tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <>
Subject Re: JAAS/Classloaders/Tomcat4
Date Tue, 23 Oct 2001 16:10:13 GMT
On Tue, 23 Oct 2001, Antony Bowesman wrote:

> Date: Tue, 23 Oct 2001 17:24:56 +0300
> From: Antony Bowesman <>
> Reply-To:
> To: TomcatDev <>
> Subject: JAAS/Classloaders/Tomcat4
> Hi,
> I've been a bit confused after reading the classloader docs for Tomcat
> 4, the %CATALINA_HOME/lib %CATALINA_HOME/classes are accessed via the
> shared classloader but the startup script sets certain jars from
> %CATALINA_HOME/lib on the system classpath.

Actually, the system classpath constructed by the standard startup script
includes exactly the following things:

- $CATALINA_HOME/bin/bootstrap.jar

- $JAVA_HOME/lib/tools.jar (if it exists)

- $JSSE_HOME/lib/{jcert,jnet,jsse}.jar (if they exist)

> JAAS 1.0 requires login config and login modules to be on the system
> classpath so to that end I have put jaas.jar to %CATALINA_HOME/lib and
> added it to the classpath used in catalina.(sh|bat).

You should *not* be doing both of these things -- either put it on the
classpath *or* put it in $CATALINA_HOME/lib.

Have you tried putting JAAS in the System Extensions directory instead
($JAVA_HOME/jre/lib/ext)?  This directory is automatically added "above"
the system class path.

> There is no concept in Tomcat 4.0 of a system classes directory where
> you can just dump the odd class as the classes directory is used by the
> shared classloader.

In Tomcat 4.0, the directory "$CATALINA_HOME/classes" is added to the
shared classloader if it exists at startup time.  This would contain
unJARed classes and resources, analogous to /WEB-INF/classes within a

> I gather the shared classpath will be renamed 'shared/lib + classes' in
> 4.1 but wouldn't it be useful if the catalina startup script set the
> classpath to all the jars in %CATALINA_HOME/lib and
> %CATALINA_HOME/classes.  At least this way no modifications need to be
> done to the startup scripts and JAAS login modules can just be dropped
> into the system classes directory as needed.

Tomcat 3.2 used the technique of actually modifying the system class path.
Unfortunately, it causes platform specific problems, especially on Windows
where there are limits on the overall length of an environment variable,
and lots of strange restrictions on building an environment variable
dynamically in the script.  In addition, editing the class path manually
has historically been the source of a very high percentage of newbie user
errors.  The current approach that Tomcat takes (build class loaders
internally based on the contents of directories) is much more reliable and
less error prone.

Please try putting the JAAS stuff in the system extensions directory and
see if that does the trick for you.

> Rgds
> --
> Antony Bowesman
> Teamware Group
> phone: +358 9 5128 2562
> fax  : +358 9 5128 2705
> intra / extra / Internet solutions at


View raw message