403 access denied on tomcat 7.0.42

Remove the manager-script and add "manager-gui,manager-status".

To access the HTML interface, you need to have the manager-gui role, but you must NOT have the manager-script or manager-jmx roles.

<tomcat-users>
  <role rolename="manager-script"/>
  <role rolename="manager-gui"/>
  <role rolename="manager-jmx"/>
  <role rolename="manager-status"/>
  <user username="tomcat" password="tomcat" roles="manager-gui,manager-status"/>
</tomcat-users>

some information for you about roles from http://tomcat.apache.org/tomcat-7.0-doc/manager-howto.html

manager-gui — Access to the HTML interface.
manager-status — Access to the "Server Status" page only.
manager-script — Access to the tools-friendly plain text interface that is described in this document, and to the "Server Status" page.
manager-jmx — Access to JMX proxy interface and to the "Server Status" page.

Though the answer is already the correct answer, I think maybe someone will be confused about the usage of "manager-script".

The "manager-script" is for accessing the Tomcat Manager API without using Web pages.

For instance, the command below is for requesting undeploy function instead of clicking the undeploy button on Tomcat Manager web app.

curl http://localhost:8080/manager/text/undeploy?path=/app_name

403 access denied on tomcat 7.0.42

Tags:

Java

Apache

Tomcat

Netbeans

Related

Recent Posts