Tomcat 7 - java.lang.NoClassDefFoundError: Could not initialize class javax.servlet.http.Cookie
I have an application that use j_security for a form-based authentication. When the application is deployed for the first time (or the tomcat is restarted) user gets this exception when trying access a protected content directly (without login). GRAVE: Servlet.service() for servlet [default] in context with path [/mycontext] threw exception [Could not initialize class javax.servlet.http.Cookie] with root cause java.lang.NoClassDefFoundError: Could not initialize class javax.servlet.http.Cookie at org.apache.catalina.core.ApplicationSessionCookieConfig.createSessionCookie(ApplicationSessionCookieConfig.java:127) at org.apache.catalina.connector.Request.doGetSession(Request.java:2875) at org.apache.catalina.connector.Request.getSession(Request.java:2307) at org.apache.catalina.connector.RequestFacade$GetSessionPrivilegedAction.run(RequestFacade.java:216) at org.apache.catalina.connector.RequestFacade$GetSessionPrivilegedAction.run(RequestFacade.java:205) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:894) at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:909) at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:238) at com.mycompany.myfilter.SaasComponentImpl.getTenantId(SaasComponentImpl.java:284) The excepted behaviour is to redirect the user to the login form and when the user logs in redirect him to the requested protected resource. But the weird thing is this works correctly if the first request send to the rebooted server ask for the login form!!! It seems that after this tomcat find and load correctly the cookie class and then all the request are handled as expected. Why tomcat cannot find the Cookie class that is for sure in the lib/servlet-api.jar? IMHO, no mmetter when this class is asked to be load for the first time ... it should be there for any valve, servlet, filter, etc ... I'm right? PS: This was working fine before the app was migrated from tomcat 6.
RE: Tomcat 7 - java.lang.NoClassDefFoundError: Could not initialize class javax.servlet.http.Cookie
Answers inline ... -Original Message- From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] Sent: vendredi 20 janvier 2012 13:06 To: Tomcat Users List Subject: Re: Tomcat 7 - java.lang.NoClassDefFoundError: Could not initialize class javax.servlet.http.Cookie 2012/1/20 Guillermo GARCIA OCHOA guillermo.garcia-oc...@inova-software.com: I have an application that use j_security for a form-based authentication. When the application is deployed for the first time (or the tomcat is restarted) user gets this exception when trying access a protected content directly (without login). GRAVE: Servlet.service() for servlet [default] in context with path [/mycontext] threw exception [Could not initialize class javax.servlet.http.Cookie] with root cause java.lang.NoClassDefFoundError: Could not initialize class javax.servlet.http.Cookie at org.apache.catalina.core.ApplicationSessionCookieConfig.createSessionC ookie(ApplicationSessionCookieConfig.java:127) at org.apache.catalina.connector.Request.doGetSession(Request.java:2875) at org.apache.catalina.connector.Request.getSession(Request.java:2307) at org.apache.catalina.connector.RequestFacade$GetSessionPrivilegedAction .run(RequestFacade.java:216) at org.apache.catalina.connector.RequestFacade$GetSessionPrivilegedAction .run(RequestFacade.java:205) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.j ava:894) at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.j ava:909) at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletReq uestWrapper.java:238) at com.mycompany.myfilter.SaasComponentImpl.getTenantId(SaasComponentImpl .java:284) The excepted behaviour is to redirect the user to the login form and when the user logs in redirect him to the requested protected resource. But the weird thing is this works correctly if the first request send to the rebooted server ask for the login form!!! It seems that after this tomcat find and load correctly the cookie class and then all the request are handled as expected. Why tomcat cannot find the Cookie class that is for sure in the lib/servlet-api.jar? IMHO, no mmetter when this class is asked to be load for the first time ... it should be there for any valve, servlet, filter, etc ... I'm right? PS: This was working fine before the app was migrated from tomcat 6. 1. Your exact version of Tomcat x.y.z =? *** Tomcat 7.0.23 2. Your OS * Windows server 2008 3. Do you think that you are running with Java's SecurityManager enabled? [1] *** Is enabled whit the same configurations that we used to use with tomcat 6 4. Is there anything else in the logs? * Nothing else I thing that the Could not initialize class message means that the class is found, but its initialization failed. I wonder though why it is not an instance of ExceptionInInitializerError. [1] http://tomcat.apache.org/tomcat-7.0-doc/security-manager-howto.html Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat 7 - java.lang.NoClassDefFoundError: Could not initialize class javax.servlet.http.Cookie
As suggested, the problem was the security manager: Most of our login related classes are the CATALINA_BASE/lib folder. So uncommenting this lines in the catalina.policy files fix the problem: // If using a per instance lib directory, i.e. ${catalina.base}/lib, // then the following permission will need to be uncommented grant codeBase file:${catalina.base}/lib/- { permission java.security.AllPermission; }; Thanks to Konstantin Kolinko for the quick hint! PS: Why the exception is not clear enough?? -Original Message- From: Guillermo GARCIA OCHOA [mailto:guillermo.garcia-oc...@inova-software.com] Sent: vendredi 20 janvier 2012 13:11 To: Tomcat Users List Subject: RE: Tomcat 7 - java.lang.NoClassDefFoundError: Could not initialize class javax.servlet.http.Cookie Answers inline ... -Original Message- From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] Sent: vendredi 20 janvier 2012 13:06 To: Tomcat Users List Subject: Re: Tomcat 7 - java.lang.NoClassDefFoundError: Could not initialize class javax.servlet.http.Cookie 2012/1/20 Guillermo GARCIA OCHOA guillermo.garcia-oc...@inova-software.com: I have an application that use j_security for a form-based authentication. When the application is deployed for the first time (or the tomcat is restarted) user gets this exception when trying access a protected content directly (without login). GRAVE: Servlet.service() for servlet [default] in context with path [/mycontext] threw exception [Could not initialize class javax.servlet.http.Cookie] with root cause java.lang.NoClassDefFoundError: Could not initialize class javax.servlet.http.Cookie at org.apache.catalina.core.ApplicationSessionCookieConfig.createSessionC ookie(ApplicationSessionCookieConfig.java:127) at org.apache.catalina.connector.Request.doGetSession(Request.java:2875) at org.apache.catalina.connector.Request.getSession(Request.java:2307) at org.apache.catalina.connector.RequestFacade$GetSessionPrivilegedAction .run(RequestFacade.java:216) at org.apache.catalina.connector.RequestFacade$GetSessionPrivilegedAction .run(RequestFacade.java:205) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.j ava:894) at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.j ava:909) at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletReq uestWrapper.java:238) at com.mycompany.myfilter.SaasComponentImpl.getTenantId(SaasComponentImpl .java:284) The excepted behaviour is to redirect the user to the login form and when the user logs in redirect him to the requested protected resource. But the weird thing is this works correctly if the first request send to the rebooted server ask for the login form!!! It seems that after this tomcat find and load correctly the cookie class and then all the request are handled as expected. Why tomcat cannot find the Cookie class that is for sure in the lib/servlet-api.jar? IMHO, no mmetter when this class is asked to be load for the first time ... it should be there for any valve, servlet, filter, etc ... I'm right? PS: This was working fine before the app was migrated from tomcat 6. 1. Your exact version of Tomcat x.y.z =? *** Tomcat 7.0.23 2. Your OS * Windows server 2008 3. Do you think that you are running with Java's SecurityManager enabled? [1] *** Is enabled whit the same configurations that we used to use with tomcat 6 4. Is there anything else in the logs? * Nothing else I thing that the Could not initialize class message means that the class is found, but its initialization failed. I wonder though why it is not an instance of ExceptionInInitializerError. [1] http://tomcat.apache.org/tomcat-7.0-doc/security-manager-howto.html Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org