cancel
Showing results for 
Search instead for 
Did you mean: 

Unable to access tomcat manager

soumyakarmakar
Champ in-the-making
Champ in-the-making
Hi,
    I am able  to access the tomcat at http://10.129.151.171:8080
but not able login to Tomcat Manager with username tomcat and passwd tomcat.

The tomcat configuration file is as below:-

[root@dms ]# cat /opt/alfresco-4.0.d/tomcat/conf/tomcat-users.xml
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="manager"/>
<user username="tomcat" password="root123" roles="manager"/>
</tomcat-users>

Thanks,
Som.
10 REPLIES 10

jpotts
World-Class Innovator
World-Class Innovator
This is unlikely to be caused by something Alfresco-specific. Perhaps try an Apache Tomcat forum?

Also, in case it helps, I added the role and user to my tomcat-users.xml exactly as you've specified and it worked fine for me.

Good luck!

Jeff

mitpatoliya
Star Collaborator
Star Collaborator
your configuration is showing the password is root123. Smiley Happy
Try with that.This is the only configuration you require for the tomcat manger.
You should be able to access that.

munro43
Champ in-the-making
Champ in-the-making
Hi,

Please have a look at:
https://forums.alfresco.com/en/viewtopic.php?f=8&t=42597

Regards and thanks
Ronald Munjoma

muralidharand
Star Contributor
Star Contributor
Hi all,
I'm also facing the same issue with tomcat with alfresco 4.0.2 enterprise edition trial.

Here is my tomcat-user.xml

<role rolename="manager"/>
  <role rolename="manager-gui"/>
  <user username="admin" password="admin" roles="manager,manager-gui"/>
 
  <user username="tomcat" password="root123" roles="manager"/>
  <user username="CN=Alfresco Repository Client, OU=Unknown, O=Alfresco Software Ltd., L=Maidenhead, ST=UK, C=GB" roles="repoclient" password="null"/>
  <user username="CN=Alfresco Repository, OU=Unknown, O=Alfresco Software Ltd., L=Maidenhead, ST=UK, C=GB" roles="repository" password="null"/>


I tried with both admin and tocmat users and nothing worked out.
Please help me.

muralidharand
Star Contributor
Star Contributor
I found a workaround for this (ie) skipping the authentication part.
Don't try this in your production environment.
Go to alfresco/tomcat/webapps/manager/web-inf/web.xml file.

Comment out the <security-constraint> as mentioned below.

Restart your tomcat.

Now you should be able to access tomcat manager application without any authentication.


<!– Define a Security Constraint on this Application –>
  <!– <security-constraint>
    <web-resource-collection>
      <web-resource-name>Manager commands</web-resource-name>
      <url-pattern>/list</url-pattern>
      <url-pattern>/expire</url-pattern>
      <url-pattern>/sessions</url-pattern>
      <url-pattern>/start</url-pattern>
      <url-pattern>/stop</url-pattern>
      <url-pattern>/install</url-pattern>
      <url-pattern>/remove</url-pattern>
      <url-pattern>/deploy</url-pattern>
      <url-pattern>/undeploy</url-pattern>
      <url-pattern>/reload</url-pattern>
      <url-pattern>/save</url-pattern>
      <url-pattern>/serverinfo</url-pattern>
      <url-pattern>/roles</url-pattern>
      <url-pattern>/resources</url-pattern>
      <url-pattern>/findleaks</url-pattern>
    </web-resource-collection>
    <auth-constraint>
       
       <role-name>manager-script</role-name>
       <role-name>manager</role-name>
    </auth-constraint>
  </security-constraint>

  <security-constraint>
    <web-resource-collection>
      <web-resource-name>HTML Manager commands</web-resource-name>
      <url-pattern>/html/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
     
       <role-name>manager-gui</role-name>
       <role-name>manager</role-name>
    </auth-constraint>
  </security-constraint>

  <security-constraint>
    <web-resource-collection>
      <web-resource-name>JMX proxy</web-resource-name>
      <url-pattern>/jmxproxy/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      
       <role-name>manager-jmx</role-name>
       <role-name>manager</role-name>
    </auth-constraint>
  </security-constraint>

  <security-constraint>
    <web-resource-collection>
      <web-resource-name>Status</web-resource-name>
      <url-pattern>/status/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      
       <role-name>manager-status</role-name>
       <role-name>manager-gui</role-name>
       <role-name>manager-script</role-name>
       <role-name>manager-jmx</role-name>
       <role-name>manager</role-name>
    </auth-constraint>
  </security-constraint>–>


Hope this helps someone.

mike69d
Champ in-the-making
Champ in-the-making
I've got a better(IMHO) solution:

in alfresco/tomcat/conf/Catalina/localhost/manager.xml change the default <Context> element to the following:

<Context antiResourceLocking="false" privileged="true" useHttpOnly="true" override="true">
  <Valve className="org.apache.catalina.authenticator.BasicAuthenticator" securePagesWithPragma="false" />
</Context>

This would replace SSLAuthenticator with BasicAuthenticator just for the manager application while keeping it for the rest of the site, which should still keep the IE7&8 SSL download bug fixed.

Do the same for host-manager.xml if needed.

maeschenbrenner
Champ in-the-making
Champ in-the-making
HI

I'm using Alfresco Enterprise 4.1 vith Tomcat 6.0.35 and apply the folowing tomcat-user.xml content to make it work.

<tomcat-users>
<role rolename="manager-gui"/>
<role rolename="manager-status"/>
<role rolename="manager-jmx"/>
<role rolename="manager-script"/>

  <user username="CN=Alfresco Repository Client, OU=Unknown, O=Alfresco Software Ltd., L=Maidenhead, ST=UK, C=GB" roles="repoclient" password="null"/>
  <user username="CN=Alfresco Repository, OU=Unknown, O=Alfresco Software Ltd., L=Maidenhead, ST=UK, C=GB" roles="repository" password="null"/>
  <user username="admin" roles="admin" password="admin"/>
  <user username="manager" roles="manager,manager-gui,manager-status" password="manager"/>
  <user username="manager2" roles="manager-jmx,manager-script" password="manager"/>

</tomcat-users>
Hope it can help…

The previous indications makes "admin" and "manager"s accounts work fine but Alfresco accounts do not work anymore…

Seams that syntaxe used for alfresco users (CN=…, OU=… etc) does not accept role definitions.

My workaround : I have 2 config files. One is used for admin needs while users cannot access alfresco.

This is Ok only for Test, demos etc.

Does anyone get a solution allowing both profiles?

Thanks,

muralidharand
Star Contributor
Star Contributor
I tried the same thing before coming to alfresco forum in alfresco 4.0.2.
Let me check once again with 4.1.