How to access Tomcat 8 admin gui from different host?

August 15, 2016 59.3k views
Apache Applications Ubuntu 16.04
adminbbd0b80780
By:
adminbbd0b80780

I followed this excellent article about putting Apache in front of Tomcat, acting as a reverse proxy:

https://www.digitalocean.com/community/tutorials/how-to-encrypt-tomcat-8-connections-with-apache-or-nginx-on-ubuntu-16-04

How can you access the admin gui from a remote machine, though? Since we closed port 8080 as part of the setup, I can't get to tomcat anymore. For example, going to:

/manager/html

gives me a 403 page:

"By default the Host Manager is only accessible from a browser running on the same machine as Tomcat. If you wish to modify this restriction, you'll need to edit the Host Manager's context.xml file."

I do have a user set up in there as directed (from the setting up tomcat 8 tutorial), but this doesn't change anything. Restarted tomcat, still nothing.

How do you access the gui? Or is there a different way to deploy my web app war files?

Thanks

Log In to Comment
1 Answer
asb MOD December 12, 2016

As covered in How To Install Apache Tomcat 8 on Ubuntu 16.04

By default, newer versions of Tomcat restrict access to the Manager and Host Manager apps to connections coming from the server itself. Since we are installing on a remote machine, you will probably want to remove or alter this restriction. To change the IP address restrictions on these, open the appropriate context.xml files.

If you followed that installation tutorial, those file can be found at:

  • /opt/tomcat/webapps/manager/META-INF/context.xml

  • sudo nano /opt/tomcat/webapps/host-manager/META-INF/context.xml

To allow remote access, edit the files and comment out the part of the configuration file specifying the IP address restriction or replace them with a list of IP addresses that you would like to whitelist.

context.xml files for Tomcat webapps
<Context antiResourceLocking="false" privileged="true" >
  <!--<Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />-->
</Context>

Restart Tomcat for the changes to take effect:

  • sudo systemctl restart tomcat

Remember, since Apache mod_jk makes a local connection to Tomcat on port 8080 and proxies it to port 443 over HTTPS (or port 80 if you are not setting up SSL), you will access it at https://your_ip_address/manager/html

How To Install Apache Tomcat 8 on Ubuntu 16.04
by Justin Ellingwood
Apache Tomcat is a web server and servlet container that is used to serve Java applications. Tomcat is an open source implementation of the Java Servlet and JavaServer Pages technologies, released by the Apache Software Foundation. This tutorial covers the basic installation...
Reply
Have another answer? Share your knowledge.

Related Questions