401 Unauthorized error while logging in Manager-App of Tomcat

Question

I am trying to log in to the Manager App in Tomcat 7.0.22 for Mac OS X 10.7. Here is the error I am getting: http://f.cl.ly/items/421q1K3f1i0X1H1M181v/so.tiff

Answer 1

Just to add some information on @David's answer:

If you are like me and SFTP to the host with any user under a group other than tomcat (for e.g. root) and edit tomcat_users.xml with some generic editor like gedit or VS Code, the group of the file will be changed to the user you used (probably because a new file was created). Like below:

drwxr-x--- 2 root tomcat   4096 Jun 21 11:41 ./
drwxr-xr-x 9 root tomcat   4096 May 24 14:12 ../
-rw-r----- 1 root tomcat  13531 Apr 28 03:34 catalina.policy
-rw-r----- 1 root tomcat   7202 Apr 28 03:34 catalina.properties
-rw-r----- 1 root tomcat   1400 Apr 28 03:34 context.xml
-rw-r----- 1 root tomcat   1149 Apr 28 03:34 jaspic-providers.xml
-rw-r----- 1 root tomcat   2313 Apr 28 03:34 jaspic-providers.xsd
-rw-r----- 1 root tomcat   3850 Apr 28 03:34 logging.properties
-rw-r----- 1 root tomcat   7511 Apr 28 03:34 server.xml
-rw-r----- 1 root root     2342 Jun 21 11:41 tomcat-users.xml
-rw-r----- 1 root tomcat   2633 Apr 28 03:34 tomcat-users.xsd
-rw-r----- 1 root tomcat 170202 Apr 28 03:34 web.xml

Maybe my initial setup of tomcat was a bit casual... But with the above behavior, tomcat will loose access to the edited file. The result would be 401 Unauthorized.

There are a number of options to get around the problem. I'm not sure if any of them is the best practice though.

• Changing permission after the edit (yes sure...).
• nano and WinSCP do not seem to suffer from the issue.
• SETGID: chmod g+s /conf_folder (not tested).
• Follow this answer
• Maybe an editor that is permission-aware?