Return-Path: 
 <users-return-246318-apmail-tomcat-users-archive=tomcat.apache.org@tomcat.apache.org>
X-Original-To: apmail-tomcat-users-archive@www.apache.org
Delivered-To: apmail-tomcat-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id B1AE210549
	for <apmail-tomcat-users-archive@www.apache.org>;
 Fri,  7 Feb 2014 13:50:17 +0000 (UTC)
Received: (qmail 93222 invoked by uid 500); 7 Feb 2014 13:50:11 -0000
Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org
Received: (qmail 93113 invoked by uid 500); 7 Feb 2014 13:50:09 -0000
Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@tomcat.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@tomcat.apache.org>
List-Post: <mailto:users@tomcat.apache.org>
List-Id: <users.tomcat.apache.org>
Reply-To: "Tomcat Users List" <users@tomcat.apache.org>
Delivered-To: mailing list users@tomcat.apache.org
Received: (qmail 93080 invoked by uid 99); 7 Feb 2014 13:50:07 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 07 Feb 2014 13:50:07 +0000
X-ASF-Spam-Status: No, hits=1.5 required=5.0
	tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of gael.therond@gmail.com
 designates 209.85.216.177 as permitted sender)
Received: from [209.85.216.177] (HELO mail-qc0-f177.google.com)
 (209.85.216.177)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 07 Feb 2014 13:49:59 +0000
Received: by mail-qc0-f177.google.com with SMTP id i8so5776625qcq.8
        for <users@tomcat.apache.org>; Fri, 07 Feb 2014 05:49:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=/nYT9rEWHXUKLgphfSQaLKKFdEP3wX0FmIT47MthntM=;
        b=Xd5Urpg8HDGAWH7vFjsB7xUfH2pAVlNE1BFRpiMfaHARKmsr+uymZSBglm/fPyoC5o
         7EZvrZ/iFmUAMz+ACEuEiX0BtSNwYJRb1c7phjiC1VanAmE6SUbA/5qxjkTWETB/9IAm
         v8qBeJQkEkujw+N2EsI7AksTX6pqbyLi44v7wR451bPhkESTA+3SMBpvJzdkC4ak2b57
         pJzQh1+TpgmpObDvXApA/sz4a5fd2IH3vVTSZHKpsOjjVMpa07UEQzpQksI2qrjWvDnl
         9C+dw66fYcyEC3hQsYbPV6V/WxRVPJeg0WFx6AS+7+yzf53Z/cUmvVXMV+uUmsxZf8xf
         iTHQ==
MIME-Version: 1.0
X-Received: by 10.140.85.35 with SMTP id m32mr20785904qgd.40.1391780978826;
 Fri, 07 Feb 2014 05:49:38 -0800 (PST)
Received: by 10.140.20.37 with HTTP; Fri, 7 Feb 2014 05:49:38 -0800 (PST)
In-Reply-To: 
 <CABzHfVnc0BFE-GwT0FUrsWfSbMwTGaRbM50PnsWBHz7Ncqx2ig@mail.gmail.com>
References: 
 <CAG+53uaiq2tmrBjNa8HTmkZX7Hfq_j+Vwkyp6vHUCnotdXpZ8w@mail.gmail.com>
	<CABzHfVnc0BFE-GwT0FUrsWfSbMwTGaRbM50PnsWBHz7Ncqx2ig@mail.gmail.com>
Date: Fri, 7 Feb 2014 14:49:38 +0100
Message-ID: 
 <CAG+53ubRXWsahGjev1-mm1xCWOgXZevJJdSwBdgbs67zXT8hBA@mail.gmail.com>
Subject: Re: Tomcat 7 and manager issues on VirtualHost environnement
From: =?UTF-8?Q?Ga=C3=ABl_THEROND?= <gael.therond@gmail.com>
To: Tomcat Users List <users@tomcat.apache.org>
Content-Type: multipart/alternative; boundary=001a11c13ba0d9246404f1d1424c
X-Virus-Checked: Checked by ClamAV on apache.org

--001a11c13ba0d9246404f1d1424c
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Yep, I'm able to visit the application list, but not upload or start an
application.

I'll take a look at this CSRF Protection hint.

I'm using the default BASIC Auth provided by Tomcat to authenticate myself
on the manager.


2014-02-07 Konstantin Kolinko <knst.kolinko@gmail.com>:

> 2014-02-07 Ga=C3=ABl THEROND <gael.therond@gmail.com>:
> > Hello everyone,
> >
> > I'm facing a really strange issue since about two or three days now.
> >
> > I've got a Tomcat Server, which contain a virtualhost like this:
> >
> (....)
> >
> > If I start my tomcat instance, everything is fine, tomcat is launching
> > correctly without error, and correctly create the virtual host under th=
e
> > ${catalina_base}/conf/Catalina/
> >
> > I can see on the catalina.out log file that tomcat even create the
> > manager.xml to be able to have an isolated manager for this host.
> >
> > the manager.xml file is correct.
> >
> > However, if I try to upload a WAR I'm facing a 403 error coming from
> tomcat.
> > Where I didn't get it, it's that on my main manager everything is fine,=
 I
> > can log in and load a WAR correctly.
> >
>
> So, you are able to visit the "applications list" page in Manager, but
> upload of a WAR file results in 403?
>
> The page 403 in manager can be result of CSRF protection,
> For example, if your session has expired. The session is needed,
> because CsrfPreventionFilter stores protection token in the session.
>
> I wonder whether SingleSignOn affects this.
> What authentication schema are you using? The manager app uses BASIC by
> default.
>
> Best regards,
> Konstantin Kolinko
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

--001a11c13ba0d9246404f1d1424c--