DO NOT REPLY [Bug 48438] New: RC2 of 6.0.21: java.security.AccessControlException on Error 500 page

Wed, 23 Dec 2009 05:26:50 -0800 

https://issues.apache.org/bugzilla/show_bug.cgi?id=48438

           Summary: RC2 of 6.0.21: java.security.AccessControlException on
                    Error 500 page
           Product: Tomcat 6
           Version: 6.0.20
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Jasper
        AssignedTo: [email protected]
        ReportedBy: [email protected]


Created an attachment (id=24753)
 --> (https://issues.apache.org/bugzilla/attachment.cgi?id=24753)
/webapps/examples/jsp/tagplugin/if.jsp

Steps to reproduce:
1. Download and install 6.0.21 release candidate "try2"
2. Replace /webapps/examples/jsp/tagplugin/if.jsp with the file attacted to
this bug report. It has a few lines added to reproduce bug 48112.
3. Run  catalina start -security
4. Access http://localhost:8080/examples/jsp/tagplugin/if.jsp
5. Observe Error 500 page with java.security.AccessControlException

java.security.AccessControlException: access denied
(java.lang.RuntimePermission accessClassInPackage.org.apache.jasper.security)
    java.security.AccessControlContext.checkPermission(Unknown Source)
    java.security.AccessController.checkPermission(Unknown Source)
    java.lang.SecurityManager.checkPermission(Unknown Source)
    java.lang.SecurityManager.checkPackageAccess(Unknown Source)
    sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
    java.lang.ClassLoader.loadClass(Unknown Source)
    java.lang.ClassLoader.loadClass(Unknown Source)
    java.lang.ClassLoader.loadClassInternal(Unknown Source)
org.apache.jasper.runtime.ProtectedFunctionMapper.getMapForFunction(ProtectedFunctionMapper.java:145)
    org.apache.jsp.jsp.tagplugin.if_jsp.<clinit>(if_jsp.java:13)

The full stack trace will be in an attachment.

6. If run without Security manager, the error report as described in bug 48112
is observed, that is
(..)
org.apache.el.parser.ParseException: Encountered " <ILLEGAL_CHARACTER> "\' ""
at line 1, column 11.
(..)

5. is the unexpected result, 6. is the expected result

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to