Question
I have read a lot of topics in stackoverflow for solve my problem, but none was useful.
When I tried to log in Manager App ([http://localhost:8080/manager/html][1]) using a lot of different configurations, but I always obtained 401 Unauthorized after attempted to log in using the rights credentials. I restarted the tomcat server a couple of times.
This is my last configuration in conf/tomcat-users.xml
https://stackoverflow.com/questions/16671858
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian <?xml version="1.0" encoding="UTF-8"?>
<tomcat-users>
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="manager-jmx"/>
<role rolename="manager-status"/>
<role rolename="admin-gui"/>
<role rolename="admin-script"/>
<user username="admin" password="admin" roles="manager-gui, manager-script, manager-jmx, manager-status, admin-gui, admin-script"/>
</tomcat-users>
This is the part related to tomcat-users in server.xml
<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
This is my configuration: Apache Tomcat: Version 7.0.40 64 bit Tested on Chrome 26
If there is something else useful that I forgot, let me know. Thanks in advance
Solution
From tailing [tomcat-root]/logs/catalina.out, I observed that you are using a locked username "admin"
06-May-2014 16:47:41.828 WARNING [http-nio-192.168.0.51-8080-exec-6] org.apache.catalina.realm.LockOutRealm.authenticate An attempt was made to authenticate the locked user "admin"
You should try with a better(non guessable) username.
<role rolename="manager-gui"/>
<user username="TomcatAdmin" password="secpa55wd" roles="manager-gui"/>
This should definitely work for you.
OTHER TIPS
Configuration looks fine for me . can you please try with below tomacat-users.xml.
<tomcat-users>
<user name="admin" password="admin" roles="admin-gui,manager-gui" />
</tomcat-users>
Please restart the server after change.
Solutions above probably solved your problem.The locked user solution tipped me off on my issue.
Something weird I noticed... Don't know how it happened.
After installing a new tomcat7 I ended up with a "tomcat-users.xml" file owned by user root and group root.
I found out because catalina.out contains a few lines like "javax.naming.NamingException: /var/lib/tomcat7/conf/tomcat-users.xml (Permission denied)"
After changing file ownership to user "root" & group "tomcat7" fixed my login issue.
If you try any of the other Answers and then there is no difference, you may need to clean your Tomcat and then try again. These are my clean commands (not sure how general they are):
rm -R $TOMCAT_HOME/work/Catalina/<host>/*
rm -rf $TOMCAT_HOME/webapps/<app name>
Also verify that the tomcat-users.xml you are editing actually corresponds with the instance of Tomcat you are running. If you have multiple installations, but only one running, make sure you are editing the file at the correct location.
When you run startup.bat (or startup.sh), the script will output the CATALINA_* environmental variables. If the paths do match the current working directory you are running from, it is a good bet that you have been editing the wrong tomcat-users.xml file.
Check syntax and start-ending tag. i did stupid mistake when i started work on java. This line was working for me.
<?xml version="1.0" encoding="UTF-8"?>
<tomcat-users>
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="manager-jmx"/>
<role rolename="manager-status"/>
<role rolename="admin-gui"/>
<role rolename="admin-script"/>
<role rolename="manager-gui"/>
<user username="admin" password="admin" roles="manager-gui"/>
</tomcat-users>
In my case the password had special characters, that needed to be XML encoded before being added to the /opt/tomcat/conf/tomcat-users.xml file.
The tool that I used for the encoding was https://coderstoolbox.net/string/#!encoding=xml&action=encode&charset=us_ascii
If you are using XAMPP follow the below steps
Go to XAMPP and Click on Config infront of Tomcat
Then select tomcat-users.xml in the popup
And when it opens on an editor paste the following inside tomcat-users tags with your preferred password. Which will be as follows
<tomcat-users>
<role rolename="manager-gui"/>
<user username="tomcat" password="password" roles="manager-gui"/>
</tomcat-users>
Then restart the tomcat server from XAMPP.
And open the tomcat using the browser and you can give the user name and password as you given in the config file above, In my case, username = tomcat and password = password
Don't change anything. just replace below configurations to /etc/tomcat9/tomcat-users.xml
<?xml version="1.0" encoding="UTF-8"?>
<tomcat-users xmlns="http://tomcat.apache.org/xml"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
version="1.0">
<role rolename="tomcat"/>
<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<user username="admin" password="admin" roles="admin-gui,manager-gui,tomcat" /
</tomcat-users>
Then restart tomcat server by using sudo systemctl restart tomcat9
use this url to log manage-app admin http://127.0.0.1:8080/manager/html
**
<?xml version="1.0" encoding="UTF-8"?>
<tomcat-users xmlns="http://tomcat.apache.org/xml"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
version="1.0">
<role rolename="tomcat"/>
<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="manager-jmx"/>
<role rolename="manager-status"/>
<user username="tomcatuser" password="tomcatpassword" roles="admin-gui,manager-gui,tomcat,manager-script,manager-jmx,manager-status"/>
</tomcat-users>
<!-- -->
**
tomacat 7+ version need to set manager rolse as manager-script,manager-jmx, manager-status
Then restart tomcat sudo systemctl restart tomcat8
1.Goto C:\Program Files\Apache Tomcat 7\conf\tomcat-users.xml open it with notepad 2.and add following tag inside tag
<role rolename="manager-gui"/>
<user username="tomcat" password="tomcat" roles="manager-gui"/>
3.on browser enter : http://localhost:9090/manager/html enter username:tomcat password:tomcat
