tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Phillip Qin <Phillip....@shareowner.com>
Subject RE: [REPOST]Tomcat with security manager + NoClassDefFoundError
Date Mon, 23 Jun 2003 18:41:02 GMT
The exception that I posted is root cause. The exception is 

javax.servlet.ServletException: Servlet execution threw an exception
	at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application
FilterChain.java:269)
	at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilter
Chain.java:98)
	at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain
.java:176)
......

I solved this problem by including a grant entry

grant codeBase "file:${catalina.home}/webapps/myapp/WEB-INF/struts.jar" {
  permission java.security.AllPermission;
};

But I am wondering if this AllPermission is secure enough or I am opening
more holes.

-----Original Message-----
From: John Turner [mailto:tomcat-user@johnturner.com] 
Sent: June 23, 2003 2:34 PM
To: Tomcat Users List
Subject: Re: [REPOST]Tomcat with security manager + NoClassDefFoundError


Is there a part in your error message that says "Root Cause"?  If so, what 
is it?

John

On Mon, 23 Jun 2003 14:24:36 -0400, Phillip Qin 
<Phillip.Qin@shareowner.com> wrote:

> Don't know if this mailing list filters my post, try it again.
>
> I am frustrated. I have a webapp developed by struts. If I start Tomcat
> without security manager, everything works fine. I can access
> https://myhost.mydomain.com/myapp/mylink.do?myparam=myvalue.
>
> After I start Tomcat -security and access the above link, I got the
> following error. There is an index.jsp. When some one type
> https://myhost.mydomain.com/myapp, this index.jsp will redirect him to 
> the
> home page. It is simply a META refresh. The frustration is, if I access
> https://myhost.mydomain.com/myapp once, then I can always access
> https://myhost.mydomain.com/myapp/mylink.do?myparam=myvalue. I suspect 
> there
> are permission that I need to grant in Catalina.policy.
>
> Any input?
>
> java.lang.NoClassDefFoundError:
> org/apache/coyote/tomcat4/CoyoteRequest$PrivilegedGetSession
> 	at
>
org.apache.coyote.tomcat4.CoyoteRequest.getSession(CoyoteRequest.java:1728) 
>
>
> 	at
>
org.apache.coyote.tomcat4.CoyoteRequestFacade.getSession(CoyoteRequestFacade

>
>
> .java:365)
> 	at
>
org.apache.coyote.tomcat4.CoyoteRequestFacade.getSession(CoyoteRequestFacade

>
>
> .java:375)
> 	at
>
org.apache.struts.action.RequestProcessor.processLocale(RequestProcessor.jav

>
>
> a:631)
> 	at
>
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:230)

>
>
> 	at
> org.apache.struts.action.ActionServlet.process(ActionServlet.java:1480)
> 	at
> org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:506)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> 	at
>
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application

>
>
> FilterChain.java:247)
> 	at
>
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilter

>
>
> Chain.java:98)
> 	at
>
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain

>
>
> .java:176)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at
>
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterCh

>
>
> ain.java:172)
> 	at
>
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.ja

>
>
> va:256)
> 	at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok

>
>
> eNext(StandardPipeline.java:643)
> 	at
>
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) 
>
>
> 	at
> org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
> 	at
>
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.ja

>
>
> va:191)
> 	at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok

>
>
> eNext(StandardPipeline.java:643)
> 	at
>
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:2

>
>
> 46)
> 	at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok

>
>
> eNext(StandardPipeline.java:641)
> 	at
>
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) 
>
>
> 	at
> org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
> 	at
> org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2415)

>
>
> 	at
>
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180

>
>
> )
> 	at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok

>
>
> eNext(StandardPipeline.java:643)
> 	at
>
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.

>
>
> java:171)
> 	at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok

>
>
> eNext(StandardPipeline.java:641)
> 	at
>
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172

>
>
> )
> 	at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok

>
>
> eNext(StandardPipeline.java:641)
> 	at
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:509)
> 	at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok

>
>
> eNext(StandardPipeline.java:641)
> 	at
>
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) 
>
>
> 	at
> org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
> 	at
>
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java

>
>
> :174)
> 	at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok

>
>
> eNext(StandardPipeline.java:643)
> 	at
>
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) 
>
>
> 	at
> org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
> 	at
> org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:223)
> 	at
> org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:261)
> 	at
> org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:360)
> 	at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:604)
> 	at
>
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:562)

>
>
> 	at
> org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:679)
> 	at
>
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav

>
>
> a:619)
> 	at java.lang.Thread.run(Thread.java:536)
>
>
>
>
> -----Original Message-----
> From: Phillip Qin [mailto:Phillip.Qin@shareowner.com] Sent: June 23, 2003 
> 2:23 PM
> To: 'tomcat-user@jakarta.apache.org'
> Subject: tomcat-user filter
>
> Does this mailing list filter words like NoClassDefFoundError or 
> security?
> The message that I was posting never gets to the list.
>
>
>
> Regards,
>
>
>
>
>
>
>
> PQ
>
>
>
> "The difference between 'involvement' and 'commitment'
>
> is like an eggs-and-ham breakfast: the chicken was
>
> 'involved' - the pig was 'committed'."
>
>
>
>



-- 
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message