I have an error when trying to access to Tomcat management console (Apache Tomcat/8.0.50).
WARNING [http-apr-8080-exec-7]
org.apache.catalina.realm.LockOutRealm.filterLockedAccounts An attempt
was made to authenticate the locked user "admin"
I changed configuration file "tomcat-users.xml" and restarted tomcat
<tomcat-users xmlns="http://tomcat.apache.org/xml"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
version="1.0">
<user username="admin" password="!w@B@#7XTFj" roles="manager-gui,admin-gui" />
Information about "realm" in server.xml
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
and about "Resources"
<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
<Resource name="jdbc/ERS"
auth="Container"
type="javax.sql.DataSource"
driverClassName="oracle.jdbc.OracleDriver"
url="jdbc:oracle:thin:@servername:port:BDD_name"
username="SAU_BIS"
password="V0t0,z91!"
maxActive="100000"
maxIdle="100000" />
</GlobalNamingResources>
I added loglvel : org.apache.catalina.realm.level = FINE and I have this information:
13-Mar-2020 08:19:08.515 FINE [http-apr-8080-exec-4] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[JMX Proxy interface]' against GET /status --> false
13-Mar-2020 08:19:08.515 FINE [http-apr-8080-exec-4] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[Status interface]' against GET /status --> true
13-Mar-2020 08:19:08.515 FINE [http-apr-8080-exec-4] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[HTML Manager interface (for humans)]' against GET /status --> false
13-Mar-2020 08:19:08.515 FINE [http-apr-8080-exec-4] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[Text Manager interface (for scripts)]' against GET /status --> false
13-Mar-2020 08:19:08.515 FINE [http-apr-8080-exec-4] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[JMX Proxy interface]' against GET /status --> false
13-Mar-2020 08:19:08.515 FINE [http-apr-8080-exec-4] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[Status interface]' against GET /status --> true
13-Mar-2020 08:19:08.515 FINE [http-apr-8080-exec-4] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[HTML Manager interface (for humans)]' against GET /status --> false
13-Mar-2020 08:19:08.515 FINE [http-apr-8080-exec-4] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[Text Manager interface (for scripts)]' against GET /status --> false
13-Mar-2020 08:19:08.515 FINE [http-apr-8080-exec-4] org.apache.catalina.realm.RealmBase.hasUserDataPermission User data constraint has no restrictions
13-Mar-2020 08:19:24.345 FINE [http-apr-8080-exec-5] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[JMX Proxy interface]' against GET /status --> false
13-Mar-2020 08:19:24.345 FINE [http-apr-8080-exec-5] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[Status interface]' against GET /status --> true
13-Mar-2020 08:19:24.345 FINE [http-apr-8080-exec-5] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[HTML Manager interface (for humans)]' against GET /status --> false
13-Mar-2020 08:19:24.345 FINE [http-apr-8080-exec-5] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[Text Manager interface (for scripts)]' against GET /status --> false
13-Mar-2020 08:19:24.345 FINE [http-apr-8080-exec-5] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[JMX Proxy interface]' against GET /status --> false
13-Mar-2020 08:19:24.345 FINE [http-apr-8080-exec-5] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[Status interface]' against GET /status --> true
13-Mar-2020 08:19:24.345 FINE [http-apr-8080-exec-5] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[HTML Manager interface (for humans)]' against GET /status --> false
13-Mar-2020 08:19:24.345 FINE [http-apr-8080-exec-5] org.apache.catalina.realm.RealmBase.findSecurityConstraints Checking constraint 'SecurityConstraint[Text Manager interface (for scripts)]' against GET /status --> false
13-Mar-2020 08:19:24.345 FINE [http-apr-8080-exec-5] org.apache.catalina.realm.RealmBase.hasUserDataPermission User data constraint has no restrictions
13-Mar-2020 08:19:24.361 FINE [http-apr-8080-exec-5] org.apache.catalina.realm.CombinedRealm.authenticate Attempting to authenticate user "admin" with realm "org.apache.catalina.realm.UserDatabaseRealm"
13-Mar-2020 08:19:24.361 FINE [http-apr-8080-exec-5] org.apache.catalina.realm.CombinedRealm.authenticate Failed to authenticate user "admin" with realm "org.apache.catalina.realm.UserDatabaseRealm"
But it's still impossible to access on console.
Any ideas ?
Best Answer
It says username 'admin' was locked, change the username to anything else and restart the tomcat server.