18

我正在尝试登录 tomcat manager 应用程序,但无法在 tomcat-users.xml 中成功创建登录用户。最初的内容是这样的:

<?xml version="1.0" encoding="UTF-8"?>
<!--
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
--><tomcat-users>
<!--
  NOTE:  By default, no user is included in the "manager-gui" role required
  to operate the "/manager/html" web application.  If you wish to use this app,
  you must define such a user - the username and password are arbitrary.
-->
<!--
  NOTE:  The sample user and role entries below are wrapped in a comment
  and thus are ignored when reading this file. Do not forget to remove
  <!.. ..> that surrounds them.
-->
<!--
  <role rolename="tomcat"/>
  <role rolename="role1"/>
  <user username="tomcat" password="tomcat" roles="tomcat"/>
  <user username="both" password="tomcat" roles="tomcat,role1"/>
  <user username="role1" password="tomcat" roles="role1"/>
-->
</tomcat-users>

在官方页面上阅读我这样修改了文件,但没有结果。

<?xml version="1.0" encoding="utf-8"?>
<tomcat-users>
  <role rolename="manager-gui"/>
  <role rolename="manager-status"/>
  <role rolename="manager-script"/>
  <role rolename="manager-jmx"/>
  <user username="admin" password="admin" roles="manager-gui"/>
</tomcat-users>
4

5 回答 5

31

看来这是正确的配置。注意不要用空格分隔角色!

<?xml version="1.0" encoding="UTF-8"?>
<tomcat-users>  
  <role rolename="manager-gui"/>
  <role rolename="manager-script"/>
  <role rolename="manager-jmx"/>
  <role rolename="manager-status"/>
  <role rolename="admin-gui"/>
  <role rolename="admin-script"/>
  <user username="admin" password="admin" roles="manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script"/>
</tomcat-users>
于 2013-02-23T18:03:08.433 回答
9

接受的答案在一个细节上是错误的,但非常重要 - 管理员角色之间不应有任何空格,因为此列表应以逗号分隔(如此处指出的Tomcat 7 Manager can't login)。我只是遇到了同样的问题并以同样的方式解决了它。

所以,而不是这个(如一些答案中所建议的:

<user username="admin" password="admin" roles="manager-gui, manager-script, manager-jmx, manager-status, admin-gui, admin-script"/>

它必须是这样的:

  <user username="admin" password="admin" roles="manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script"/>

所以总的来说它应该是这样的:

<?xml version="1.0" encoding="UTF-8"?>
<tomcat-users>
  <role rolename="manager-gui"/>
  <role rolename="manager-script"/>
  <role rolename="manager-jmx"/>
  <role rolename="manager-status"/>
  <role rolename="admin-gui"/>
  <role rolename="admin-script"/>
  <user username="admin" password="admin" roles="manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script"/>
</tomcat-users>
于 2014-06-09T10:52:04.363 回答
6

您不应将 manager-gui 角色与 manager-script 或 -jmx 角色结合使用,因为这会损害跨站点脚本保护。最后的经理角色不能像 gui 角色那样受到保护。

于 2013-07-31T14:10:38.523 回答
2

您是否在 conf 文件夹的 server.xml 中配置了数据库领域?默认 server.xml 已经设置了 UserDatabase 资源,因此如果您更改了该资源,那么无论您如何设置 tomcat-user xml,您都将无法进行身份验证。

在 conf/server.xml 文件中... 在 GlobalNamingResource 标记中定义一个 Resource 以使用 MemoryUserDatabaseFactory 并在您的 Engine 中定义一个 Realm 以使用 UserDatabaseRealm。只需打开原始 server.xml(我使用的是 tomcat 7.0.62)并搜索这些名称,您就会看到配置。根据您的应用和需求,您可能需要进行其他更改。

于 2015-09-18T18:43:11.843 回答
0

您已添加管理员角色用户以访问此功能。对于这个编辑tomcat-users.xml文件, apache-tomcat-7.0.56-windows-x64\apache-tomcat-7.0.56\conf如果你在 Windows 上。搜索<role rolename= >线。这可能会被评论。添加此代码:-

<role rolename="manager-gui"/>
<user username="your-user-name" password="your-password" roles="manager-gui,manager-script"/>
于 2014-12-09T05:34:22.463 回答