tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wsweet...@mac.com
Subject tomcat security issue
Date Wed, 23 Oct 2002 14:12:41 GMT
I have the following exception thrown when attempting to access tomcat  
app resources

WarpEngine[Apache - Tomcat4]: Mapping request
Security Violation, attempt to use Restricted Class:  
org.apache.catalina.core.ApplicationDispatcher
java.security.AccessControlException: access denied  
(java.lang.RuntimePermission  
accessClassInPackage.org.apache.catalina.core)
         at  
java.security.AccessControlContext.checkPermission(AccessControlContext. 
java:270)
         at  
java.security.AccessController.checkPermission(AccessController.java:401 
)
         at  
java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
         at  
java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1513)
         at  
org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLo 
ader.java:1056)
         at  
org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLo 
ader.java:992)
         at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:322)
         at  
org.apache.catalina.core.ApplicationContext.getNamedDispatcher(Applicati 
onContext.java:534)
         at  
org.apache.catalina.core.ApplicationContextFacade.getNamedDispatcher(App 
licationContextFacade.java:179)
         at  
alvolo.servlet.DispatcherServlet.initialiseSession(DispatcherServlet.jav 
a:280)
         at  
alvolo.servlet.DispatcherServlet.doGet(DispatcherServlet.java:146)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at  
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica 
tionFilterChain.java:247)
         at  
org.apache.catalina.core.ApplicationFilterChain.access$0(ApplicationFilt 
erChain.java:197)
         at  
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterC 
hain.java:176)
         at java.security.AccessController.doPrivileged(Native Method)
         at  
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt 
erChain.java:172)
         at  
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv 
e.java:243)
         at  
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja 
va:566)
         at  
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4 
72)
         at  
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
         at  
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv 
e.java:190)
         at  
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja 
va:566)
         at  
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.ja 
va:246)
         at  
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja 
va:564)
         at  
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4 
72)
         at  
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
         at  
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:234 
3)
         at  
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java 
:180)
         at  
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja 
va:566)
         at  
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherVa 
lve.java:170)
         at  
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja 
va:564)
         at  
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java 
:170)
         at  
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja 
va:564)
         at  
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4 
72)
         at  
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
         at  
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve. 
java:174)
         at  
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja 
va:566)
         at  
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4 
72)
         at  
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
         at  
org.apache.ajp.tomcat4.Ajp13Processor.process(Ajp13Processor.java:429)
         at  
org.apache.ajp.tomcat4.Ajp13Processor.run(Ajp13Processor.java:495)
         at java.lang.Thread.run(Thread.java:536)
StandardClassLoader: Security Violation, attempt to use Restricted  
Class: org.apache.catalina.core.ApplicationDispatcher


Does anybody have any suggestions as to how to attack this issue

Kind regards

Warren


--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message