tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-Francois Arcand <>
Subject Re: [REPOST]Tomcat with security manager + NoClassDefFoundError
Date Mon, 23 Jun 2003 20:42:02 GMT

that's a bug in Tomcat. You should not received that exception, which 
means that the classloader is unable to load some package protected 
classes. The 
org/apache/coyote/tomcat4/CoyoteRequest$PrivilegedGetSession needs to be 
loaded when Tomcat starts, not when you do your first invokation (Tomcat 
5 handles the current case).

Which Tomcat version are you using (4.1.?)?

-- Jeanfrancois

Phillip Qin wrote:

>I have already added that one, plus
>- ReflectPermission "suppressAccessChecks" for a commons-beanutils bug
>- FilePermission for log4j
>-----Original Message-----
>From: Jason Bainbridge [] 
>Sent: June 23, 2003 3:48 PM
>To: Tomcat Users List
>Subject: Re: [REPOST]Tomcat with security manager + NoClassDefFoundError
>Was just doing a bit of reading:
>Running Struts Applications Under A Security Manager
>Many application servers execute web applications under the control of a
>security manager, with restricted permissions on what classes in the web 
>application can do. If you utilize form beans with mapped properties, you
>encounter security exceptions unless you add the following permission to the
>set of permissions granted to your Struts application's codebase:
>permission java.lang.RuntimePermission "accessDeclaredMembers";
>It still seems strange though that it was throwing a NoClassDefFoundError,
>you maybe try the above as an alternative fix and see if that resolves the 

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message