java - Tomcat 9 无法登录 manager/html

Question

我不确定为什么我无法登录，这里是权限:

<tomcat-users xmlns="http://tomcat.apache.org/xml"
              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
              version="1.0">
<!--
  NOTE:  By default, no user is included in the "manager-gui" role required
  to operate the "/manager/html" web application.  If you wish to use this app,
  you must define such a user - the username and password are arbitrary. It is
  strongly recommended that you do NOT use one of the users in the commented out
  section below since they are intended for use with the examples web
  application.
-->
  <role rolename="tomcat"/>
  <role rolename="role1"/>
  <role rolename="manager-gui"/>
  <role rolename="admin-gui"/>
  <role rolename="manager-script"/>
  <user username="lamidotijjo" password="s3cr3t" roles="manager-gui,manager-script,admin-gui"/>
  <user username="tomcat" password="<must-be-changed>" roles="tomcat"/>
  <user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
  <user username="role1" password="<must-be-changed>" roles="role1"/>

</tomcat-users>

我昨天从Ubuntu的tomcat官网安装的。我认为所有权限都是正确的。谢谢!

Answer 1

您所有的权限都是正确的，您添加的新用户也没有问题。问题是您没有为文件 tomcat-users.xml 中的这三个预配置用户设置有效密码:

  <user username="tomcat" password="<must-be-changed>" roles="tomcat"/>
  <user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
  <user username="role1" password="<must-be-changed>" roles="role1"/>

Tomcat 故意为这些用户配置无效密码，迫使您将它们更改为有效密码。如果您在使用这些设置启动 Tomcat 后检查日志，您可能会看到一些与此类似的堆栈跟踪:

10-Jun-2018 00:04:35.343 INFO [main] org.apache.catalina.startup.Catalina.load Initialization processed in 902 ms
10-Jun-2018 00:04:35.386 SEVERE [main] org.apache.tomcat.util.digester.Digester.fatalError Parse Fatal Error at line 48 column 34: The value of attribute "password" associated with an element type "user" must not contain the '<' character.
 org.xml.sax.SAXParseException; lineNumber: 48; columnNumber: 34; The value of attribute "password" associated with an element type "user" must not contain the '<' character.
        at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:203)
        at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:177)

错误信息非常明确:

The value of attribute "password" associated with an element type "user" must not contain the '<' character.

只需替换 "<must-be-changed>" 的每个实例与 "password" (或您选择的一些密码)并重新启动 Tomcat 以解决问题。

或者，如果您不需要这三个用户，您可以只从文件中删除这三行(或将它们注释掉)。