Tomcat8远程访问manager,host-manager被拒绝403

时间:2021-03-27 08:28:16

Tomcat部署在服务器之后在服务器本地访问manager和host-manager成功(即127.0.0.1:8080或者localhost:8080),但使用测试主机访问tomcat的manager和host-manager时候,提示403,及如下页面Tomcat8远程访问manager,host-manager被拒绝403

首先需要修改tomcat/conf/tomcat-users.xml的用户权限修改为:

<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<user username="admin" password="1234" roles="admin-gui,manager-gui"/>

其次修改tomcat/webapps/host-manager/META-INF/context.xml和tomcat/webapps/manager/META-INF/context.xml,原始代码为:

<Context antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
<Manager sessionAttributeValueClassNameFilter="java\.lang\.(?:Boolean|Integer|Long|Number|String)|org\.apache\.catalina\.filters\.CsrfPreventionFilter\$LruCache(?:\$1)?|java\.util\.(?:Linked)?HashMap"/>
</Context>

修改为:

<Context antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="^.*$" />
<Manager sessionAttributeValueClassNameFilter="java\.lang\.(?:Boolean|Integer|Long|Number|String)|org\.apache\.catalina\.filters\.CsrfPreventionFilter\$LruCache(?:\$1)?|java\.util\.(?:Linked)?HashMap"/>
</Context>

修改完成后不用重启tomcat,再进行远程访问,即可