As suggested, the problem was the security manager:
Most of our login related classes are the CATALINA_BASE/lib folder. So
uncommenting this lines in the catalina.policy files fix the problem:
// If using a per instance lib directory, i.e. ${catalina.base}/lib,
// then the following permission will need to be uncommented
grant codeBase "file:${catalina.base}/lib/-" {
permission java.security.AllPermission;
};
Thanks to Konstantin Kolinko for the quick hint!
PS: Why the exception is not clear enough??
-----Original Message-----
From: Guillermo GARCIA OCHOA [mailto:[email protected]]
Sent: vendredi 20 janvier 2012 13:11
To: Tomcat Users List
Subject: RE: Tomcat 7 - java.lang.NoClassDefFoundError: Could not initialize
class javax.servlet.http.Cookie
Answers inline ...
-----Original Message-----
From: Konstantin Kolinko [mailto:[email protected]]
Sent: vendredi 20 janvier 2012 13:06
To: Tomcat Users List
Subject: Re: Tomcat 7 - java.lang.NoClassDefFoundError: Could not initialize
class javax.servlet.http.Cookie
2012/1/20 Guillermo GARCIA OCHOA <[email protected]>:
> I have an application that use j_security for a form-based authentication.
> When the application is deployed for the first time (or the tomcat is
> restarted) user gets this exception when trying access a protected content
> directly (without login).
>
> GRAVE: Servlet.service() for servlet [default] in context with path
> [/mycontext] threw exception [Could not initialize class
> javax.servlet.http.Cookie] with root cause
>
> java.lang.NoClassDefFoundError: Could not initialize class
> javax.servlet.http.Cookie
>
> at
> org.apache.catalina.core.ApplicationSessionCookieConfig.createSessionC
> ookie(ApplicationSessionCookieConfig.java:127)
>
> at
> org.apache.catalina.connector.Request.doGetSession(Request.java:2875)
>
> at
> org.apache.catalina.connector.Request.getSession(Request.java:2307)
>
> at
> org.apache.catalina.connector.RequestFacade$GetSessionPrivilegedAction
> .run(RequestFacade.java:216)
>
> at
> org.apache.catalina.connector.RequestFacade$GetSessionPrivilegedAction
> .run(RequestFacade.java:205)
>
> at java.security.AccessController.doPrivileged(Native Method)
>
> at
> org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.j
> ava:894)
>
> at
> org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.j
> ava:909)
>
> at
> javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletReq
> uestWrapper.java:238)
>
> at
> com.mycompany.myfilter.SaasComponentImpl.getTenantId(SaasComponentImpl
> .java:284)
>
> The excepted behaviour is to redirect the user to the login form and when the
> user logs in redirect him to the requested protected resource.
>
> But the weird thing is this works correctly if the first request send to the
> rebooted server ask for the login form!!! It seems that after this tomcat
> find and load correctly the cookie class and then all the request are handled
> as expected.
>
> Why tomcat cannot find the Cookie class that is for sure in the
> lib/servlet-api.jar? IMHO, no mmetter when this class is asked to be load for
> the first time ... it should be there for any valve, servlet, filter, etc ...
> I'm right?
>
> PS: This was working fine before the app was migrated from tomcat 6.
>
1. Your exact version of Tomcat x.y.z =?
******* Tomcat 7.0.23
2. Your OS
********* Windows server 2008
3. Do you think that you are running with Java's SecurityManager enabled? [1]
******* Is enabled whit the same configurations that we used to use with
tomcat 6
4. Is there anything else in the logs?
********* Nothing else
I thing that the "Could not initialize class" message means that the class is
found, but its initialization failed.
I wonder though why it is not an instance of ExceptionInInitializerError.
[1] http://tomcat.apache.org/tomcat-7.0-doc/security-manager-howto.html
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
