Java 将war文件上载到tomcat8时,获取403访问被拒绝错误
我可以登录并访问管理器页面,但当我尝试上载war文件时失败,出现403错误。我已经在tomcat-users.xml中添加了权限,以下是相关行:Java 将war文件上载到tomcat8时,获取403访问被拒绝错误,java,tomcat8,Java,Tomcat8,我可以登录并访问管理器页面,但当我尝试上载war文件时失败,出现403错误。我已经在tomcat-users.xml中添加了权限,以下是相关行: <user username="admin" password="password123" roles="admin,manager-gui,admin-gui"/> /usr/share/tomcat8 admin/manager/META-INF/context.xml中的Valve类已经被注释掉了 <Context ant
<user username="admin" password="password123" roles="admin,manager-gui,admin-gui"/>
<Context antiResourceLocking="false" privileged="true" >
<!--
Remove the comment markers from around the Valve below to limit access to
the host-manager application to clients connecting from localhost
-->
<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
</Context>
403 Access Denied
You are not authorized to view this page.
If you have already configured the Manager application to allow access and you have used your browsers back button, used a saved book-mark or similar then you may have triggered the cross-site request forgery (CSRF) protection that has been enabled for the HTML interface of the Manager application. You will need to reset this protection by returning to the main Manager page. Once you return to this page, you will be able to continue using the Manager appliction's HTML interface normally. If you continue to see this access denied message, check that you have the necessary permissions to access this application.
If you have not changed any configuration files, please examine the file conf/tomcat-users.xml in your installation. That file must contain the credentials to let you use this webapp.
For example, to add the manager-gui role to a user named tomcat with a password of s3cret, add the following to the config file listed above.
<role rolename="manager-gui"/>
<user username="tomcat" password="s3cret" roles="manager-gui"/>
Note that for Tomcat 7 onwards, the roles required to use the manager application were changed from the single manager role to the following four roles. You will need to assign the role(s) required for the functionality you wish to access.
manager-gui - allows access to the HTML GUI and the status pages
manager-script - allows access to the text interface and the status pages
manager-jmx - allows access to the JMX proxy and the status pages
manager-status - allows access to the status pages only
The HTML interface is protected against CSRF but the text and JMX interfaces are not. To maintain the CSRF protection:
Users with the manager-gui role should not be granted either the manager-script or manager-jmx roles.
If the text or jmx interfaces are accessed through a browser (e.g. for testing since these interfaces are intended for tools not humans) then the browser must be closed afterwards to terminate the session.
For more information - please see the Manager App HOW-TO.
403访问被拒绝
您无权查看此页面。
如果您已经将Manager应用程序配置为允许访问,并且使用了浏览器后退按钮、已保存的图书标记或类似功能,则可能触发了已为Manager应用程序的HTML界面启用的跨站点请求伪造(CSRF)保护。您需要通过返回到主管理器页面来重置此保护。返回此页面后,您将能够继续正常使用Manager应用程序的HTML界面。如果继续看到此拒绝访问消息,请检查您是否具有访问此应用程序所需的权限。
如果尚未更改任何配置文件,请检查安装中的conf/tomcat-users.xml文件。该文件必须包含允许您使用此webapp的凭据。
例如,要向名为tomcat、密码为s3cret的用户添加manager gui角色,请将以下内容添加到上面列出的配置文件中。
请注意,对于Tomcat7以后的版本,使用manager应用程序所需的角色已从单个manager角色更改为以下四个角色。您需要为希望访问的功能分配所需的角色。
manager gui-允许访问HTML gui和状态页面
管理器脚本-允许访问文本界面和状态页面
manager jmx-允许访问jmx代理和状态页面
管理器状态-仅允许访问状态页面
HTML接口受CSRF保护,但文本和JMX接口不受保护。要维护CSRF保护,请执行以下操作:
具有manager gui角色的用户不应被授予manager脚本或manager jmx角色。
如果通过浏览器访问文本或jmx接口(例如,用于测试,因为这些接口用于工具而非人类),则随后必须关闭浏览器以终止会话。
有关更多信息,请参阅Manager应用程序指南。
chown -R root test
别忘了看一下日志。我得到了完全相同的异常,但根本原因是:超过了最大文件大小
HTMLManager: FAIL - Deploy Upload Failed, Exception: org.apache.tomcat.util.http.fileupload.FileUploadBase$SizeLimitExceededException:
the request was rejected because its size (54463322) exceeds the configured maximum (52428800)
找到了一个解决办法。将war文件手动复制到/var/lib/tomcat8/webapps文件夹中是可行的。然后我可以从tomcat管理器启动应用程序。我遇到了同样的问题。谢谢