https://issues.apache.org/bugzilla/show_bug.cgi?id=48580
Summary: 6.0.24: AccessControlException in
ProtectedFunctionMapper on first access to certain JSP
Product: Tomcat 6
Version: 6.0.20
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
AssignedTo: [email protected]
ReportedBy: [email protected]
Steps to reproduce:
1. Download and install 6.0.24 release candidate
2. Run catalina start -security
3. Access
http://localhost:8080/examples/jsp/jsp2/el/implicit-objects.jsp?foo=bar
4. Observe error page, with a stacktrace
java.security.AccessControlException: access denied
(java.lang.RuntimePermission accessClassInPackage.org.apache.jasper.security)
java.security.AccessControlContext.checkPermission(Unknown Source)
java.security.AccessController.checkPermission(Unknown Source)
java.lang.SecurityManager.checkPermission(Unknown Source)
java.lang.SecurityManager.checkPackageAccess(Unknown Source)
sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
java.lang.ClassLoader.loadClass(Unknown Source)
java.lang.ClassLoader.loadClass(Unknown Source)
java.lang.ClassLoader.loadClassInternal(Unknown Source)
org.apache.jasper.runtime.ProtectedFunctionMapper.getMapForFunction(ProtectedFunctionMapper.java:145)
org.apache.jsp.jsp.jsp2.el.implicit_002dobjects_jsp.<clinit>(implicit_002dobjects_jsp.java:13)
...
This issues does not occur if the following JSP page is accessed before the one
where it is observed:
http://localhost:8080/examples/jsp/jsp2/el/basic-arithmetic.jsp
OS: Windows XP, 32-bit, JRE version:
java version "1.6.0_17"
Java(TM) SE Runtime Environment (build 1.6.0_17-b04)
Java HotSpot(TM) Client VM (build 14.3-b01, mixed mode, sharing)
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
