-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 7/22/2014 9:04 AM, George Sexton wrote: > I'm using Tomcat 7.0.54 with the security manager. I'm getting an > exception I don't understand: > > 2014-07-22 09:27:03,934 [http-bio-80-exec-64] ERROR > org.apache.catalina.core.ContainerBase.[Catalina].[somehostname.mhsoftware.com].[/].[jsp]- > > Servlet.service() for servlet [jsp] in context with path [] threw > exception [java.security.AccessControlException: access denied > ("java.lang.RuntimePermission" "getClassLoader")] with root cause > java.security.AccessControlException: access denied > ("java.lang.RuntimePermission" "getClassLoader") at > java.security.AccessControlContext.checkPermission(Unknown Source) > at java.security.AccessController.checkPermission(Unknown Source) > at java.lang.SecurityManager.checkPermission(Unknown Source) at > java.lang.ClassLoader.checkClassLoaderPermission(Unknown Source) at > java.lang.ClassLoader.getParent(Unknown Source) at > org.apache.juli.ClassLoaderLogManager.findProperty(ClassLoaderLogManager.java:295) > > at > org.apache.juli.ClassLoaderLogManager.getProperty(ClassLoaderLogManager.java:266) > > at > org.apache.juli.ClassLoaderLogManager.addLogger(ClassLoaderLogManager.java:144) > > at java.util.logging.LogManager.demandLogger(Unknown Source) at > java.util.logging.Logger.demandLogger(Unknown Source) at > java.util.logging.Logger.getLogger(Unknown Source) at > com.sun.mail.util.MailLogger.<init>(MailLogger.java:115) at > javax.mail.Session.initLogger(Session.java:226) at > javax.mail.Session.<init>(Session.java:210) at > javax.mail.Session.getInstance(Session.java:247) at > com.MHSoftware.net.mail.MHMail.sendSMTP(MHMail.java:470) > > > Line 144 of ClassLoaderLogManager is the addLogger method trying to > read the .level property for the logger being created. > > The catalina.policy is pretty much the stock one. I'm confused > because the catalina.policy has: > > grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" { > permission java.lang.RuntimePermission "getClassLoader"; > > The page in question that's erroring out is a JSP that's calling a > per-context jar. The hierarchy looks something like: > > JSP -> context/WEB-INF/lib/jar Class File -> $CATALINA_BASE/lib/ MH > Software.jar -> $CATALINA_BASE javax.mail.jar -> > $CATALINA_HOME/bin/tomcat-juli.jar > > $CATALINA_BASE/lib, has the grant for java.security.AllPermission; > > I don't know if this makes a difference, but I'm using log4j, and > following the instructions here: > > http://tomcat.apache.org/tomcat-7.0-doc/logging.html#Using_Log4j > > I've made $CATALINA_BASE/conf/logging.properties an empty file. > > Finally, it SEEMS to only be happening in JSP files. calls directly > from classes in the context jar file don't seem to be failing. > > If anyone could point me in the right direction, I would really > appreciate it. > >
See if this helps: http://www.oracle.com/technetwork/java/faq-135477.html#securityManager . . . just my two cents /mde/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTzpRyAAoJEEFGbsYNeTwtx0IH/1cc385fyYb5vYfjXyt0NJHk W+QG5KTGmBN2fU59J8wjdQ3vzYc4Ysa2rJO98fx90a682P2XrpxesdcHJeE1Za6+ E48WksP+uPQ9KnmEUOv+XMeCrY8gKknZgL/XrjKHkJhlsr2pP0VUdcgzdJph4hZm UDoKAnFkPTJ6Pj3gWcTJMNo/Hs5/Jdt4LD4SKVRlI/9lmpiL6RdqL4n3voRHlo6m KTinVBBDSjY2mZuuOML3B3JbnZOBUuUsj8/jH1L7DBWdIfgKKF2il9858ckDNLZc p4TAlCbGpNZBD1E/bS3BWwmGAcGtebpbgiFG+c9dgA5FI4OhLc84y8HflwdTgb0= =Q8u+ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org