:45, Anwar AliKhan wrote:
>>> > I rebooted the machine , then the login box appeared .
>>> > Obviously this is not an ideal solution!
>>>
>>> Did you close the browser between tests?
>>>
>>> Mark
>>>
>>>
>>> > On Tue, 18 Aug 2020, 19:07 Anwar AliKhan, <an...@gmail.com>
>>> wrote:
>>> >
>>> >> Hi,
>>> >> I deployed an app called tomee using the tomcat manager app.
>>> >>
>>> >> The first time I selected the app in the tomcat manager to run it.
>>> >> a login appeared asking for username and password.
>>> >>
>>> >> I had not set it up. So it took me to the 403 page .
>>> >>
>>> >> Now I have set up tomee-admin user.
>>> >>
>>> >> I stopped restarted tomcat for it to register the contents of
>>> >> tomcat-users.xml I no longer get the login Box. It goes straight to
>>> >> the 403 page.
>>> >>
>>> >> *what is the problem ? Thanks for your help*
>>> >>
>>> >>
>>> >>
>>> >> <role rolename="manager-gui"/>
>>> >> <!-- Activate/create these lines to get access to TomEE GUI --> <role
>>> >> rolename="tomee-admin" /> <user username="tomcat" password="s3cret"
>>> >> roles="manager-gui"/> <user username="admin" password=""
>>> >> roles="manager"/> <user username="tomee" password="tomee"
>>> >> roles="tomee-admin" /> HTTP Status 403 – Forbidden
>>> >> ------------------------------
>>> >>
>>> >> *Type* Status Report
>>> >>
>>> >> *Message* Access to the requested resource has been denied
>>> >>
>>> >> *Description* The server understood the request but refuses to
>>> >> authorize it.
>>> >> ------------------------------
>>> >> Apache Tomcat/9.0.37
>>> >>
>>> >
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>
Re: Login appears only once
Posted by Anwar AliKhan <an...@gmail.com>.
*With this tomcat-users.xml*<role rolename="manager-script"/>
<role rolename="manager-gui"/>
<role rolename="admin-gui"/>
<role rolename="tomee-admin" /> <!-- Activate/create these lines to get
access to TomEE GUI -->
<role rolename="manager"/>
<user username="tomcat" password="tomcat" roles="admin-script"/>
<user username="tomtest" password="tomtest" roles="manager-gui"/>
*Test*curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list
*Result*:
OK - Listed hosts
[localhost]:[]
I make same username and password for both admin-script & manager-gui
<role rolename="manager-script"/>
<role rolename="manager-gui"/>
<role rolename="admin-gui"/>
<role rolename="tomee-admin" /> <!-- Activate/create these lines to get
access to TomEE GUI -->
<role rolename="manager"/>
<user username="tomcat" password="tomcat" roles="admin-script"/>
<user username="tomcat" password="tomcat" roles="manager-gui"/>
*Test*curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list
*Result:*
curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "
http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>403 Access Denied</title>
<style type="text/css">
<!--
BODY
{font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;font-size:12px;}
H1
{font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;}
PRE, TT {border: 1px dotted #525D76}
A {color : black;}A.name {color : black;}
*I change different username same password for both admin-script &
manager-gui*<role rolename="manager-script"/>
<role rolename="manager-gui"/>
<role rolename="admin-gui"/>
<role rolename="tomee-admin" /> <!-- Activate/create these lines to get
access to TomEE GUI -->
<role rolename="manager"/>
<user username="tomcat" password="tomcat" roles="admin-script"/>
<user username="tomtest" password="tomcat" roles="manager-gui"/>
*Test *curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list
*Result*:
OK - Listed hosts
[localhost]:[]
*Confirmation Test The username must be unique*
<role rolename="manager-script"/>
<role rolename="manager-gui"/>
<role rolename="admin-gui"/>
<role rolename="tomee-admin" /> <!-- Activate/create these lines to get
access to TomEE GUI -->
<role rolename="manager"/>
<user username="tomscript" password="tomcat" roles="admin-script"/>
<user username="tomgui" password="tomcat" roles="manager-gui"/>
<user username="tomadmin" password="tomcat" roles="admin-gui"/>
<user username="tomee" password="tomee" roles="tomee-admin"/>
<user username="admin" password="" roles="manager"/>
curl -u *tomscript*:tomcat http://localhost:8080/host-manager/text/list
OK - Listed hosts
[localhost]:[]
<http://www.backbutton.co.uk/>
On Tue, 18 Aug 2020, 21:21 Anwar AliKhan, <an...@gmail.com> wrote:
> *This works*
> curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list
> OK - Listed hosts
> [localhost]:[]
>
>
> I have rebooted and restarted the browser.
> *BUT with the same tomcat-users.xml *
>
> *It is now going straight to 401.*
>
> *with all three URL*
> *http://localhost:8080/manager/status
> <http://localhost:8080/manager/status>*
> http://localhost:8080/manager/html
> http://localhost:8080/host-manager/html
>
> *tomcat-usersxml*
>
> <role rolename="manager-gui"/>
> <role rolename="manager-script"/>
> <role rolename="admin-gui"/>
> <role rolename="tomee-admin" /> <!-- Activate/create these lines to get
> access to TomEE GUI -->
> <role rolename="manager"/>
> <user username="tomcat" password="tomcat"
> roles="manager-gui,admin-script,admin-gui,tomee-admin,manager"/>
>
> 401 Unauthorized
> You are not authorized to view this page. If you have not changed any
> configuration files, please examine the file conf/tomcat-users.xml in your
> installation. That file must contain the credentials to let you use this
> webapp.
>
> For example, to add the manager-gui role to a user named tomcat with a
> password of s3cret, add the following to the config file listed above.
>
> <role rolename="manager-gui"/>
> <user username="tomcat" password="s3cret" roles="manager-gui"/>
> Note that for Tomcat 7 onwards, the roles required to use the manager
> application were changed from the single manager role to the following four
> roles. You will need to assign the role(s) required for the functionality
> you wish to access.
>
> manager-gui - allows access to the HTML GUI and the status pages
> manager-script - allows access to the text interface and the status pages
> manager-jmx - allows access to the JMX proxy and the status pages
> manager-status - allows access to the status pages only
> The HTML interface is protected against CSRF but the text and JMX
> interfaces are not. To maintain the CSRF protection:
>
> Users with the manager-gui role should not be granted either the
> manager-script or manager-jmx roles.
> If the text or jmx interfaces are accessed through a browser (e.g. for
> testing since these interfaces are intended for tools not humans) then the
> browser must be closed afterwards to terminate the session.
> <http://www.backbutton.co.uk/>
>
>
> On Tue, 18 Aug 2020, 20:46 , <jo...@wellsfargo.com.invalid>
> wrote:
>
>> I was going to say it sounds like a persistent cookie...
>>
>>
>> Dream * Excel * Explore * Inspire
>> Jon McAlexander
>> Asst Vice President
>>
>> Middleware Product Engineering
>> Enterprise CIO | Platform Services | Middleware | Infrastructure Solutions
>>
>> 8080 Cobblestone Rd | Urbandale, IA 50322
>> MAC: F4469-010
>> Tel 515-988-2508 | Cell 515-988-2508
>>
>> jonmcalexander@wellsfargo.com
>>
>>
>> This message may contain confidential and/or privileged information. If
>> you are not the addressee or authorized to receive this for the addressee,
>> you must not use, copy, disclose, or take any action based on this message
>> or any information herein. If you have received this message in error,
>> please advise the sender immediately by reply e-mail and delete this
>> message. Thank you for your cooperation.
>>
>> -----Original Message-----
>> From: Mark Thomas <ma...@apache.org>
>> Sent: Tuesday, August 18, 2020 1:57 PM
>> To: users@tomcat.apache.org
>> Subject: Re: Login appears only once
>>
>> On 18/08/2020 19:45, Anwar AliKhan wrote:
>> > I rebooted the machine , then the login box appeared .
>> > Obviously this is not an ideal solution!
>>
>> Did you close the browser between tests?
>>
>> Mark
>>
>>
>> > On Tue, 18 Aug 2020, 19:07 Anwar AliKhan, <an...@gmail.com>
>> wrote:
>> >
>> >> Hi,
>> >> I deployed an app called tomee using the tomcat manager app.
>> >>
>> >> The first time I selected the app in the tomcat manager to run it.
>> >> a login appeared asking for username and password.
>> >>
>> >> I had not set it up. So it took me to the 403 page .
>> >>
>> >> Now I have set up tomee-admin user.
>> >>
>> >> I stopped restarted tomcat for it to register the contents of
>> >> tomcat-users.xml I no longer get the login Box. It goes straight to
>> >> the 403 page.
>> >>
>> >> *what is the problem ? Thanks for your help*
>> >>
>> >>
>> >>
>> >> <role rolename="manager-gui"/>
>> >> <!-- Activate/create these lines to get access to TomEE GUI --> <role
>> >> rolename="tomee-admin" /> <user username="tomcat" password="s3cret"
>> >> roles="manager-gui"/> <user username="admin" password=""
>> >> roles="manager"/> <user username="tomee" password="tomee"
>> >> roles="tomee-admin" /> HTTP Status 403 – Forbidden
>> >> ------------------------------
>> >>
>> >> *Type* Status Report
>> >>
>> >> *Message* Access to the requested resource has been denied
>> >>
>> >> *Description* The server understood the request but refuses to
>> >> authorize it.
>> >> ------------------------------
>> >> Apache Tomcat/9.0.37
>> >>
>> >
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>
Re: Login appears only once
Posted by Anwar AliKhan <an...@gmail.com>.
*This works*
curl -u tomcat:tomcat http://localhost:8080/host-manager/text/list
OK - Listed hosts
[localhost]:[]
I have rebooted and restarted the browser.
*BUT with the same tomcat-users.xml *
*It is now going straight to 401.*
*with all three URL*
*http://localhost:8080/manager/status
<http://localhost:8080/manager/status>*
http://localhost:8080/manager/html
http://localhost:8080/host-manager/html
*tomcat-usersxml*
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="admin-gui"/>
<role rolename="tomee-admin" /> <!-- Activate/create these lines to get
access to TomEE GUI -->
<role rolename="manager"/>
<user username="tomcat" password="tomcat"
roles="manager-gui,admin-script,admin-gui,tomee-admin,manager"/>
401 Unauthorized
You are not authorized to view this page. If you have not changed any
configuration files, please examine the file conf/tomcat-users.xml in your
installation. That file must contain the credentials to let you use this
webapp.
For example, to add the manager-gui role to a user named tomcat with a
password of s3cret, add the following to the config file listed above.
<role rolename="manager-gui"/>
<user username="tomcat" password="s3cret" roles="manager-gui"/>
Note that for Tomcat 7 onwards, the roles required to use the manager
application were changed from the single manager role to the following four
roles. You will need to assign the role(s) required for the functionality
you wish to access.
manager-gui - allows access to the HTML GUI and the status pages
manager-script - allows access to the text interface and the status pages
manager-jmx - allows access to the JMX proxy and the status pages
manager-status - allows access to the status pages only
The HTML interface is protected against CSRF but the text and JMX
interfaces are not. To maintain the CSRF protection:
Users with the manager-gui role should not be granted either the
manager-script or manager-jmx roles.
If the text or jmx interfaces are accessed through a browser (e.g. for
testing since these interfaces are intended for tools not humans) then the
browser must be closed afterwards to terminate the session.
<http://www.backbutton.co.uk/>
On Tue, 18 Aug 2020, 20:46 , <jo...@wellsfargo.com.invalid> wrote:
> I was going to say it sounds like a persistent cookie...
>
>
> Dream * Excel * Explore * Inspire
> Jon McAlexander
> Asst Vice President
>
> Middleware Product Engineering
> Enterprise CIO | Platform Services | Middleware | Infrastructure Solutions
>
> 8080 Cobblestone Rd | Urbandale, IA 50322
> MAC: F4469-010
> Tel 515-988-2508 | Cell 515-988-2508
>
> jonmcalexander@wellsfargo.com
>
>
> This message may contain confidential and/or privileged information. If
> you are not the addressee or authorized to receive this for the addressee,
> you must not use, copy, disclose, or take any action based on this message
> or any information herein. If you have received this message in error,
> please advise the sender immediately by reply e-mail and delete this
> message. Thank you for your cooperation.
>
> -----Original Message-----
> From: Mark Thomas <ma...@apache.org>
> Sent: Tuesday, August 18, 2020 1:57 PM
> To: users@tomcat.apache.org
> Subject: Re: Login appears only once
>
> On 18/08/2020 19:45, Anwar AliKhan wrote:
> > I rebooted the machine , then the login box appeared .
> > Obviously this is not an ideal solution!
>
> Did you close the browser between tests?
>
> Mark
>
>
> > On Tue, 18 Aug 2020, 19:07 Anwar AliKhan, <an...@gmail.com>
> wrote:
> >
> >> Hi,
> >> I deployed an app called tomee using the tomcat manager app.
> >>
> >> The first time I selected the app in the tomcat manager to run it.
> >> a login appeared asking for username and password.
> >>
> >> I had not set it up. So it took me to the 403 page .
> >>
> >> Now I have set up tomee-admin user.
> >>
> >> I stopped restarted tomcat for it to register the contents of
> >> tomcat-users.xml I no longer get the login Box. It goes straight to
> >> the 403 page.
> >>
> >> *what is the problem ? Thanks for your help*
> >>
> >>
> >>
> >> <role rolename="manager-gui"/>
> >> <!-- Activate/create these lines to get access to TomEE GUI --> <role
> >> rolename="tomee-admin" /> <user username="tomcat" password="s3cret"
> >> roles="manager-gui"/> <user username="admin" password=""
> >> roles="manager"/> <user username="tomee" password="tomee"
> >> roles="tomee-admin" /> HTTP Status 403 – Forbidden
> >> ------------------------------
> >>
> >> *Type* Status Report
> >>
> >> *Message* Access to the requested resource has been denied
> >>
> >> *Description* The server understood the request but refuses to
> >> authorize it.
> >> ------------------------------
> >> Apache Tomcat/9.0.37
> >>
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
RE: Login appears only once
Posted by jo...@wellsfargo.com.INVALID.
I was going to say it sounds like a persistent cookie...
Dream * Excel * Explore * Inspire
Jon McAlexander
Asst Vice President
Middleware Product Engineering
Enterprise CIO | Platform Services | Middleware | Infrastructure Solutions
8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel 515-988-2508 | Cell 515-988-2508
jonmcalexander@wellsfargo.com
This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation.
-----Original Message-----
From: Mark Thomas <ma...@apache.org>
Sent: Tuesday, August 18, 2020 1:57 PM
To: users@tomcat.apache.org
Subject: Re: Login appears only once
On 18/08/2020 19:45, Anwar AliKhan wrote:
> I rebooted the machine , then the login box appeared .
> Obviously this is not an ideal solution!
Did you close the browser between tests?
Mark
> On Tue, 18 Aug 2020, 19:07 Anwar AliKhan, <an...@gmail.com> wrote:
>
>> Hi,
>> I deployed an app called tomee using the tomcat manager app.
>>
>> The first time I selected the app in the tomcat manager to run it.
>> a login appeared asking for username and password.
>>
>> I had not set it up. So it took me to the 403 page .
>>
>> Now I have set up tomee-admin user.
>>
>> I stopped restarted tomcat for it to register the contents of
>> tomcat-users.xml I no longer get the login Box. It goes straight to
>> the 403 page.
>>
>> *what is the problem ? Thanks for your help*
>>
>>
>>
>> <role rolename="manager-gui"/>
>> <!-- Activate/create these lines to get access to TomEE GUI --> <role
>> rolename="tomee-admin" /> <user username="tomcat" password="s3cret"
>> roles="manager-gui"/> <user username="admin" password=""
>> roles="manager"/> <user username="tomee" password="tomee"
>> roles="tomee-admin" /> HTTP Status 403 – Forbidden
>> ------------------------------
>>
>> *Type* Status Report
>>
>> *Message* Access to the requested resource has been denied
>>
>> *Description* The server understood the request but refuses to
>> authorize it.
>> ------------------------------
>> Apache Tomcat/9.0.37
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Login appears only once
Posted by Mark Thomas <ma...@apache.org>.
On 18/08/2020 19:45, Anwar AliKhan wrote:
> I rebooted the machine , then the login box appeared .
> Obviously this is not an ideal solution!
Did you close the browser between tests?
Mark
> On Tue, 18 Aug 2020, 19:07 Anwar AliKhan, <an...@gmail.com> wrote:
>
>> Hi,
>> I deployed an app called tomee using the tomcat manager app.
>>
>> The first time I selected the app in the tomcat manager to run it.
>> a login appeared asking for username and password.
>>
>> I had not set it up. So it took me to the 403 page .
>>
>> Now I have set up tomee-admin user.
>>
>> I stopped restarted tomcat for it to register the contents of
>> tomcat-users.xml
>> I no longer get the login Box. It goes straight to the 403 page.
>>
>> *what is the problem ? Thanks for your help*
>>
>>
>>
>> <role rolename="manager-gui"/>
>> <!-- Activate/create these lines to get access to TomEE GUI -->
>> <role rolename="tomee-admin" />
>> <user username="tomcat" password="s3cret" roles="manager-gui"/>
>> <user username="admin" password="" roles="manager"/>
>> <user username="tomee" password="tomee" roles="tomee-admin" />
>> HTTP Status 403 – Forbidden
>> ------------------------------
>>
>> *Type* Status Report
>>
>> *Message* Access to the requested resource has been denied
>>
>> *Description* The server understood the request but refuses to authorize
>> it.
>> ------------------------------
>> Apache Tomcat/9.0.37
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Login appears only once
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Anwar,
On 8/18/20 14:45, Anwar AliKhan wrote:
> I rebooted the machine , then the login box appeared . Obviously
> this is not an ideal solution!
Which machine did you reboot? The Tomcat server or your own client
(browser)? Neither was necessary to get a login page.
Was the password you entered into tomcat-users.xml the same one you
provided when you first entered your username and password?
Sometimes, browsers don't bother to re-request pages when they think
they know the answer to the query (403). So maybe this was a
browser-cache issue? SHIFT-CTRL-R / SHIFT-CMD-R to fully-reload maybe?
- -chris
> On Tue, 18 Aug 2020, 19:07 Anwar AliKhan,
> <an...@gmail.com> wrote:
>
>> Hi, I deployed an app called tomee using the tomcat manager app.
>>
>> The first time I selected the app in the tomcat manager to run
>> it. a login appeared asking for username and password.
>>
>> I had not set it up. So it took me to the 403 page .
>>
>> Now I have set up tomee-admin user.
>>
>> I stopped restarted tomcat for it to register the contents of
>> tomcat-users.xml I no longer get the login Box. It goes straight
>> to the 403 page.
>>
>> *what is the problem ? Thanks for your help*
>>
>>
>>
>> <role rolename="manager-gui"/> <!-- Activate/create these lines
>> to get access to TomEE GUI --> <role rolename="tomee-admin" />
>> <user username="tomcat" password="s3cret" roles="manager-gui"/>
>> <user username="admin" password="" roles="manager"/> <user
>> username="tomee" password="tomee" roles="tomee-admin" /> HTTP
>> Status 403 – Forbidden ------------------------------
>>
>> *Type* Status Report
>>
>> *Message* Access to the requested resource has been denied
>>
>> *Description* The server understood the request but refuses to
>> authorize it. ------------------------------ Apache
>> Tomcat/9.0.37
>>
>
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl88XGQACgkQHPApP6U8
pFjtuxAAk7SmX3BVXXrIeJWkANJ0gaef3zmX48nIgewIJMsmQJIZx8Ax05dClaqM
F0S5kErMyba8OSo2R/5n1b3R0qCGIB3aFmStqTFY83Uw/cYrpRZA8mfgicvpNPZG
He6FBaUoDnRcZbuSpD8jRGnFQpt+gXVD5cNjg4TFd8pOijS0eZo+MtLEGI34iPed
fgY7ZFYuDKXge23fWhbeOH25fnEc+4KBivUbTAH34zlBTmRFb2lZxorq9s1rxl+r
ioO/mkTk/1ml9e+eGj3hPcUaY0bLuZhIEKjOw5p2jMlPbFNJDGJMpoBOUCNRJaxH
RlStmedLTHSlr2zT9Q/jqKfybacTN8ERIxTkhuBW9smBY/fAIo2UYnQS7Rma6U0w
8bN0NLAN/YNz4E3qg9F1Af0DX28gSGlRiL7mbDDjqWwJtT5rjKUpKHf65SqAoMq1
jU2edaQYpdX7wHgI9PT+omUcyRQwOPLn5Cawv7FKyGTA1hiO+DihW10UwlnmAO1s
P+dUvP/VA1c90y1FWelO1RS3wu9ElwetMp1hmv5cUkE37EKEVVmZoQY58cFvh+JD
kISgXgqVMfXqAb3lmvzLgUlk4rjVKA5v/ikad0bfQCjf8IoMcJnEB1HSArilmgeO
Yn0B0Ib+Aw3dsUKGn0fjcATg0TvW8a6YucKWOlOod04OGT7hGfs=
=G8E6
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Login appears only once
Posted by Anwar AliKhan <an...@gmail.com>.
I rebooted the machine , then the login box appeared .
Obviously this is not an ideal solution!
On Tue, 18 Aug 2020, 19:07 Anwar AliKhan, <an...@gmail.com> wrote:
> Hi,
> I deployed an app called tomee using the tomcat manager app.
>
> The first time I selected the app in the tomcat manager to run it.
> a login appeared asking for username and password.
>
> I had not set it up. So it took me to the 403 page .
>
> Now I have set up tomee-admin user.
>
> I stopped restarted tomcat for it to register the contents of
> tomcat-users.xml
> I no longer get the login Box. It goes straight to the 403 page.
>
> *what is the problem ? Thanks for your help*
>
>
>
> <role rolename="manager-gui"/>
> <!-- Activate/create these lines to get access to TomEE GUI -->
> <role rolename="tomee-admin" />
> <user username="tomcat" password="s3cret" roles="manager-gui"/>
> <user username="admin" password="" roles="manager"/>
> <user username="tomee" password="tomee" roles="tomee-admin" />
> HTTP Status 403 – Forbidden
> ------------------------------
>
> *Type* Status Report
>
> *Message* Access to the requested resource has been denied
>
> *Description* The server understood the request but refuses to authorize
> it.
> ------------------------------
> Apache Tomcat/9.0.37
>