tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Konstantin Kolinko <knst.koli...@gmail.com>
Subject Re: can't connect to manager application
Date Fri, 18 Oct 2013 18:37:56 GMT
2013/10/18 Edoardo Panfili <edoardo@aspix.it>:
>
> I didn't touch the manager application (at least not voluntarily!).
>
>
>
>> That may also explain why the latest logfile did not show any problem.
>> It was probably copied before the first real call to the Manager happened.
>
>
>> Right now though, there is probably the same error message in the logs
>> as before, because Edoardo tried to call the Manager app, /after/ he
>> sent us the startup logfile.
>
> Are we talking of catalina.out? if so: no. the problem is that the exception
> log is not in catalina.out (or
> catalina-daemon.out in my system) but in manager.2013-10-18.log
>
> ott 18, 2013 6:44:14 PM org.apache.catalina.core.ApplicationContext log
>
> Informazioni: Marking servlet Manager as unavailable
> ott 18, 2013 6:44:14 PM org.apache.catalina.core.StandardWrapperValve invoke
>
> Grave: Allocate exception for servlet Manager
> java.lang.SecurityException: Restricted (ContainerServlet) class
> org.apache.catalina.manager.ManagerServlet
>         at
> org.apache.catalina.core.DefaultInstanceManager.checkAccess(DefaultInstanceManager.java:538)
>         at
> org.apache.catalina.core.DefaultInstanceManager.loadClassMaybePrivileged(DefaultInstanceManager.java:511)
>         at
> org.apache.catalina.core.DefaultInstanceManager.newInstance(DefaultInstanceManager.java:137)
>         at
> org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1144)
>         at
> org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:865)
>         at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:136)
>         at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
>         at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:611)
>         at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
>         at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
>         at
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
>         at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
>         at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
>         at
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1023)
>         at
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
>         at
> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
>         at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
>         at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
>         at java.lang.Thread.run(Thread.java:724)
>
> (the same as before)
>

The code:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/tags/TOMCAT_7_0_40/java/org/apache/catalina/core/DefaultInstanceManager.java?view=markup#l538

To clarify: it is not related with Java SecurityManager.  It is an
explicit check in Tomcat code that prohibits usage of special servlets
(such as the Manager one) in web applications that are not marked as
"privileged".

It means that OP's manager web application does not have
privileged="true" in its context xml file.

The default context.xml of the manager webapp in Tomcat 7 is in
$CATALINA_HOME/webapps/manager/META-INF/context.xml.  It may be that
the file is missing, is not readable, or it is not effective (e.g. if
it is shadowed by another definition of the same context elsewhere.
There exist several ways on how a context can be configured). See [1].

As Martin Gainty noted, it seems that there is quite a number of
errors in how OP's web applications are deployed. All allowed
attributes are documented in [1].


[1] http://tomcat.apache.org/tomcat-7.0-doc/config/context.html#Defining_a_context


Best regards,
Konstantin Kolinko

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message