101 lines
		
	
	
		
			4.3 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			101 lines
		
	
	
		
			4.3 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| <%--
 | |
|   Licensed to the Apache Software Foundation (ASF) under one or more
 | |
|   contributor license agreements.  See the NOTICE file distributed with
 | |
|   this work for additional information regarding copyright ownership.
 | |
|   The ASF licenses this file to You under the Apache License, Version 2.0
 | |
|   (the "License"); you may not use this file except in compliance with
 | |
|   the License.  You may obtain a copy of the License at
 | |
| 
 | |
|       http://www.apache.org/licenses/LICENSE-2.0
 | |
| 
 | |
|   Unless required by applicable law or agreed to in writing, software
 | |
|   distributed under the License is distributed on an "AS IS" BASIS,
 | |
|   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 | |
|   See the License for the specific language governing permissions and
 | |
|   limitations under the License.
 | |
| --%>
 | |
| <%@ page session="false" trimDirectiveWhitespaces="true" %>
 | |
| <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
 | |
| <html>
 | |
|  <head>
 | |
|   <title>403 Access Denied</title>
 | |
|   <style type="text/css">
 | |
|     <!--
 | |
|     BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;font-size:12px;}
 | |
|     H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;}
 | |
|     PRE, TT {border: 1px dotted #525D76}
 | |
|     A {color : black;}A.name {color : black;}
 | |
|     -->
 | |
|   </style>
 | |
|  </head>
 | |
|  <body>
 | |
|    <h1>403 Access Denied</h1>
 | |
|    <p>
 | |
|     You are not authorized to view this page.
 | |
|    </p>
 | |
|    <p>
 | |
|     By default the Manager is only accessible from a browser running on the
 | |
|     same machine as Tomcat. If you wish to modify this restriction, you'll need
 | |
|     to edit the Manager's <tt>context.xml</tt> file.
 | |
|    </p>
 | |
|    <p>
 | |
|     If you have already configured the Manager application to allow access and
 | |
|     you have used your browsers back button, used a saved book-mark or similar
 | |
|     then you may have triggered the cross-site request forgery (CSRF) protection
 | |
|     that has been enabled for the HTML interface of the Manager application. You
 | |
|     will need to reset this protection by returning to the
 | |
|     <a href="<%=request.getContextPath()%>/html">main Manager page</a>. Once you
 | |
|     return to this page, you will be able to continue using the Manager
 | |
|     application's HTML interface normally. If you continue to see this access
 | |
|     denied message, check that you have the necessary permissions to access this
 | |
|     application.
 | |
|    </p>
 | |
|    <p>
 | |
|     If you have not changed
 | |
|     any configuration files, please examine the file
 | |
|     <tt>conf/tomcat-users.xml</tt> in your installation. That
 | |
|     file must contain the credentials to let you use this webapp.
 | |
|    </p>
 | |
|    <p>
 | |
|     For example, to add the <tt>manager-gui</tt> role to a user named
 | |
|     <tt>tomcat</tt> with a password of <tt>s3cret</tt>, add the following to the
 | |
|     config file listed above.
 | |
|    </p>
 | |
| <pre>
 | |
| <role rolename="manager-gui"/>
 | |
| <user username="tomcat" password="s3cret" roles="manager-gui"/>
 | |
| </pre>
 | |
|    <p>
 | |
|     Note that for Tomcat 7 onwards, the roles required to use the manager
 | |
|     application were changed from the single <tt>manager</tt> role to the
 | |
|     following four roles. You will need to assign the role(s) required for
 | |
|     the functionality you wish to access.
 | |
|    </p>
 | |
|     <ul>
 | |
|       <li><tt>manager-gui</tt> - allows access to the HTML GUI and the status
 | |
|           pages</li>
 | |
|       <li><tt>manager-script</tt> - allows access to the text interface and the
 | |
|           status pages</li>
 | |
|       <li><tt>manager-jmx</tt> - allows access to the JMX proxy and the status
 | |
|           pages</li>
 | |
|       <li><tt>manager-status</tt> - allows access to the status pages only</li>
 | |
|     </ul>
 | |
|    <p>
 | |
|     The HTML interface is protected against CSRF but the text and JMX interfaces
 | |
|     are not. To maintain the CSRF protection:
 | |
|    </p>
 | |
|    <ul>
 | |
|     <li>Users with the <tt>manager-gui</tt> role should not be granted either
 | |
|         the <tt>manager-script</tt> or <tt>manager-jmx</tt> roles.</li>
 | |
|     <li>If the text or jmx interfaces are accessed through a browser (e.g. for
 | |
|         testing since these interfaces are intended for tools not humans) then
 | |
|         the browser must be closed afterwards to terminate the session.</li>
 | |
|    </ul>
 | |
|    <p>
 | |
|     For more information - please see the
 | |
|     <a href="/docs/manager-howto.html" rel="noopener noreferrer">Manager App How-To</a>.
 | |
|    </p>
 | |
|  </body>
 | |
| 
 | |
| </html>
 |