以下是 context.xml 和 tomcat-users.xml 文件:
<Context antiResourceLocking="false" privileged="true" docBase="${catalina.home}/webapps/manager">
<CookieProcessor className="org.apache.tomcat.util.http.Rfc6265CookieProcessor"
sameSiteCookies="strict" />
<!--Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" /-->
<Manager sessionAttributeValueClassNameFilter="java\.lang\.(?:Boolean|Integer|Long|Number|String)|org\.apache\.catalina\.filters\.CsrfPreventionFilter\$LruCache(?:\$1)?|java\.util\.(?:Linked)?HashMap"/>
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="0.0.0.0/0" />
</Context>
Tomcat-users.xml:
<tomcat-users xmlns="http://tomcat.apache.org/xml"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
version="1.0">
<!--
By default, no user is included in the "manager-gui" role required
to operate the "/manager/html" web application. If you wish to use this app,
you must define such a user - the username and password are arbitrary.
Built-in Tomcat manager roles:
- manager-gui - allows access to the HTML GUI and the status pages
- manager-script - allows access to the HTTP API and the status pages
- manager-jmx - allows access to the JMX proxy and the status pages
- manager-status - allows access to the status pages only
The users below are wrapped in a comment and are therefore ignored. If you
wish to configure one or more of these users for use with the manager web
application, do not forget to remove the <!.. ..> that surrounds them. You
will also need to set the passwords to something appropriate.
-->
<user username="admin" password="admin" roles="manager-gui"/>
<user username="robot" password="robot" roles="manager-script"/>
<!--
The sample user and role entries below are intended for use with the
examples web application. They are wrapped in a comment and thus are ignored
when reading this file. If you wish to configure these users for use with the
examples web application, do not forget to remove the <!.. ..> that surrounds
them. You will also need to set the passwords to something appropriate.
-->
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="manager-status"/>
<role rolename="admin-gui"/>
<role rolename="admin-script"/>
<user username="admin" password="admin" roles="manager-gui,manager-script,manager-status,admin-gui,admin-script" />
</tomcat-users>
为端口 8080 的任何入站 IP 配置安全组。
点击此 URL 并实时查看问题:http://50.18.239.87:8080/manager/html
这可能是什么原因造成的?
默认情况下,Tomcat 管理器应用程序仅限于从本地主机(运行 Tomcat 的同一台计算机)访问。如果您需要从不同的机器访问它,您需要修改 Manager 的 context.xml 文件。
搜索与 Tomcat Manager 应用程序相关的元素。它应该看起来像这样:
<Context antiResourceLocking="false" privileged="true" docBase="${catalina.home}/webapps/manager">
<!-- Other configurations may be present here -->
</Context>
要允许来自不同机器的访问,您需要在允许来自特定 IP 地址或 IP 范围的请求的元素内添加 Valve 元素。将现有元素替换为以下内容:
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="your_ip_address_or_range" />
将 your_ip_address_or_range 替换为您想要允许访问的 IP 地址或范围。例如,要允许任何IP地址访问,可以使用allow="0.0.0.0/0"。如果您想限制对特定 IP 地址的访问,请相应地指定这些 IP 地址或范围。