You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2010/05/23 12:41:25 UTC

svn commit: r947395 - in /tomcat/trunk/webapps/manager: 403.jsp WEB-INF/web.xml

Author: markt
Date: Sun May 23 10:41:25 2010
New Revision: 947395

URL: http://svn.apache.org/viewvc?rev=947395&view=rev
Log:
Add a 403 page. If the user tries to use the old manager role, they'll get a 403.

Added:
    tomcat/trunk/webapps/manager/403.jsp   (with props)
Modified:
    tomcat/trunk/webapps/manager/WEB-INF/web.xml

Added: tomcat/trunk/webapps/manager/403.jsp
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/manager/403.jsp?rev=947395&view=auto
==============================================================================
--- tomcat/trunk/webapps/manager/403.jsp (added)
+++ tomcat/trunk/webapps/manager/403.jsp Sun May 23 10:41:25 2010
@@ -0,0 +1,71 @@
+<%--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+--%>
+<%
+  response.setHeader("WWW-Authenticate", "Basic realm=\"Tomcat Manager Application\"");
+%>
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+ <head>
+  <title>403 Access Denied</title>
+  <style type="text/css">
+    <!--
+    BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;font-size:12px;}
+    H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;}
+    PRE, TT {border: 1px dotted #525D76}
+    A {color : black;}A.name {color : black;}
+    -->
+  </style>
+ </head>
+ <body>
+   <h1>403 Access Denied</h1>
+   <p>
+    You are not authorized to view this page. If you have not changed
+    any configuration files, please examine the file
+    <tt>conf/tomcat-users.xml</tt> in your installation. That
+    file must contain the credentials to let you use this webapp.
+   </p>
+   <p>
+    For example, to add the <tt>manager-gui</tt> role to a user named
+    <tt>tomcat</tt> with a password of <tt>s3cret</tt>, add the following to the
+    config file listed above.
+   </p>
+<pre>
+&lt;role rolename="manager-gui"/&gt;
+&lt;user username="tomcat" password="s3cret" roles="manager-gui"/&gt;
+</pre>
+   <p>
+    Note that for Tomcat 7 onwards, the roles required to use the manager
+    application were changed from the single <tt>manager</tt> role to the
+    following four roles. You will need to assign the role(s) required for
+    the functionality you wish to access.
+   </p>
+    <ul>
+      <li><tt>manager-gui</tt> - allows access to the HTML GUI and the status
+          pages</li>
+      <li><tt>manager-script</tt> - allows access to the text interface and the
+          status pages</li>
+      <li><tt>manager-jmx</tt> - allows access to the JMX proxy and the status
+          pages</li>
+      <li><tt>manager-status</tt> - allows access to the status pages only</li>
+    </ul>
+   <p>
+    For more information - please see the
+    <a href="/docs/manager-howto.html">Manager App HOW-TO</a>.
+   </p>
+ </body>
+
+</html>

Propchange: tomcat/trunk/webapps/manager/403.jsp
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: tomcat/trunk/webapps/manager/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/manager/WEB-INF/web.xml?rev=947395&r1=947394&r2=947395&view=diff
==============================================================================
--- tomcat/trunk/webapps/manager/WEB-INF/web.xml (original)
+++ tomcat/trunk/webapps/manager/WEB-INF/web.xml Sun May 23 10:41:25 2010
@@ -176,6 +176,10 @@
     <location>/401.jsp</location>
   </error-page>
   <error-page>
+    <error-code>403</error-code>
+    <location>/403.jsp</location>
+  </error-page>
+  <error-page>
     <error-code>404</error-code>
     <location>/404.jsp</location>
   </error-page>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org