-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 7/22/2014 9:04 AM, George Sexton wrote:
> I'm using Tomcat 7.0.54 with the security manager. I'm getting an
> exception I don't understand:
>
> 2014-07-22 09:27:03,934 [http-bio-80-exec-64] ERROR
> org.apache.catalina.core.ContainerBase.[Catalina].[somehostname.mhsoftware.com].[/].[jsp]-
>
>
Servlet.service() for servlet [jsp] in context with path [] threw
> exception [java.security.AccessControlException: access denied
> ("java.lang.RuntimePermission" "getClassLoader")] with root cause
> java.security.AccessControlException: access denied
> ("java.lang.RuntimePermission" "getClassLoader") at
> java.security.AccessControlContext.checkPermission(Unknown Source)
> at java.security.AccessController.checkPermission(Unknown Source)
> at java.lang.SecurityManager.checkPermission(Unknown Source) at
> java.lang.ClassLoader.checkClassLoaderPermission(Unknown Source) at
> java.lang.ClassLoader.getParent(Unknown Source) at
> org.apache.juli.ClassLoaderLogManager.findProperty(ClassLoaderLogManager.java:295)
>
> at
> org.apache.juli.ClassLoaderLogManager.getProperty(ClassLoaderLogManager.java:266)
>
> at
> org.apache.juli.ClassLoaderLogManager.addLogger(ClassLoaderLogManager.java:144)
>
> at java.util.logging.LogManager.demandLogger(Unknown Source) at
> java.util.logging.Logger.demandLogger(Unknown Source) at
> java.util.logging.Logger.getLogger(Unknown Source) at
> com.sun.mail.util.MailLogger.<init>(MailLogger.java:115) at
> javax.mail.Session.initLogger(Session.java:226) at
> javax.mail.Session.<init>(Session.java:210) at
> javax.mail.Session.getInstance(Session.java:247) at
> com.MHSoftware.net.mail.MHMail.sendSMTP(MHMail.java:470)
>
>
> Line 144 of ClassLoaderLogManager is the addLogger method trying to
> read the .level property for the logger being created.
>
> The catalina.policy is pretty much the stock one. I'm confused
> because the catalina.policy has:
>
> grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
> permission java.lang.RuntimePermission "getClassLoader";
>
> The page in question that's erroring out is a JSP that's calling a
> per-context jar. The hierarchy looks something like:
>
> JSP -> context/WEB-INF/lib/jar Class File -> $CATALINA_BASE/lib/ MH
> Software.jar -> $CATALINA_BASE javax.mail.jar ->
> $CATALINA_HOME/bin/tomcat-juli.jar
>
> $CATALINA_BASE/lib, has the grant for java.security.AllPermission;
>
> I don't know if this makes a difference, but I'm using log4j, and
> following the instructions here:
>
> http://tomcat.apache.org/tomcat-7.0-doc/logging.html#Using_Log4j
>
> I've made $CATALINA_BASE/conf/logging.properties an empty file.
>
> Finally, it SEEMS to only be happening in JSP files. calls directly
> from classes in the context jar file don't seem to be failing.
>
> If anyone could point me in the right direction, I would really
> appreciate it.
>
>
See if this helps:
http://www.oracle.com/technetwork/java/faq-135477.html#securityManager
. . . just my two cents
/mde/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJTzpRyAAoJEEFGbsYNeTwtx0IH/1cc385fyYb5vYfjXyt0NJHk
W+QG5KTGmBN2fU59J8wjdQ3vzYc4Ysa2rJO98fx90a682P2XrpxesdcHJeE1Za6+
E48WksP+uPQ9KnmEUOv+XMeCrY8gKknZgL/XrjKHkJhlsr2pP0VUdcgzdJph4hZm
UDoKAnFkPTJ6Pj3gWcTJMNo/Hs5/Jdt4LD4SKVRlI/9lmpiL6RdqL4n3voRHlo6m
KTinVBBDSjY2mZuuOML3B3JbnZOBUuUsj8/jH1L7DBWdIfgKKF2il9858ckDNLZc
p4TAlCbGpNZBD1E/bS3BWwmGAcGtebpbgiFG+c9dgA5FI4OhLc84y8HflwdTgb0=
=Q8u+
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
