How to fix Tomcat HTTP Status 403: Access to the requested resource has been denied?

Asked 27/4, 2011 at 17:37 Answered 14/4, 2016 at 7:1

I am trying to setup Tomcat with my current source code. I downloaded the zip from tomcat site (6.0.32).

I then put in the config file for my project in tomcatDir\conf\Catalina\localhost

I then added the users to tomcat-users.xml

When I hit my application using localhost:8080/<context root>, I get the login prompt as I am supposed to. After providing the right credentials, the tomcat throws 403 error. I am able to access the manager with localhost:8080/manager/

tomcat-users.xml:

<role rolename="manager"/>
<role rolename="admin"/>
<user username="admin" password="5c50nD" roles="admin,manager"/>
<user username="nih\kishorev" password="altum" roles="admin,manager"/>

Torhert answered 27/4, 2011 at 17:37 Comment(1)

I am having the same problem...did you manage to solve it? I can access the status page but the manager app gives this error.. – Impolicy 17/9, 2011 at 11:48

You should choose manager roles which are defined by tomcat instead of admin or manager.

manager-gui - Allows access to the html interface
manager-script - Allows access to the plain text interface
manager-jmx - Allows access to the JMX proxy interface
manager-status - Allows access to the read-only status pages

link to Configuring Manager Application access in tomcat

Carbonate answered 6/7, 2012 at 8:18 Comment(0)

You need to change the form actions to Post, apparently there is a problem with the GET method on the 6.0.32 version of tomcat, it should be fixed in 6.0.33 version of tomcat.

link to tomcat bugzilla

Shirleenshirlene answered 7/10, 2011 at 16:0 Comment(0)

This one works for me

<role rolename="manager"/>
<user username="admin" password="admin" roles="manager"/>

Valorievalorization answered 12/9, 2014 at 11:37 Comment(0)

I had the same problem. I needed to do two things. In the web.xml you have to define BASIC or an other method leading to a form based login prompt and a role-name for example Admin:

    <security-constraint>   
    <web-resource-collection>   
        <web-resource-name>Protected Admin Area</web-resource-name>   
        <url-pattern>/Admin</url-pattern>   
    </web-resource-collection>
    <auth-constraint>
        <role-name>Admin</role-name>
    </auth-constraint>   
  </security-constraint>  
  <login-config>   
        <auth-method>BASIC</auth-method>
  </login-config>

In the tomcat-users.xml add a user with the role Admin, or if you use a graphic interface like eclipse do the following:

Galvanic answered 14/4, 2016 at 7:1 Comment(0)

Please check you web.xml In that put

admin instead of AllAuthenticatedUsers in <role-name>AllAuthenticatedUser</role-name>

Just try this and let me know whether it worked or not.

Emboss answered 5/7, 2012 at 8:56 Comment(0)

Recommended topics

Hot tags