DO NOT REPLY [Bug 48580] New: 6.0.24: AccessControlException in ProtectedFunctionMapper on first access to certain JSP

bugzilla Wed, 20 Jan 2010 11:55:12 -0800

https://issues.apache.org/bugzilla/show_bug.cgi?id=48580


           Summary: 6.0.24: AccessControlException in
                    ProtectedFunctionMapper on first access to certain JSP
           Product: Tomcat 6
           Version: 6.0.20
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina
        AssignedTo: dev@tomcat.apache.org
        ReportedBy: knst.koli...@gmail.com


Steps to reproduce:
1. Download and install 6.0.24 release candidate
2. Run  catalina start -security
3. Access 
http://localhost:8080/examples/jsp/jsp2/el/implicit-objects.jsp?foo=bar
4. Observe error page, with a stacktrace

java.security.AccessControlException: access denied
(java.lang.RuntimePermission accessClassInPackage.org.apache.jasper.security)
  java.security.AccessControlContext.checkPermission(Unknown Source)
  java.security.AccessController.checkPermission(Unknown Source)
  java.lang.SecurityManager.checkPermission(Unknown Source)
  java.lang.SecurityManager.checkPackageAccess(Unknown Source)
  sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
  java.lang.ClassLoader.loadClass(Unknown Source)
  java.lang.ClassLoader.loadClass(Unknown Source)
  java.lang.ClassLoader.loadClassInternal(Unknown Source)
org.apache.jasper.runtime.ProtectedFunctionMapper.getMapForFunction(ProtectedFunctionMapper.java:145)
 
org.apache.jsp.jsp.jsp2.el.implicit_002dobjects_jsp.<clinit>(implicit_002dobjects_jsp.java:13)
...

This issues does not occur if the following JSP page is accessed before the one
where it is observed:
http://localhost:8080/examples/jsp/jsp2/el/basic-arithmetic.jsp

OS: Windows XP, 32-bit,  JRE version:
java version "1.6.0_17"
Java(TM) SE Runtime Environment (build 1.6.0_17-b04)
Java HotSpot(TM) Client VM (build 14.3-b01, mixed mode, sharing)

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

DO NOT REPLY [Bug 48580] New: 6.0.24: AccessControlException in ProtectedFunctionMapper on first access to certain JSP

Reply via email to