tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Edoardo Panfili <edoa...@aspix.it>
Subject Re: can't connect to manager application
Date Fri, 18 Oct 2013 16:45:18 GMT
Il 18/10/13 18:38, André Warnier ha scritto:
> Edoardo Panfili wrote:
>> Il 18/10/13 18:17, Christopher Schultz ha scritto:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA256
>>>
>>> Edoardo,
>>>
>>> On 10/18/13 12:04 PM, Edoardo Panfili wrote:
>>>> Il 18/10/13 16:40, André Warnier ha scritto:
>>>>> Edoardo Panfili wrote:
>>>>>> Il 18/10/13 08:43, Ognjen Blagojevic ha scritto:
>>>>>>> On 18.10.2013 7:34, Edoardo Panfili wrote:
>>>>>>>>> To rule out faulty upgrade, could you try to reproduce
>>>>>>>>> the problem on clean Tomcat 7.0.42 install?
>>>>>>>> the problem was surely present with 7.0.39, the 7.0.42 is
a
>>>>>>>> fresh installation for me.
>>>>>>>
>>>>>>> Could you please clarify: does the problem exists on 7.0.42,
>>>>>>> 7.0.39 or both?
>>>>>> both
>>>>>>
>>>>>>> Could you provide steps to reproduce the problem on fresh
>>>>>>> 7.0.42 installation?
>>>>>> - unpack tomcat - modify listen port - modify tomcat-users.xml
>>>>>> - copy jmxremote.access and jmxremote.password (setting
>>>>>> permissions) - build jsvc - copy configuration files for
>>>>>> applications (in $tomcat/conf/Catalina/localhost)
>>>>>>
>>>>>> thank you for you question: also jmx remote access is not
>>>>>> working (in both tomcat 7.0.39 and 7.0.42), maybe the two
>>>>>> problems are related?
>>>>>>
>>>>>>
>>>>>>> I tried to reproduce with the information you provided so
>>>>>>> far, but I was unable. It works for me.
>>>>>> Also on my local machine, where jmx is not configured.
>>>>>>
>>>>>>
>>>>>
>>>>> Usually, a good place to look first, are the Tomcat logfiles.
>>>>> What do they say ?
>>>>
>>>> searching for "java.lang.SecurityException: Restricted
>>>> (ContainerServlet) class
>>>> org.apache.catalina.manager.ManagerServlet"
>>>>
>>>> seem that the solution is to add privileged="true" at
>>>> $tomcat/conf/context.xml... and the "reoload" command now works.
>>>
>>> No no no no no no no no no do not do that: you will make every webapp
>>> deployed on Tomcat privileged.
>> ok, right, context.xml is back to the original.
>>
>>
>>> Tomcat's manager should already be set to privileged="true". Are you
>>> sure you didn't change anything else?
>> setenv.sh but... removing it nothing changes from this point of view.
>>
>
> Do you need to run with the Java Security Manager enabled ?
no, there are only trusted applications.


> As far as I know, it only really helps when you allow the installation
> of apps of which you do not know if they are secure or not.
but the only thing that I changed (for java security management) is 
setenv.sh and removing it nothing changes. Am I missing something?

I will try a step by step install on another machine (can't do this on 
production server)

Edoardo

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message