Reputation: 179
I am unsure as to why I am unable to login, here are the permissions:
<tomcat-users xmlns="http://tomcat.apache.org/xml"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
version="1.0">
<!--
NOTE: By default, no user is included in the "manager-gui" role required
to operate the "/manager/html" web application. If you wish to use this app,
you must define such a user - the username and password are arbitrary. It is
strongly recommended that you do NOT use one of the users in the commented out
section below since they are intended for use with the examples web
application.
-->
<role rolename="tomcat"/>
<role rolename="role1"/>
<role rolename="manager-gui"/>
<role rolename="admin-gui"/>
<role rolename="manager-script"/>
<user username="lamidotijjo" password="s3cr3t" roles="manager-gui,manager-script,admin-gui"/>
<user username="tomcat" password="<must-be-changed>" roles="tomcat"/>
<user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
<user username="role1" password="<must-be-changed>" roles="role1"/>
</tomcat-users>
I installed it from the tomcat official website for Ubuntu yesterday. I thought that all the permissions were correct. Thanks!
Upvotes: 4
Views: 12051
Reputation: 17391
All your permissions are correct, and the new user you added is fine. The problem is that you did not set valid passwords on these three pre-configured users in file tomcat-users.xml:
<user username="tomcat" password="<must-be-changed>" roles="tomcat"/>
<user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
<user username="role1" password="<must-be-changed>" roles="role1"/>
Tomcat deliberately configures those users with invalid passwords, forcing you to change them to something valid. If you check the log after starting Tomcat with those settings you probably see several stack traces similar to this:
10-Jun-2018 00:04:35.343 INFO [main] org.apache.catalina.startup.Catalina.load Initialization processed in 902 ms
10-Jun-2018 00:04:35.386 SEVERE [main] org.apache.tomcat.util.digester.Digester.fatalError Parse Fatal Error at line 48 column 34: The value of attribute "password" associated with an element type "user" must not contain the '<' character.
org.xml.sax.SAXParseException; lineNumber: 48; columnNumber: 34; The value of attribute "password" associated with an element type "user" must not contain the '<' character.
at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:203)
at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:177)
The error message is very explicit:
The value of attribute "password" associated with an element type "user" must not contain the '<' character.
Just replace each instance of "<must-be-changed>"
with "password"
(or some password of your choice) and restart Tomcat to fix the problem.
Alternatively, you could just remove those three lines from the file (or comment them out) if you don't need those three users.
Upvotes: 3