Your roles are contradictory. Status forbids access to the gui, jmx and
script are for non-browser access. Try only giving manager-gui.
Review roles and information about the manager app here.
I suggest you read the entire document… And be careful that you are not
exposing the manager interface to the world at large. (See the section on
See also the WEB-INF/web.xml in the manager app, there are NOTEs throughout
“Use the manager-script role to take advantage of the new
CSRF protection. Using the manager role or assigning
the manager-script and manager-gui roles to the same
will bypass the CSRF protection.”
“Use just the manager-gui role to take advantage of the new
CSRF protection. Assigning the manager role or
role along with either the manager-script or
roles to the same user will bypass the CSRF
In practice, I use separate credentials:
- for management via the GUI
- to access to the status page for monitoring via Nagios and Cacti
- to access the other interfaces to affect changes
All interfaces are unmapped through the front-end web server and only
available via local networks.
-GOn Tue, Aug 23, 2016 at 8:46 AM, Ivan <@Ivan> wrote:
Now the page* (http://ip:8888/manager/html/
http://ip:8888/manager/html/)* asks me the login access data.
I have configured the configuration file /opt/lucee/tomcat/conf/tomcat-
<?xml version='1.0' encoding='utf-8'?>
users.xml so (and restarted tomcat):
But strangely not accept me my login data …
You have an idea for this problem?
Get 10% off of the regular price for this years CFCamp in Munich, Germany
(Oct. 20th & 21st) with the Lucee discount code Lucee@cfcamp. 189€
instead of 210€. Visit https://ti.to/cfcamp/cfcamp-
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an
email to firstname.lastname@example.org.
To post to this group, send email to email@example.com.
To view this discussion on the web visit https://groups.google.com/d/
For more options, visit https://groups.google.com/d/optout.