tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gaël THEROND <gael.ther...@gmail.com>
Subject Re: Tomcat 7 and manager issues on VirtualHost environnement
Date Fri, 07 Feb 2014 13:49:38 GMT
Yep, I'm able to visit the application list, but not upload or start an
application.

I'll take a look at this CSRF Protection hint.

I'm using the default BASIC Auth provided by Tomcat to authenticate myself
on the manager.


2014-02-07 Konstantin Kolinko <knst.kolinko@gmail.com>:

> 2014-02-07 Gaël THEROND <gael.therond@gmail.com>:
> > Hello everyone,
> >
> > I'm facing a really strange issue since about two or three days now.
> >
> > I've got a Tomcat Server, which contain a virtualhost like this:
> >
> (....)
> >
> > If I start my tomcat instance, everything is fine, tomcat is launching
> > correctly without error, and correctly create the virtual host under the
> > ${catalina_base}/conf/Catalina/
> >
> > I can see on the catalina.out log file that tomcat even create the
> > manager.xml to be able to have an isolated manager for this host.
> >
> > the manager.xml file is correct.
> >
> > However, if I try to upload a WAR I'm facing a 403 error coming from
> tomcat.
> > Where I didn't get it, it's that on my main manager everything is fine, I
> > can log in and load a WAR correctly.
> >
>
> So, you are able to visit the "applications list" page in Manager, but
> upload of a WAR file results in 403?
>
> The page 403 in manager can be result of CSRF protection,
> For example, if your session has expired. The session is needed,
> because CsrfPreventionFilter stores protection token in the session.
>
> I wonder whether SingleSignOn affects this.
> What authentication schema are you using? The manager app uses BASIC by
> default.
>
> Best regards,
> Konstantin Kolinko
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message