tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: tomcat admin console problem
Date Tue, 10 Feb 2009 16:25:08 GMT
Srinivas Jonnalagadda wrote:
> Mark,
> 
> Thanks very much. Once i commented the filter it worked. Here is what i have on my address
filter. though it was ridiculous that the same setting worked well on a windows machine this
did not work on solaris machine. 
> 
> <Context docBase="/apps/opt/tomcat/jakarta-tomcat-5.5.9/server/webapps/admin" pr
> ivileged="true"
>          antiResourceLocking="false" antiJARLocking="false">
>  
>   <!-- Uncomment this Valve to limit access to the Admin app to localhost
>    for obvious security reasons. Allow may be a comma-separated list of
>    hosts (or even regular expressions).
>   <Valve className="org.apache.catalina.valves.RemoteAddrValve"
>     allow="127.0.0.1,192.168.0.10"/>-->

Those aren't valid regular expressions. (We may need to fix the example in the
Admin app.) The allow attribute should be:

allow="127\.0\.0\.1,192\.168\.0\.10"

Before you do that though, turn on access logging and check that the requests
are coming from the IP address you think they are.

Mark


>  
> </Context>
> 
> Thanks,
> Srinivas Jonnalagadda
> 
> 
> -----Original Message-----
>> From: Mark Thomas <markt@apache.org>
>> Sent: Feb 10, 2009 7:19 AM
>> To: Tomcat Users List <users@tomcat.apache.org>
>> Subject: Re: tomcat admin console problem
>>
>> Srinivas Jonnalagadda wrote:
>>> Hi,
>>>
>>> I am getting the "Access to the specified resource () has been forbidden" when
i try to access as http://192.168.0.10:8080/admin/. the admin app is deployed on a solaris
machine with tomcat 5.5.9 communicationg with Apache HTTP Server and using mod_jk connector.
I copied admin.xml to /apps/opt/tomcat/jakarta-tomcat-5.5.9/conf/Catalina/localhost. Undommented
the tag and added allow 192.168.0.10 after 127.0.0.1. Copied the admin directory to /apps/opt/tomcat/jakarta-tomcat-5.5.9/server/webapps.
Also i have the admin role with permission in the tomcat-users.xml fil. The http://192.168.0.10:8080/manager/html/
works perfectly though. Also though i am not using mod_jk and apache http server on a Windows
machine the Tomcat Administartion web application works perfectly. I changed the permissions
to admin directory and also sub directories on the solaris machine with chmod 777. Still i
get the access forbidden error. 
>>>
>>> Any help as how to solve this is appreciated.
>> Probably the address filter. Try removing that temporarily to see if that fixes
>> it. If it does, copy the valve settings here and we'll take a look.
>>
>> Mark
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message