2012/8/3 Dale Ogilvie <dale_ogil...@trimble.com>:
> Hi,
>
> I'm seeing this problem below appearing now with one of our web-apps, google
> has not helped me so far... There have been no changes with the web app in
> question, which was working, so I'm picking something is going on with either
> the tomcat or OS (virtualized) environment, but what? Any tips as to how to
> figure out what is going on?
>
> root cause
>
> java.lang.ClassCastException: org.apache.jasper.runtime.ELContextImpl cannot
> be cast to org.apache.jasper.el.ELContextImpl
>
> org.apache.jasper.runtime.PageContextImpl.proprietaryEvaluate(PageContextImpl.java:982)
>
> org.apache.jsp.WEB_002dINF.views.promoCodeWelcome_jsp._jspx_meth_c_005fout_005f0(promoCodeWelcome_jsp.java:301)
>
> org.apache.jsp.WEB_002dINF.views.promoCodeWelcome_jsp._jspService(promoCodeWelcome_jsp.java:171)
> org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
>
> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:432)
>
> org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
> org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
>
> org.springframework.web.servlet.view.InternalResourceView.renderMergedOutputModel(InternalResourceView.java:238)
>
> org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:250)
>
> org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1047)
>
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:817)
>
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:719)
>
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644)
>
> org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
> jcifs.http.NtlmHttpFilter.doFilter(NtlmHttpFilter.java:125)
>
> The app is deployed on Tomcat 7.0.27, java 1.6_026, erroring jsp line:
>
> <c:out value="${fn:length(promoCodeSpecCommand.user)}" />
>
>(...)
> I found the problem, but I am confused as to WHY it is a problem.
> *Another webapp* on the same tomcat instance includes the following jar
> in its WEB-INF/lib:
>
> jsp-2.1-6.1.14.jar
>
> This jar contains the offending class
> "org.apache.jasper.runtime.ELContextImpl".
>
> If I remove this *other* application (app2) from the server, the
> ClassCastException in app1 goes away.
>
> I thought the WEB-INF/lib directories for different applications were
> isolated from each other, but in this case it appears app1 is using a
> class from app2. This seems rather bad to me.
1. Tomcat 7.0.26 and earlier has static field
JspApplicationContextImpl.ExpressionFactory, so the EL implementation
is effectively shared between web applications.
This was a bug, noted and fixed in 7.0.27 (see BZ 52998),
http://svn.apache.org/viewvc?view=revision&revision=1307581
2. I do not know why you are observing the issue with 7.0.27.
Either the fix was incomplete,
or maybe the JSPs were compiled with an earlier version of Tomcat. Try
clearing the work folder so that they are recompiled.
or it is caused specifically by "other vendor" using jasper package
names in their classes. E.g. when some jasper classes were loaded by
Tomcat by the first time, it might be loaded from 3rd party JAR
instead of Tomcat.
It is possible to set delegate="true" on a <Loader> element to change
Tomcat classloading behaviour.
3. Regarding protection against "other vendor" using Jasper package classes,
The "package.access" setting in catalina.properties does include the
"org.apache.jasper." package, so a protection is already in place.
Note though that this setting is only effective when you run with
SecurityManager enabled.
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
