5

I am unable to view the server status and Manager App page in Tomcat.

enter image description here

Though I configured the username and password in tomcat-users.xml,it doesn't accept the combination and shows this message :

401 Unauthorized

You are not authorized to view this page. If you have not changed any configuration  files, please examine the file conf/tomcat-users.xml in your installation. That file must contain the credentials to let you use this webapp.

For example, to add the manager-gui role to a user named tomcat with a password of s3cret, add the following to the config file listed above.

<role rolename="manager-gui"/>
<user username="tomcat" password="s3cret" roles="manager-gui"/>

Note that for Tomcat 7 onwards, the roles required to use the manager application were changed from the single manager role to the following four roles. You will need to assign the role(s) required for the functionality you wish to access.

manager-gui - allows access to the HTML GUI and the status pages
manager-script - allows access to the text interface and the status pages
manager-jmx - allows access to the JMX proxy and the status pages
manager-status - allows access to the status pages only

The HTML interface is protected against CSRF but the text and JMX interfaces are not. To maintain the CSRF protection:

Users with the manager-gui role should not be granted either the manager-script or manager-jmx roles.
If the text or jmx interfaces are accessed through a browser (e.g. for testing since these interfaces are intended for tools not humans) then the browser must be closed afterwards to terminate the session.

I edited tomcat-users.xml as :

  <tomcat-users>
  <role rolename="admin"/>
  <role rolename="admin-gui"/>
  <role rolename="manager"/>
  <role rolename="manager-gui"/>
  <user username="suhail" password="suhail" roles="admin,admin-gui,manager,manager-gui"/>
  </tomcat-users>

I put the username and password as suhail. Why doesn't it accept the combination ?

Suhail Gupta
  • 22,386
  • 64
  • 200
  • 328
  • Try this http://stackoverflow.com/a/11080899/1140748 – alain.janinm Jul 23 '12 at 11:34
  • @alain.janinm I am having the same problem . My `tomcat-users.xml` looks like [this] [This is what my tomcat-users.xml looks like](http://i48.tinypic.com/5eifr7.jpg)) – Suhail Gupta Jul 23 '12 at 12:03
  • Maybe you have an other application already running on the same port as Tomcat. Try to change the port of tomcat (8081 for example). Or kill the process running at port 8080. You can find if something is running on a port using `sudo netstat -lnp | grep `(ubuntu). – alain.janinm Jul 23 '12 at 12:16
  • @alain.janinm Can you tell the same for windows ? – Suhail Gupta Jul 23 '12 at 12:18
  • No sorry I never use Windows. Just try to change Tomcat port it's easier (in server.xml). – alain.janinm Jul 23 '12 at 12:21
  • For Windows: `netstat -ano` See if port 8080 is being used. – Hoogles Jul 23 '12 at 13:38
  • @alain.janinm Though the port 8080 was free,still I changed it to 8081.But I doesn't accept the combination – Suhail Gupta Jul 23 '12 at 13:49
  • @SuhailGupta Are you sure the tomcat-users.xml you've edited is in the folder referenced by $CATALINA_HOME? – alain.janinm Jul 23 '12 at 14:30
  • Check to see if your server.xml file is pointing to your tomcat-users.xml file properly. You should have the realm defined like this: `` and under you should have something like this: `` – Hoogles Jul 23 '12 at 14:38
  • @alain.janinm yes ! I spotted the problem. See my answer :) – Suhail Gupta Jul 23 '12 at 15:49
  • in my case i had tomcat server installation and netbeans tomcat so i was accessing the wrong port thats why the password is wrong always so i opened server.xml and made sure of the install directory and port of tomcat – shareef Jun 29 '14 at 07:10

6 Answers6

6

I also struggled a lot. This one worked for me. Copy paste the below to tomcat-users.xml

<?xml version='1.0' encoding='utf-8'?>

<tomcat-users>
<role rolename="tomcat"/>
<role rolename="role1"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="both" password="tomcat" roles="tomcat,role1"/>
<user username="role1" password="tomcat" roles="role1"/>
 -->
<role rolename="manager-gui" />
<user username="jeril" password="1" roles="manager-gui"/>
</tomcat-users>
Jeril Kuruvila
  • 17,190
  • 1
  • 20
  • 23
2

add the below line in your tomcat-users.xml to check server status and manager app.

<user username="username" password="password" roles="admin-gui,manager-gui"/>
Koti
  • 131
  • 4
0

copy paste below lines in your tomcat-user.xml and change the username and password

 <?xml version='1.0'?>
 <tomcat-users>
       <user name="username" password="password" roles="admin-gui,manager-gui" />
 </tomcat-users>

restart tomcat

Koti
  • 131
  • 4
amicngh
  • 7,831
  • 3
  • 35
  • 54
0

I was starting the server Tomcat from my IDE (Netbeans). So,I had to change the configuration from Netbeans settings :

enter image description here

Now it works as expected !

Suhail Gupta
  • 22,386
  • 64
  • 200
  • 328
0

This worked for me... you just have to watch out when you setting up your user roles. Some user roles can not use the same username.

For example:

Users with the manager-gui role should not be granted either the manager-script or manager-jmx roles. If the text or jmx interfaces are accessed through a browser (e.g. for testing since these interfaces are intended for tools not humans) then the browser must be closed afterwards to terminate the session.

Users with the admin-gui role should not be granted the admin-script role. If the text interface is accessed through a browser (e.g. for testing since this interface is intended for tools not humans) then the browser must be closed afterwards to terminate the session.

So this is what I did and I was able to view all three Server Status, Manager App, Host manager

I hope this help you..

<tomcat-users>
    <role rolename="admin-gui"/>
    <role rolename="manager-gui" />
    <user username="Your User Name" password="Your Password" roles="manager-gui, admin-gui"/>
</tomcat-users>

Make sure you shutdown tomcat and restart it again!!!

Eric Huang
  • 1,114
  • 3
  • 22
  • 43
0

FYI: I encountered the same 401 error (in Tomcat 7) but it was based on a completely different problem that stemmed from copying and pasting tomcat-users.xml definitions from the web: There are two types of double quotation marks (different Unicode characters) that look almost the same and therefore I overlooked this problem for hours!

One type of double quotation mark (the one that works) is the straight type " (Unicode character U+0022), the other one (that does not work) is the bent or curly or italic or 'right side' type ” (Unicode character U+201D).

My login worked flawlessly after replacing the incorrect double quotation marks with correct ones.

The clue that made me find this problem was looking at catalina.out that reported the following error (Note: In my tomcat-users.xml file, I deleted all commentary to make sure I was dealing with plain XML statements while isolating the problem): 

SEVERE: Parse Fatal Error at line 4 column 18: Open quote is expected for attribute "{1}" associated with an  element type  "rolename".

My login worked flawlessly after replacing the incorrect quotation marks.

nugai
  • 1