tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: can't connect to manager application
Date Fri, 18 Oct 2013 16:38:58 GMT
Edoardo Panfili wrote:
> Il 18/10/13 18:17, Christopher Schultz ha scritto:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>>
>> Edoardo,
>>
>> On 10/18/13 12:04 PM, Edoardo Panfili wrote:
>>> Il 18/10/13 16:40, André Warnier ha scritto:
>>>> Edoardo Panfili wrote:
>>>>> Il 18/10/13 08:43, Ognjen Blagojevic ha scritto:
>>>>>> On 18.10.2013 7:34, Edoardo Panfili wrote:
>>>>>>>> To rule out faulty upgrade, could you try to reproduce
>>>>>>>> the problem on clean Tomcat 7.0.42 install?
>>>>>>> the problem was surely present with 7.0.39, the 7.0.42 is a
>>>>>>> fresh installation for me.
>>>>>>
>>>>>> Could you please clarify: does the problem exists on 7.0.42,
>>>>>> 7.0.39 or both?
>>>>> both
>>>>>
>>>>>> Could you provide steps to reproduce the problem on fresh
>>>>>> 7.0.42 installation?
>>>>> - unpack tomcat - modify listen port - modify tomcat-users.xml
>>>>> - copy jmxremote.access and jmxremote.password (setting
>>>>> permissions) - build jsvc - copy configuration files for
>>>>> applications (in $tomcat/conf/Catalina/localhost)
>>>>>
>>>>> thank you for you question: also jmx remote access is not
>>>>> working (in both tomcat 7.0.39 and 7.0.42), maybe the two
>>>>> problems are related?
>>>>>
>>>>>
>>>>>> I tried to reproduce with the information you provided so
>>>>>> far, but I was unable. It works for me.
>>>>> Also on my local machine, where jmx is not configured.
>>>>>
>>>>>
>>>>
>>>> Usually, a good place to look first, are the Tomcat logfiles.
>>>> What do they say ?
>>>
>>> searching for "java.lang.SecurityException: Restricted
>>> (ContainerServlet) class
>>> org.apache.catalina.manager.ManagerServlet"
>>>
>>> seem that the solution is to add privileged="true" at
>>> $tomcat/conf/context.xml... and the "reoload" command now works.
>>
>> No no no no no no no no no do not do that: you will make every webapp
>> deployed on Tomcat privileged.
> ok, right, context.xml is back to the original.
> 
> 
>> Tomcat's manager should already be set to privileged="true". Are you
>> sure you didn't change anything else?
> setenv.sh but... removing it nothing changes from this point of view.
> 

Do you need to run with the Java Security Manager enabled ?

As far as I know, it only really helps when you allow the installation of apps of which 
you do not know if they are secure or not.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message