14

Update: cleanup and directly indicate the problem and the solution.

PROBLEM:

Docker-tomcat was properly installed and running, except for the 403 Access error in the Manager App. It also seems that my docker tomcat cannot find my tomcat-users.xml configuration.

SOLUTION

Thanks to Farhad and Sanket for the answers.

[Files]:

Dockerfile

FROM tomcat:8.5.11
MAINTAINER Borgy Manotoy <[email protected]>

# Update Apt and then install Nano editor (RUN can be removed)
RUN apt-get update && apt-get install -y \
    nano \
&& mkdir -p /usr/local/tomcat/conf

# Copy configurations (Tomcat users, Manager app)
COPY tomcat-users.xml /usr/local/tomcat/conf/
COPY context.xml /usr/local/tomcat/webapps/manager/META-INF/

Tomcat Users Configuration (conf/tomcat-users.xml)

<tomcat-users xmlns="http://tomcat.apache.org/xml"
              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
              version="1.0">
    <role rolename="manager-gui"/>
    <role rolename="manager-script"/>
    <user username="admin" password="password" roles="manager-gui,manager-script" />
</tomcat-users>

Application Context (webapps/manager/META-INF/context.xml)

<?xml version="1.0" encoding="UTF-8"?>
<Context antiResourceLocking="false" privileged="true" >
  <!--
  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
  -->
</Context>

[STEPS & COMMANDS]:

  1. Build Docker Image

    docker build -t borgymanotoy/my-tomcat-docker .

  2. Run Image (my-tomcat-docker and set port to 8088)

    docker run --name my-tomcat-docker-container -p 8088:8080 -it -d borgymanotoy/my-tomcat-docker

  3. Go to the container's bash (to check files inside the container thru bash)

    docker exec -it biyahe-tomcat-docker-container bash

Improve this question
0

3 Answers 3

Reset to default
17

First you need to expose your application in the container, so you can connect to it from dockerhost/network.

docker run -d -p 8000:8080 tomcat:8.5.11-jre8

You need to change 2 files in order to access the mangaer app from remote host. (Browser on Docker host is considered remote, only packets received on containers loopback are considered local for tomcat)

  1. /usr/local/tomcat/webapps/manager/META-INF/context.xml Note the commented section.

    <Context antiResourceLocking="false" privileged="true" >
<!--
     <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->

Please note the commented section.

  1. /usr/local/tomcat/conf/tomcat-users.xml as you stated in the question.

    <tomcat-users xmlns="http://tomcat.apache.org/xml"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
          version="1.0">
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<user username="admin" password="password" roles="manager-gui,manager-script" />

In order to make changes to files in the container, You can try building your own image, but I suggest using docker volumes or bind mounts.

Also make sure you restart the container so the changes take effect.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Work for me, but you must restart your docker container with tomcat server
2

Please specify the port when you do a docker run like (i believe mine/tomcat-version is your image name),

docker run -p 8000:8080 -it -d --name MyContainerName mine/tomcat-version

then access the manager page using,

http://<ipaddress>:8000/manager/html

To get the host ip address in docker to need to execute docker-machine ip

Addition info: You can also get into the container using below command,

docker exec -it MyContainerName bash if you want to check different things like tomcat logs, conf files, etc.

Improve this answer

2 Comments

I forgot to indicate that I already set the port to 8088 and assigned a name for the container. Thanks for the 'docker exec...' I needed this to work inside the container.
403 error it seems it did not see the changes in my tomcat-users.xml, although it is already applied. I need to alter context.xml as indicated in farhad's answer in #1 and it works now :) Thanks guys!
0

Although this is quite late, I wanted to leave my 2 cents.

I took this solution to the next level by building a sample continuous integration system that deploys wars to the docker tomcat just by running mvn clean install via project IDE whilst having the docker tomcat container running.

  • This solves the problem of having to restart tomcat-container every time a new build is available. Takes advantage of tomcat's auto-deploy
  • Uses shared volume so that you can deploy multiple wars into the shared volume and a script picks up your wars and deploys to tomcat webapps
  • Comes with a standard user 'admin' so as to access manager GUI.
  • Available on public docker repo: docker run -p 8080:8080 -d --name tom -v <YOUR_VOLUME>:/usr/local/stagingwebapps wintersoldier/tomcat_ci:1.0
  • Picks up any war files dropped to the shared volume and instantly deploys them to tomcat server with an option to deploy it via GUI as well
  • Here is a sample application with required maven changes & docker file to explore
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.