Edit C:\galaxie\deploy\Tomcat6\work\Catalina\localhost\manager\org\apache\jsp\WEB_002dINF\jsp\_403_jsp.class
Êþº¾ 1( 'org/apache/jsp/WEB_002dINF/jsp/_403_jsp %org/apache/jasper/runtime/HttpJspBase ,org/apache/jasper/runtime/JspSourceDependent _jspxFactory Ljavax/servlet/jsp/JspFactory; _jspx_dependants Ljava/util/List; _el_expressionfactory Ljavax/el/ExpressionFactory; _jsp_annotationprocessor Lorg/apache/AnnotationProcessor; <clinit> ()V Code javax/servlet/jsp/JspFactory getDefaultFactory ()Ljavax/servlet/jsp/JspFactory; LineNumberTable LocalVariableTable <init> this )Lorg/apache/jsp/WEB_002dINF/jsp/_403_jsp; getDependants ()Ljava/lang/Object; $ _jspInit ' ( ) getServletConfig ()Ljavax/servlet/ServletConfig; + - , javax/servlet/ServletConfig . / getServletContext ()Ljavax/servlet/ServletContext; 1 2 3 getJspApplicationContext I(Ljavax/servlet/ServletContext;)Ljavax/servlet/jsp/JspApplicationContext; 5 7 6 'javax/servlet/jsp/JspApplicationContext 8 9 getExpressionFactory ()Ljavax/el/ExpressionFactory; ; = org/apache/AnnotationProcessor ? A @ java/lang/Class B C getName ()Ljava/lang/String; E G F javax/servlet/ServletContext H I getAttribute &(Ljava/lang/String;)Ljava/lang/Object; K _jspDestroy _jspService R(Ljavax/servlet/http/HttpServletRequest;Ljavax/servlet/http/HttpServletResponse;)V Exceptions Q java/io/IOException S javax/servlet/ServletException U text/html W Y X &javax/servlet/http/HttpServletResponse Z [ setContentType (Ljava/lang/String;)V ] ^ _ getPageContext ?(Ljavax/servlet/Servlet;Ljavax/servlet/ServletRequest;Ljavax/servlet/ServletResponse;Ljava/lang/String;ZIZ)Ljavax/servlet/jsp/PageContext; a - b javax/servlet/jsp/PageContext a ' a e f g getSession "()Ljavax/servlet/http/HttpSession; a i j k getOut ()Ljavax/servlet/jsp/JspWriter; m o q p javax/servlet/jsp/JspWriter r [ write t \<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> v <html> x <head> z $ <title>403 Access Denied</title> | <style type="text/css"> ~ <!-- ? c BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;font-size:12px;} ? c H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} ? * PRE, TT {border: 1px dotted #525D76} ? / A {color : black;}A.name {color : black;} ? --> ? </style> ? </head> ? <body> ? <h1>403 Access Denied</h1> ? <p> ? / You are not authorized to view this page. ? </p> ? P If you have already configured the Manager application to allow access and ? Q you have used your browser's back button, used a saved book-mark or similar ? R then you may have triggered the cross-site request forgery (CSRF) protection ? R that has been enabled for the HTML interface of the Manager application. You = will need to reset this protection by returning to the ¢ <a href=" ¤ ¦ ¥ %javax/servlet/http/HttpServletRequest § C getContextPath o © ª [ print ¬ (/html">main Manager page</a>. Once you ® I return to this page, you will be able to continue using the Manager ° N appliction's HTML interface normally. If you continue to see this access ² R denied message, check that you have the necessary permissions to access this ´ application. ¶ If you have not changed ¸ 6 any configuration files, please examine the file º ? <tt>conf/tomcat-users.xml</tt> in your installation. That ¼ C file must contain the credentials to let you use this webapp. ¾ G For example, to add the <tt>manager-gui</tt> role to a user named À R <tt>tomcat</tt> with a password of <tt>s3cret</tt>, add the following to the  config file listed above. Ä <pre> Æ &<role rolename="manager-gui"/> È G<user username="tomcat" password="s3cret" roles="manager-gui"/> Ê </pre> Ì P Note that for Tomcat 6.0.30 onwards, the roles required to use the manager Î O application were changed from the single <tt>manager</tt> role to add the Ð R following four roles. (The manager role is still available but should not be Ò Q used as it avoids the CSRF protection). You will need to assign the role(s) Ô 8 required for the functionality you wish to access. Ö <ul> Ø O <li><tt>manager-gui</tt> - allows access to the HTML GUI and the status Ú pages</li> Ü Q <li><tt>manager-script</tt> - allows access to the text interface and the Þ status pages</li> à P <li><tt>manager-jmx</tt> - allows access to the JMX proxy and the status â Q <li><tt>manager-status</tt> - allows access to the status pages only</li> ä </ul> æ R The HTML interface is protected against CSRF but the text and JMX interfaces è / are not. To maintain the CSRF protection: ê <ul> ì O <li>users with the <tt>manager-gui</tt> role should not be granted either î I the <tt>manager-script</tt> or <tt>manager-jmx</tt> roles.</li> ð P <li>if the text or jmx interfaces are accessed through a browser (e.g. for ò Q testing since these interfaces are intended for tools not humans) then ô O the browser must be closed afterwards to terminate the session.</li> ö </ul> ø + For more information - please see the ú @ <a href="/docs/manager-howto.html">Manager App HOW-TO</a>. ü </body> þ </html> #javax/servlet/jsp/SkipPageException o getBufferSize ()I o clearBuffer a handlePageException (Ljava/lang/Throwable;)V java/lang/Throwable C getMessage log *(Ljava/lang/String;Ljava/lang/Throwable;)V releasePageContext "(Ljavax/servlet/jsp/PageContext;)V request 'Ljavax/servlet/http/HttpServletRequest; response (Ljavax/servlet/http/HttpServletResponse; pageContext Ljavax/servlet/jsp/PageContext; out Ljavax/servlet/jsp/JspWriter; _jspx_out _jspx_page_context t Ljava/lang/Throwable; SourceFile _403_jsp.java SourceDebugExtension 1 + ¸ ³ ± / *· ± ! "