2013/10/18 Edoardo Panfili <edoa...@aspix.it>: > > I didn't touch the manager application (at least not voluntarily!). > > > >> That may also explain why the latest logfile did not show any problem. >> It was probably copied before the first real call to the Manager happened. > > >> Right now though, there is probably the same error message in the logs >> as before, because Edoardo tried to call the Manager app, /after/ he >> sent us the startup logfile. > > Are we talking of catalina.out? if so: no. the problem is that the exception > log is not in catalina.out (or > catalina-daemon.out in my system) but in manager.2013-10-18.log > > ott 18, 2013 6:44:14 PM org.apache.catalina.core.ApplicationContext log > > Informazioni: Marking servlet Manager as unavailable > ott 18, 2013 6:44:14 PM org.apache.catalina.core.StandardWrapperValve invoke > > Grave: Allocate exception for servlet Manager > java.lang.SecurityException: Restricted (ContainerServlet) class > org.apache.catalina.manager.ManagerServlet > at > org.apache.catalina.core.DefaultInstanceManager.checkAccess(DefaultInstanceManager.java:538) > at > org.apache.catalina.core.DefaultInstanceManager.loadClassMaybePrivileged(DefaultInstanceManager.java:511) > at > org.apache.catalina.core.DefaultInstanceManager.newInstance(DefaultInstanceManager.java:137) > at > org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1144) > at > org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:865) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:136) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:611) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99) > at > org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408) > at > org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1023) > at > org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589) > at > org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > at java.lang.Thread.run(Thread.java:724) > > (the same as before) >
The code: http://svn.apache.org/viewvc/tomcat/tc7.0.x/tags/TOMCAT_7_0_40/java/org/apache/catalina/core/DefaultInstanceManager.java?view=markup#l538 To clarify: it is not related with Java SecurityManager. It is an explicit check in Tomcat code that prohibits usage of special servlets (such as the Manager one) in web applications that are not marked as "privileged". It means that OP's manager web application does not have privileged="true" in its context xml file. The default context.xml of the manager webapp in Tomcat 7 is in $CATALINA_HOME/webapps/manager/META-INF/context.xml. It may be that the file is missing, is not readable, or it is not effective (e.g. if it is shadowed by another definition of the same context elsewhere. There exist several ways on how a context can be configured). See [1]. As Martin Gainty noted, it seems that there is quite a number of errors in how OP's web applications are deployed. All allowed attributes are documented in [1]. [1] http://tomcat.apache.org/tomcat-7.0-doc/config/context.html#Defining_a_context Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
