Check your catalina.policy and see if the following 4 permissions are granted in the default policy:
// Required for sevlets and JSP's permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.util"; permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.util.*"; permission java.lang.RuntimePermission "defineClassInPackage.org.apache.catalina.util"; permission java.lang.RuntimePermission "defineClassInPackage.org.apache.catalina.util.*"; Java 1.4 is more picky about the RuntimePermission accessClassInPackage and defineClassInPackage permissions. Regards, Glenn Dala wrote:
When I use the security manager in Tomcat (4.1.12-LE-jdk1.4) some strange problems occur. When I execute the following simple JSP code: <% request.getParameter("foo"); %> I get the following exception: org.apache.jasper.JasperException: org/apache/catalina/util/ParameterMap at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:2 48) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:289) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:240) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application FilterChain ... I also start tomcat with security debub info enabled (i.e. CATALINA_OPTS=-Djava.security.debug=failure) but the log files do not report any errors, except for the exception of course. I use the standard policy rules as stated in the file catalina.policy. I even tried to grant the additional following rules, but nothing have helped so far: permission java.lang.RuntimePermission "accessClassInPackage.javax.servlet"; permission java.lang.RuntimePermission "accessClassInPackage.javax.servlet.*"; If I grant all permissions (i.e. permission java.security.AllPermission;) to my code base, then everything works fine. What is the problem? Have I missed something obvious here? /Tommy -- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
-- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>