Ubuntu – Tomcat Manager Application and HTTP 404 Error


I am trying to set up the admin application for a Tomcat 6.0.24 instance. None of the searches I've done turn up anything I can use. I am using this configuration for Apache 2.2.14:

Alias /manager /usr/share/tomcat6-admin/manager

<Directory "/usr/share/tomcat6-admin/manager">
        Options Indexes FollowSymLinks
        AllowOverride None
        allow from all

ProxyPass /manager ajp://localhost:8009/manager

In the tomcat-users.xml I have this:

  <role rolename="tomcat"/>
  <role rolename="admin"/>
  <role rolename="operator"/>
  <role rolename="manager"/>
  <user username="admin" password="nopasswordforyou" roles="admin,tomcat,manager"/>
  <user username="operator" password="nevermind" roles="operator"/>

I found the docs that suggested I needed manager-gui role installed and defined, but that appears to be Tomcat 7, not Tomcat 6.

The manager.xml is the default provided with Ubuntu Lucid Lynx 10.04:

<Context path="/manager" 
        antiResourceLocking="false" privileged="true" />

If I access /manager from a web browser, I get a 404 error from Tomcat: "requested resource not available." If I access /manager/images I get the same thing. If I access /manager/401.jsp I get the actual page.

In addition, the server.xml has not only the usual Realm (UserDatabaseRealm) but also one for MySQL authentication (JDBCRealm). Investigating this showed that the role of manager was not present there for the user admin; I fixed that by doing:


I restarted Tomcat, although I suspect that was overkill. No change. I don't see any errors in catalina.out or in localhost.* log files.

What am I missing? What is the interaction between the different realms? How do I get the manager application working?

Best Answer

I had the same situation wherein tomcat manager did not start. I found this exception in my logs/manager.DDD-MM-YY.log:

org.apache.catalina.core.StandardContext filterStart
SEVERE: Exception starting filter CSRF
java.lang.ClassNotFoundException: org.apache.catalina.filters.CsrfPreventionFilter
        at java.net.URLClassLoader$1.run(URLClassLoader.java:202)

This exception was raised because I had used a version of tomcat that didn't have the CSRF prevention filter.

Tomcat 6.0.24 doesn't have the CSRF prevention filter in it. The first version that has it is the 6.0.30 version (at least according to the changelog).

As a result, Tomcat Manager was incompatible with version of Tomcat that I used. I've found this description of this issue.

Steps to fix it:

  1. Check version of tomcat installed by running "sh version.sh" from your tomcat/bin directory
  2. Download corresponding version of tomcat
  3. Stop tomcat
  4. Remove your webapps/manager directory and copy manager application from distributive that you've downloaded.
  5. Start tomcat

Now you should be able to access tomcat manager.

Related Question