I have the following exception thrown when attempting to access tomcat
app resources
WarpEngine[Apache - Tomcat4]: Mapping request
Security Violation, attempt to use Restricted Class:
org.apache.catalina.core.ApplicationDispatcher
java.security.AccessControlException: access denied
(java.lang.RuntimePermission
accessClassInPackage.org.apache.catalina.core)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.
java:270)
at
java.security.AccessController.checkPermission(AccessController.java:401
)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
at
java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1513)
at
org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLo
ader.java:1056)
at
org.apache.catalina.loader.StandardClassLoader.loadClass(StandardClassLo
ader.java:992)
at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:322)
at
org.apache.catalina.core.ApplicationContext.getNamedDispatcher(Applicati
onContext.java:534)
at
org.apache.catalina.core.ApplicationContextFacade.getNamedDispatcher(App
licationContextFacade.java:179)
at
alvolo.servlet.DispatcherServlet.initialiseSession(DispatcherServlet.jav
a:280)
at
alvolo.servlet.DispatcherServlet.doGet(DispatcherServlet.java:146)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
tionFilterChain.java:247)
at
org.apache.catalina.core.ApplicationFilterChain.access$0(ApplicationFilt
erChain.java:197)
at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterC
hain.java:176)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
erChain.java:172)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv
e.java:243)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:566)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
72)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv
e.java:190)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:566)
at
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.ja
va:246)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:564)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
72)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:234
3)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java
:180)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:566)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherVa
lve.java:170)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:564)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:170)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:564)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
72)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
java:174)
at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.ja
va:566)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:4
72)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
at
org.apache.ajp.tomcat4.Ajp13Processor.process(Ajp13Processor.java:429)
at
org.apache.ajp.tomcat4.Ajp13Processor.run(Ajp13Processor.java:495)
at java.lang.Thread.run(Thread.java:536)
StandardClassLoader: Security Violation, attempt to use Restricted
Class: org.apache.catalina.core.ApplicationDispatcher
Does anybody have any suggestions as to how to attack this issue
Kind regards
Warren
--
To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
- Re: tomcat security issue wsweetman
- Re: tomcat security issue Jean-Francois Arcand
- Re: tomcat security issue wsweetman
- Re: tomcat security issue Jean-Francois Arcand
- Re: tomcat security issue wsweetman
- Re: tomcat security issue Glenn Nielsen
- Re: tomcat security issue Warren Sweetman
