Tomcat 9訪問 Host Manager

 

Tomcat 9訪問 Host Manager

標籤： tomcat host manager

2017年03月15日 10:46:392030人閱讀 評論(0) 收藏 舉報

 分類：

tomcat

版權聲明：本文爲博主原創文章，未經博主容許不得轉載。 https://blog.csdn.net/so_geili/article/details/62216478

第一步：下載tomcat。

因爲機器環境是win7 旗艦版 64位，因此選擇下載64-bit windows .zip。

Tomcat 9.0是綠色版，解壓完成就可使用。在tomcat主目錄下的bin目錄中，雙擊startup.bat文件就可以啓動tomcat服務。而後在瀏覽器的地址欄中輸入： localhost:8080，回車。成功訪問tomcat。效果以下：

可以清楚的看到，有三個能夠訪問的連接。點擊時須要用戶名和密碼。如今沒法訪問。

• Server Status
• Manager App
• Host Manager

 

第二步：配置tomcat-users.xml 文件

在主目錄的cong文件夾下找到tomcat-users.xml 文件中配置用戶角色：

針對第三個按鈕「Host Manager」，配置角色時必定把角色配全。修改tomcat-users.xml 文件，加入以下代碼：

 

[html] view plain copy

1. <role rolename="admin-gui"/>  
2. <role rolename="manager-gui"/>    
3. <user username="tomcat" password="s3cret" roles="admin-gui,manager-gui"/>  

配置tomcat-users.xml文件後，從新啓動tomcat服務。在瀏覽器的地址欄中輸入： localhost:8080，回車。成功訪問tomcat，點擊要訪問的 「Host Manager」在彈出的「身份驗證」框中輸入用戶名：tomcat，密碼：s3cret，點擊登陸按鈕。效果以下：

而後就能夠順利訪問「Host  Manager」了。

如下內容能夠忽略。

--------------------------------------------------------------------------------------------------

 

• Server Status
• Manager App
• Host Manager

 

• 前兩個按鈕和manager相關，具體角色名爲
  • manager-gui - allows access to the HTML GUI and the status pages
  • manager-script - allows access to the text interface and the status pages
  • manager-jmx - allows access to the JMX proxy and the status pages
  • manager-status - allows access to the status pages only
• 第三個按鈕和admin相關，具體角色名爲
  •     admin-gui - allows access to the HTML GUI and the status pages
  •     admin-script - allows access to the text interface and the status pages

因此在 tomcat-users.xml 若是不注重安全性，只是測試用的話，對應部分能夠簡單地寫成下面這個樣子：

---------------------------------

  <role rolename="admin"/>
  <role rolename="manager-script"/>
  <role rolename="manager-gui"/>
  <role rolename="manager-jmx"/>
  <role rolename="manager-status"/>
  <role rolename="admin-gui"/>
  <role rolename="admin-script"/>

  <user username="admin" password="admin" roles="manager-gui,manager-script,manager-jmx,manager-status,admin-gui,admin-script"/>

---------------------------------

 

不少網頁沒說到第三個按鈕針對的角色。不添加admin-gui和admin-script的話，第三個按鈕就會出現訪問被拒絕的問題（access denied ....）。

詳細說明能夠參考 Tomcat 的文檔（http://tomcat.apache.org/migration.html#Manager_application）：

 

Manager application

The Manager application has been re-structured for Tomcat 7 onwards and some URLs have changed. All URLs used to access the Manager application should now start with one of the following options: <ContextPath>/html for the HTML GUI <ContextPath>/text for the text interface <ContextPath>/jmxproxy for the JMX proxy <ContextPath>/status for the status pages Note that the URL for the text interface has changed from "<ContextPath>" to "<ContextPath>/text". The roles required to use the Manager application were changed from the singlemanager role to the following four roles. You will need to assign the role(s) required for the functionality you wish to access. manager-gui - allows access to the HTML GUI and the status pages manager-script - allows access to the text interface and the status pages manager-jmx - allows access to the JMX proxy and the status pages manager-status - allows access to the status pages only The HTML interface is protected against CSRF but the text and JMX interfaces are not. To maintain the CSRF protection: users with the manager-gui role should not be granted either the manager-script ormanager-jmx roles. if the text or jmx interfaces are accessed through a browser (e.g. for testing since these interfaces are intended for tools not humans) then the browser must be closed afterwards to terminate the session. The roles command has been removed from the Manager application since it did not work with the default configuration and most Realms do not support providing a list of roles.

Host Manager application

The Host Manager application has been re-structured for Tomcat 7 onwards and some URLs have changed. All URLs used to access the Host Manager application should now start with one of the following options: <ContextPath>/html for the HTML GUI <ContextPath>/text for the text interface Note that the URL for the text interface has changed from "<ContextPath>" to "<ContextPath>/text". The roles required to use the Host Manager application were changed from the singleadmin role to the following two roles. You will need to assign the role(s) required for the functionality you wish to access. admin-gui - allows access to the HTML GUI and the status pages admin-script - allows access to the text interface and the status pages The HTML interface is protected against CSRF but the text interface is not. To maintain the CSRF protection: users with the admin-gui role should not be granted the admin-script role. if the text interface is accessed through a browser (e.g. for testing since this inteface is intended for tools not humans) then the browser must be closed afterwards to terminate the session.