See the javadoc for Executors.privilegedThreadFactory(). It is documented as checking for that permission and throwing an AccessControlException. Since it is called in the constructor of DefaultShutdownCallbackRegistry it definitely has the potential for throwing an exception, which then causes log4j initialization to fail. That just isn’t acceptable.
Ralph On Oct 14, 2014, at 9:45 PM, Matt Sicker <[email protected]> wrote: > We never use setContextClassLoader though. I'm not sure why that security > exception appears. I don't think there's any harm in fixing that. > > On 14 October 2014 22:59, Ralph Goers <[email protected]> wrote: > Well darn. Matt put an Assert.requiredNonNull on the Registry in > Log4jContextFactory. So even if the exception is caught it can’t be ignored. > Unless I can find a way around this that commit is going to have to be > reverted. > > Ralph > > On Oct 14, 2014, at 7:57 PM, ralph.goers @dslextreme.com > <[email protected]> wrote: > >> I have an app that I was able to run successfully on a vanilla Tomcat. I >> need to check the security settings on te server. Regardless, this should >> not cause initialization to fail. >> >> Ralph >> >> On Tuesday, October 14, 2014, Gary Gregory <[email protected]> wrote: >> IIRC, it looks something Matt was working on recently and he did mention >> working through security issues. Hopefully he will see this message and can >> help out. >> >> It sounds like we need at last one integration tests for Tomcat... >> >> Gary >> >> On Tue, Oct 14, 2014 at 8:30 PM, Ralph Goers <[email protected]> >> wrote: >> I am having a bit of trouble with the latest code. Log4j won’t start in >> tomcat due to a security violation. I am not going to go forward with the >> release until I can determine what the problem is and fix it. >> >> Ralph >> >> ERROR StatusLogger Unable to create class >> org.apache.logging.log4j.core.impl.Log4jContextFactory specified in >> jar:file:/usr/local/jakarta-tomcat/webapps/NextivaDriveBilling/WEB-INF/lib/log4j-core-2.1-SNAPSHOT.jar!/META-INF/log4j-provider.properties >> java.security.AccessControlException: access denied >> (java.lang.RuntimePermission setContextClassLoader) >> at >> java.security.AccessControlContext.checkPermission(AccessControlContext.java:374) >> at >> java.util.concurrent.Executors$PrivilegedThreadFactory.<init>(Executors.java:563) >> at >> java.util.concurrent.Executors.privilegedThreadFactory(Executors.java:321) >> at >> org.apache.logging.log4j.core.util.DefaultShutdownCallbackRegistry.<init>(DefaultShutdownCallbackRegistry.java:54) >> at >> org.apache.logging.log4j.core.impl.Log4jContextFactory.createShutdownCallbackRegistry(Log4jContextFactory.java:117) >> at >> org.apache.logging.log4j.core.impl.Log4jContextFactory.<init>(Log4jContextFactory.java:54) >> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native >> Method) >> at >> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) >> at >> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) >> at java.lang.reflect.Constructor.newInstance(Constructor.java:513) >> at java.lang.Class.newInstance0(Class.java:357) >> at java.lang.Class.newInstance(Class.java:310) >> at org.apache.logging.log4j.LogManager.<clinit>(LogManager.java:96) >> at >> org.apache.logging.log4j.core.config.Configurator.getFactory(Configurator.java:154) >> at >> org.apache.logging.log4j.core.config.Configurator.initialize(Configurator.java:109) >> at >> org.apache.logging.log4j.web.Log4jWebInitializerImpl.initializeNonJndi(Log4jWebInitializerImpl.java:157) >> at >> org.apache.logging.log4j.web.Log4jWebInitializerImpl.start(Log4jWebInitializerImpl.java:107) >> at >> org.apache.logging.log4j.web.Log4jServletContextListener.contextInitialized(Log4jServletContextListener.java:45) >> at >> org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3795) >> at >> org.apache.catalina.core.StandardContext.start(StandardContext.java:4252) >> at >> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760) >> at >> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740) >> at >> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544) >> at >> org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:884) >> at >> org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:737) >> at >> org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:498) >> at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1203) >> at >> org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:319) >> at >> org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120) >> at >> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022) >> at org.apache.catalina.core.StandardHost.start(StandardHost.java:736) >> at >> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014) >> at >> org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443) >> at >> org.apache.catalina.core.StandardService.start(StandardService.java:448) >> at >> org.apache.catalina.core.StandardServer.start(StandardServer.java:700) >> at org.apache.catalina.startup.Catalina.start(Catalina.java:552) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> at java.lang.reflect.Method.invoke(Method.java:597) >> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295) >> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433) >> >> ERROR StatusLogger Log4j2 could not find a logging implementation. Please >> add log4j-core to the classpath. Using SimpleLogger to log to the console... >> ERROR StatusLogger LogManager returned an instance of >> org.apache.logging.log4j.simple.SimpleLoggerContextFactory which does not >> implement org.apache.logging.log4j.core.impl.Log4jContextFactory. Unable to >> initialize Log4j. >> >> >> >> On Oct 14, 2014, at 9:16 AM, Matt Sicker <[email protected]> wrote: >> >>> Oh crap, you're right. >>> >>> On 14 October 2014 11:05, Gary Gregory <[email protected]> wrote: >>> Don't you have to login to Nexus to release though? >>> >>> Gary >>> >>> On Tue, Oct 14, 2014 at 11:34 AM, Matt Sicker <[email protected]> wrote: >>> Question: if I start the release process with everything signed, can >>> someone else complete it when the vote is done? >>> >>> On 13 October 2014 22:26, Ralph Goers <[email protected]> wrote: >>> Matt can't do it so I will. It will be in the next couple of days. >>> >>> Sent from my iPad >>> >>> On Oct 13, 2014, at 7:22 PM, Gary Gregory <[email protected]> wrote: >>> >>>> Hi All: >>>> >>>> I'm sure we are all busy (I am!) but do we have a plan for cutting what >>>> will hopefully be the last 2.1 RC? >>>> >>>> Gary >>>> >>>> -- >>>> E-Mail: [email protected] | [email protected] >>>> Java Persistence with Hibernate, Second Edition >>>> JUnit in Action, Second Edition >>>> Spring Batch in Action >>>> Blog: http://garygregory.wordpress.com >>>> Home: http://garygregory.com/ >>>> Tweet! http://twitter.com/GaryGregory >>> >>> >>> >>> -- >>> Matt Sicker <[email protected]> >>> >>> >>> >>> -- >>> E-Mail: [email protected] | [email protected] >>> Java Persistence with Hibernate, Second Edition >>> JUnit in Action, Second Edition >>> Spring Batch in Action >>> Blog: http://garygregory.wordpress.com >>> Home: http://garygregory.com/ >>> Tweet! http://twitter.com/GaryGregory >>> >>> >>> >>> -- >>> Matt Sicker <[email protected]> >> >> >> >> >> -- >> E-Mail: [email protected] | [email protected] >> Java Persistence with Hibernate, Second Edition >> JUnit in Action, Second Edition >> Spring Batch in Action >> Blog: http://garygregory.wordpress.com >> Home: http://garygregory.com/ >> Tweet! http://twitter.com/GaryGregory > > > > > -- > Matt Sicker <[email protected]>
