Apache Tomcat manager Apps Forbidden error

             Apache Tomcat manager Apps Forbidden error

When we install Apache tomcat on the server and try to access manager gui apps . It doesn’t allow access and gives forbidden error. It indicate that either you typed 3+ incorrect credentials (try another web-browser) or you’ve some problem with configuration.

To resolve this issue we need to do below changes in Apache tomcat configuration files.

  1. Create user role to access tomcat manager web apps.

You can find the role names in the web.xml file of the Manager web application. The available roles are:

  • manager-gui — Access to the HTML interface.
  • manager-status — Access to the “Server Status” page only.
  • manager-script — Access to the tools-friendly plain text interface.
  • manager-jmx — Access to JMX proxy interface and to the “Server Status” page.

please examine the file conf/tomcat-users.xml , to add the manager-gui role to a user named admin with a password of sun123, add the following to the config file as below…

 <role rolename=”manager-gui”/>

<user username=”admin” password=”sun123″ roles=”manager-gui”/>

forbiden_html_dd9ef0f

 

2) When we install Apache Tomcat, manager web apps only accessible for localhost(127.0.0.1). So enable access for particular IP or IP range in your network.

# Edit conext.xml file and make configuration changes as below:

Add your machine IP address..Here in example I have added my machine IP address(172.16.60.120)

# vi webapps/manager/META-INF/context.xml

<Context antiResourceLocking=”false” privileged=”true” >

<Valve className=”org.apache.catalina.valves.RemoteAddrValve”

allow=”172\.16\.60\.120|127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1″ />

</Context>

forbiden_html_288456f2

Once above configuration changes done shutdown and start Tomcat service.

# cd bin/

# sh shutdown.sh

# sh startup.sh

Now when you access manager web apps .It will ask you user login credentials.

forbiden_html_449c97f7

 

 

Leave a comment

Your email address will not be published.


*