tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <>
Subject Re: [T4m4] java.lang.SecurityException
Date Thu, 09 Nov 2000 19:22:28 GMT wrote:

> I am trying to run T4m4 with my webapp and I am receiving a
> java.lang.SecurityException : sealing exception
> This is because my servlet is trying to instantiate a singleton object in
> the webapp that reads its config info from a file on the classpath using a
> mildy modified version of the XML mapper from Tomcat (just renamed the
> package so I can use it).
> I was under the assumption that the security stuff didn't run if you just
> ran bin/  Is that still the case?

"Sealing violation" problems just started showing up in m4.  The only thing I
can think of that's different is I compiled with optimization on, but it's
still under investigation.  As I understand it, a sealing violation means
you're trying to load a class in a particular package from a different JAR file
than other classes of that same package were found.

One issue you might run into with the "modified XML mapper" is that, if the
mapper classes themselves are on the system class path, they won't be able to
see classes in WEB-INF/classes or WEB-INF/lib/*.jar -- class loader delegation
goes up the hierarchy, but not down.  You might need to ensure that all your
classes are under WEB-INF (or all your classes are on the classpath) to make
this work.

I ran into exactly this situation with the Digester module in Struts
<>, which is pretty similar in principle to
XmlMapper, and it is one of the reasons for the restriction that struts.jar
*must* be in your WEB-INF/lib directory.

> How can I get around this if I am just using the supplied script
> with no parameters?
> Thanks
> Scott Sanders

Craig McClanahan

View raw message