tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Reich, Matthias" <matthias.re...@siemens.com>
Subject RE: AccessControlException in Coyote Http11Processor (Tomcat 6.0.14). Bug in Coyote ?
Date Thu, 06 Dec 2007 13:10:18 GMT
I think the problem arises because

a.    public static final boolean IS_SECURITY_ENABLED =
        (System.getSecurityManager() != null);

is more a macro definition than a constant definition.
But as Java does not support macros, the compiler cannot replace
occurrences of 'IS_SECURITY_ENABLED' with
'System.getSecurityManager() != null)'

b. As there are multiple classes named 'Constants' in different
packages,
there is no import declaration for org.apache.coyote.Constants in the
Http11Processor class because it would clash with
org.apache.coyote.http11.Constants.

I would guess that with an import declaration the 'Constants' class
would have been resolved earlier by the class loader.
If this is the case, there would be different ways to solve the problem:

1. use

import static org.apache.coyote.Constants.IS_SECURITY_ENABLED;

This is possible since Java 5 and allows to refer to IS_SECURITY_ENABLED
in the code without a package/class qualifier.
I am not sure if this would solve the issue, but it is an easy trial
(afaik Tomcat 6 requires Java 5 anyway).

2. org.apache.coyote.http11.Constants extends
org.apache.coyote.Constants

I have not checked if there would be name conflicts between declartions
in these packages, but if there are any,
I would try to resolve them anyway.
However, this would not allow to declare the Constants classes final.
I am not sure if this has any impact.

3. refactor the class names to avoid name clashes (CoyoteConstants,
CoyoteHttp11Constants, ...)

4. introduce a new class

package org.apache.coyote;

public final class CoyoteMacros  
{
    public static final boolean IS_SECURITY_ENABLED =
        (System.getSecurityManager() != null);
} 


- Matthias


-----Original Message-----
From: Delian Krustev [mailto:tomcat@krustev.net] 
Sent: Thursday, December 06, 2007 10:18 AM
To: Tomcat Users List
Subject: Re: AccessControlException in Coyote Http11Processor (Tomcat
6.0.14). Bug in Coyote ?

On Wed, 05 Dec 2007 22:13:00 +0000 Mark Thomas wrote:
> Did it happen straight away or did it work for a while and then fail?

Dec 3, 2007 10:14:24 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 152362 ms

.. 

Dec 3, 2007 10:17:22 PM org.apache.catalina.core.ApplicationDispatcher
invoke
SEVERE: Servlet.service() for servlet jsp threw exception
java.security.AccessControlException: org/apache/coyote/Constants

I've tried it about 3 minutes after the restart.



>
> I am beginning to think that
> http://svn.apache.org/viewvc?view=rev&rev=505593 introduced a subtle
timing
> issue. If Tomcat internal code causes Constants to be loaded,
everything is
> fine. If the webapp code causes Constants to be loaded, it fails.

It goes live straight away, so I suppose some request from user web 
application might have already been served.

I've been observing this problem for quite a while, and it has been
there all 
the time. 
The HTTP connector stays unused because of this problem.

You might be right -  may be the last time it did not appear because my
test 
was done prior to a request to an application that triggers it.

>
> The fix would be to revert to the (System.getSecurityManager() !=
null)
> test.

I'd be glad to test the patch.


Cheers
--
Delian

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message