You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Phillip Qin <Ph...@shareowner.com> on 2003/06/23 20:24:36 UTC

[REPOST]Tomcat with security manager + NoClassDefFoundError

Don't know if this mailing list filters my post, try it again.

I am frustrated. I have a webapp developed by struts. If I start Tomcat
without security manager, everything works fine. I can access
https://myhost.mydomain.com/myapp/mylink.do?myparam=myvalue.

After I start Tomcat -security and access the above link, I got the
following error. There is an index.jsp. When some one type
https://myhost.mydomain.com/myapp, this index.jsp will redirect him to the
home page. It is simply a META refresh. The frustration is, if I access
https://myhost.mydomain.com/myapp once, then I can always access
https://myhost.mydomain.com/myapp/mylink.do?myparam=myvalue. I suspect there
are permission that I need to grant in Catalina.policy.

Any input?

java.lang.NoClassDefFoundError:
org/apache/coyote/tomcat4/CoyoteRequest$PrivilegedGetSession
	at
org.apache.coyote.tomcat4.CoyoteRequest.getSession(CoyoteRequest.java:1728)
	at
org.apache.coyote.tomcat4.CoyoteRequestFacade.getSession(CoyoteRequestFacade
.java:365)
	at
org.apache.coyote.tomcat4.CoyoteRequestFacade.getSession(CoyoteRequestFacade
.java:375)
	at
org.apache.struts.action.RequestProcessor.processLocale(RequestProcessor.jav
a:631)
	at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:230)
	at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1480)
	at
org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:506)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
	at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application
FilterChain.java:247)
	at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilter
Chain.java:98)
	at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain
.java:176)
	at java.security.AccessController.doPrivileged(Native Method)
	at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterCh
ain.java:172)
	at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.ja
va:256)
	at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
eNext(StandardPipeline.java:643)
	at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
	at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
	at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.ja
va:191)
	at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
eNext(StandardPipeline.java:643)
	at
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:2
46)
	at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
eNext(StandardPipeline.java:641)
	at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
	at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
	at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2415)
	at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180
)
	at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
eNext(StandardPipeline.java:643)
	at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.
java:171)
	at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
eNext(StandardPipeline.java:641)
	at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172
)
	at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
eNext(StandardPipeline.java:641)
	at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:509)
	at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
eNext(StandardPipeline.java:641)
	at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
	at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
	at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java
:174)
	at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok
eNext(StandardPipeline.java:643)
	at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
	at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
	at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:223)
	at
org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:261)
	at
org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:360)
	at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:604)
	at
org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:562)
	at
org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:679)
	at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav
a:619)
	at java.lang.Thread.run(Thread.java:536)




-----Original Message-----
From: Phillip Qin [mailto:Phillip.Qin@shareowner.com] 
Sent: June 23, 2003 2:23 PM
To: 'tomcat-user@jakarta.apache.org'
Subject: tomcat-user filter

Does this mailing list filter words like NoClassDefFoundError or security?
The message that I was posting never gets to the list.

 

Regards,

 

 

 

PQ

 

"The difference between 'involvement' and 'commitment'

is like an eggs-and-ham breakfast: the chicken was

'involved' - the pig was 'committed'."

Re: [REPOST]Tomcat with security manager + NoClassDefFoundError

Posted by John Turner <to...@johnturner.com>.

Is there a part in your error message that says "Root Cause"?  If so, what 
is it?

John

On Mon, 23 Jun 2003 14:24:36 -0400, Phillip Qin 
<Ph...@shareowner.com> wrote:

> Don't know if this mailing list filters my post, try it again.
>
> I am frustrated. I have a webapp developed by struts. If I start Tomcat
> without security manager, everything works fine. I can access
> https://myhost.mydomain.com/myapp/mylink.do?myparam=myvalue.
>
> After I start Tomcat -security and access the above link, I got the
> following error. There is an index.jsp. When some one type
> https://myhost.mydomain.com/myapp, this index.jsp will redirect him to 
> the
> home page. It is simply a META refresh. The frustration is, if I access
> https://myhost.mydomain.com/myapp once, then I can always access
> https://myhost.mydomain.com/myapp/mylink.do?myparam=myvalue. I suspect 
> there
> are permission that I need to grant in Catalina.policy.
>
> Any input?
>
> java.lang.NoClassDefFoundError:
> org/apache/coyote/tomcat4/CoyoteRequest$PrivilegedGetSession
> 	at
> org.apache.coyote.tomcat4.CoyoteRequest.getSession(CoyoteRequest.java:1728) 
>
>
> 	at
> org.apache.coyote.tomcat4.CoyoteRequestFacade.getSession(CoyoteRequestFacade 
>
>
> .java:365)
> 	at
> org.apache.coyote.tomcat4.CoyoteRequestFacade.getSession(CoyoteRequestFacade 
>
>
> .java:375)
> 	at
> org.apache.struts.action.RequestProcessor.processLocale(RequestProcessor.jav 
>
>
> a:631)
> 	at
> org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:230) 
>
>
> 	at
> org.apache.struts.action.ActionServlet.process(ActionServlet.java:1480)
> 	at
> org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:506)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> 	at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application 
>
>
> FilterChain.java:247)
> 	at
> org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilter 
>
>
> Chain.java:98)
> 	at
> org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain 
>
>
> .java:176)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterCh 
>
>
> ain.java:172)
> 	at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.ja 
>
>
> va:256)
> 	at
> org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok 
>
>
> eNext(StandardPipeline.java:643)
> 	at
> org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) 
>
>
> 	at
> org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
> 	at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.ja 
>
>
> va:191)
> 	at
> org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok 
>
>
> eNext(StandardPipeline.java:643)
> 	at
> org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:2 
>
>
> 46)
> 	at
> org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok 
>
>
> eNext(StandardPipeline.java:641)
> 	at
> org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) 
>
>
> 	at
> org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
> 	at
> org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2415) 
>
>
> 	at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180 
>
>
> )
> 	at
> org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok 
>
>
> eNext(StandardPipeline.java:643)
> 	at
> org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve. 
>
>
> java:171)
> 	at
> org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok 
>
>
> eNext(StandardPipeline.java:641)
> 	at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172 
>
>
> )
> 	at
> org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok 
>
>
> eNext(StandardPipeline.java:641)
> 	at
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:509)
> 	at
> org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok 
>
>
> eNext(StandardPipeline.java:641)
> 	at
> org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) 
>
>
> 	at
> org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
> 	at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java 
>
>
> :174)
> 	at
> org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok 
>
>
> eNext(StandardPipeline.java:643)
> 	at
> org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) 
>
>
> 	at
> org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
> 	at
> org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:223)
> 	at
> org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:261)
> 	at
> org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:360)
> 	at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:604)
> 	at
> org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:562) 
>
>
> 	at
> org.apache.jk.common.SocketConnection.runIt(ChannelSocket.java:679)
> 	at
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav 
>
>
> a:619)
> 	at java.lang.Thread.run(Thread.java:536)
>
>
>
>
> -----Original Message-----
> From: Phillip Qin [mailto:Phillip.Qin@shareowner.com] Sent: June 23, 2003 
> 2:23 PM
> To: 'tomcat-user@jakarta.apache.org'
> Subject: tomcat-user filter
>
> Does this mailing list filter words like NoClassDefFoundError or 
> security?
> The message that I was posting never gets to the list.
>
>
>
> Regards,
>
>
>
>
>
>
>
> PQ
>
>
>
> "The difference between 'involvement' and 'commitment'
>
> is like an eggs-and-ham breakfast: the chicken was
>
> 'involved' - the pig was 'committed'."
>
>
>
>



-- 
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org