You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2018/09/13 09:27:38 UTC

[Bug 62714] 403 access denied connection reset and csrf for new install after creating user

https://bz.apache.org/bugzilla/show_bug.cgi?id=62714

Mark Thomas <ma...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |INVALID
                 OS|                            |All

--- Comment #1 from Mark Thomas <ma...@apache.org> ---
Look in the log files. In a default install
$CATALINA_BADE/logs/manager.yyyy-mm-dd.log will contain the error message and
associated stack trace.

Tomcat is also sending an appropriate HTTP response (including a helpful error
message) to the client. This has been confirmed with Wireshark. That the user
agent fails to display it is an issue with the user agent, not with Tomcat.

Tomcat's behaviour when you try and reload is also correct. The CSRF protection
engages and the appropriate error page is returned to the user agent.

If you follow the installation documentation for OpenMaint you won't hit this
issue as the OpenMaint installation documentation uses a different deployment
method (direct copying on the file system).

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org