# Ubuntu – Tomcat Manager Application and HTTP 404 Error

Apache2tomcat

I am trying to set up the admin application for a Tomcat 6.0.24 instance. None of the searches I've done turn up anything I can use. I am using this configuration for Apache 2.2.14:

Alias /manager /usr/share/tomcat6-admin/manager

AllowOverride None
allow from all
</Directory>

ProxyPass /manager ajp://localhost:8009/manager


In the tomcat-users.xml I have this:

<tomcat-users>
<role rolename="tomcat"/>
<role rolename="operator"/>
<role rolename="manager"/>
</tomcat-users>


I found the docs that suggested I needed manager-gui role installed and defined, but that appears to be Tomcat 7, not Tomcat 6.

The manager.xml is the default provided with Ubuntu Lucid Lynx 10.04:

<Context path="/manager"
antiResourceLocking="false" privileged="true" />


If I access /manager from a web browser, I get a 404 error from Tomcat: "requested resource not available." If I access /manager/images I get the same thing. If I access /manager/401.jsp I get the actual page.

In addition, the server.xml has not only the usual Realm (UserDatabaseRealm) but also one for MySQL authentication (JDBCRealm). Investigating this showed that the role of manager was not present there for the user admin; I fixed that by doing:

INSERT USER_ROLE_DB SET USER_NAME='admin', ROLE_NAME='manager';


I restarted Tomcat, although I suspect that was overkill. No change. I don't see any errors in catalina.out or in localhost.* log files.

What am I missing? What is the interaction between the different realms? How do I get the manager application working?

I had the same situation wherein tomcat manager did not start. I found this exception in my logs/manager.DDD-MM-YY.log:

org.apache.catalina.core.StandardContext filterStart
SEVERE: Exception starting filter CSRF
java.lang.ClassNotFoundException: org.apache.catalina.filters.CsrfPreventionFilter
...


This exception was raised because I had used a version of tomcat that didn't have the CSRF prevention filter.

Tomcat 6.0.24 doesn't have the CSRF prevention filter in it. The first version that has it is the 6.0.30 version (at least according to the changelog).

As a result, Tomcat Manager was incompatible with version of Tomcat that I used. I've found this description of this issue.

Steps to fix it:

1. Check version of tomcat installed by running "sh version.sh" from your tomcat/bin directory