FW: Tomcat Security Exceptions on deployment of example war (reformatted)

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

FW: Tomcat Security Exceptions on deployment of example war (reformatted)

Neil Richards
Hi,

I've been having trouble deploying my MyFaces(2.2.9) app on Tomcat 8 with
the security manager enabled, so I then tried deploying the
myfaces-example-simple-1.1.14.war and had the same problem. I need the
security manager enabled as I am deploying in production on a shared Tomcat
instance and the hosts will not allow the   RuntimePermissions on
org.apache.catalina.core, org.apache.catalina.servlets or
org.apache.jasper.compiler. These are the stack traces I get:

02-Mar-2016 22:08:54.902 INFO [localhost-startStop-1]
org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security
Violation, attempt to use Re
stricted Class: org.apache.catalina.servlets.DefaultServlet
 java.security.AccessControlException: access denied
("java.lang.RuntimePermission"
"accessClassInPackage.org.apache.catalina.servlets")
        at
java.security.AccessControlContext.checkPermission(AccessControlContext.java
:472)
        at
java.security.AccessController.checkPermission(AccessController.java:884)
        at
java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
        at
java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
        at
org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoader
Base.java:1243)
        at
org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoader
Base.java:1142)
        at java.lang.Class.forName0(Native Method)
        at java.lang.Class.forName(Class.java:264)
        at
org.apache.myfaces.ee6.MyFacesContainerInitializer.isDelegatedFacesServlet(M
yFacesContainerInitializer.java:280)
        at
org.apache.myfaces.ee6.MyFacesContainerInitializer.onStartup(MyFacesContaine
rInitializer.java:150)
        at
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:
5244)
        at
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
        at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:7
25)
        at
org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:131)
        at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
java:153)
        at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
java:143)
        at java.security.AccessController.doPrivileged(Native Method)
        at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:699)
        at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717)
        at
org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:939)
        at
org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1812)
        at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:11
42)
        at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:6
17)
        at java.lang.Thread.run(Thread.java:745)

02-Mar-2016 22:08:59.435 INFO [localhost-startStop-1]
org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security
Violation, attempt to use Re
stricted Class: org.apache.jasper.compiler.JspRuntimeContext
 java.security.AccessControlException: access denied
("java.lang.RuntimePermission"
"accessClassInPackage.org.apache.jasper.compiler")
        at
java.security.AccessControlContext.checkPermission(AccessControlContext.java
:472)
        at
java.security.AccessController.checkPermission(AccessController.java:884)
        at
java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
        at
java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
        at
org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoader
Base.java:1243)
        at
org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoader
Base.java:1142)
        at java.lang.Class.forName0(Native Method)
        at java.lang.Class.forName(Class.java:264)
        at
org.apache.myfaces.webapp.Jsp21FacesInitializer.getJspFactory(Jsp21FacesInit
ializer.java:88)
        at
org.apache.myfaces.webapp.Jsp21FacesInitializer.initContainerIntegration(Jsp
21FacesInitializer.java:62)
        at
org.apache.myfaces.webapp.AbstractFacesInitializer.initFaces(AbstractFacesIn
itializer.java:172)
        at
org.apache.myfaces.webapp.StartupServletContextListener.contextInitialized(S
tartupServletContextListener.java:121)
        at
org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:
4810)
        at
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:
5255)
        at
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
        at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:7
25)
        at
org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:131)
        at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
java:153)
        at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
java:143)
        at java.security.AccessController.doPrivileged(Native Method)
        at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:699)
        at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717)
        at
org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:939)
        at
org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1812)
        at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:11
42)
        at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:6
17)
        at java.lang.Thread.run(Thread.java:745)

I previously had a 2.1.9 version running on Tomcat 6 without any problems.
Is it true that now MyFaces cannot be deployed in these circumstances? If
not, can anyone tell me how I can overcome these problems?

Many thanks,
Neil


Reply | Threaded
Open this post in threaded view
|

Re: FW: Tomcat Security Exceptions on deployment of example war (reformatted)

Werner Punz-2
Hi this is clearly a bug.
Can you please put a bugreport on

https://issues.apache.org/jira/browse/MYFACES

Werner



Am 02.03.16 um 23:12 schrieb Neil Richards:

> Hi,
>
> I've been having trouble deploying my MyFaces(2.2.9) app on Tomcat 8 with
> the security manager enabled, so I then tried deploying the
> myfaces-example-simple-1.1.14.war and had the same problem. I need the
> security manager enabled as I am deploying in production on a shared Tomcat
> instance and the hosts will not allow the   RuntimePermissions on
> org.apache.catalina.core, org.apache.catalina.servlets or
> org.apache.jasper.compiler. These are the stack traces I get:
>
> 02-Mar-2016 22:08:54.902 INFO [localhost-startStop-1]
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security
> Violation, attempt to use Re
> stricted Class: org.apache.catalina.servlets.DefaultServlet
>   java.security.AccessControlException: access denied
> ("java.lang.RuntimePermission"
> "accessClassInPackage.org.apache.catalina.servlets")
>          at
> java.security.AccessControlContext.checkPermission(AccessControlContext.java
> :472)
>          at
> java.security.AccessController.checkPermission(AccessController.java:884)
>          at
> java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
>          at
> java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
>          at
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoader
> Base.java:1243)
>          at
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoader
> Base.java:1142)
>          at java.lang.Class.forName0(Native Method)
>          at java.lang.Class.forName(Class.java:264)
>          at
> org.apache.myfaces.ee6.MyFacesContainerInitializer.isDelegatedFacesServlet(M
> yFacesContainerInitializer.java:280)
>          at
> org.apache.myfaces.ee6.MyFacesContainerInitializer.onStartup(MyFacesContaine
> rInitializer.java:150)
>          at
> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:
> 5244)
>          at
> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
>          at
> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:7
> 25)
>          at
> org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:131)
>          at
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
> java:153)
>          at
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
> java:143)
>          at java.security.AccessController.doPrivileged(Native Method)
>          at
> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:699)
>          at
> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717)
>          at
> org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:939)
>          at
> org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1812)
>          at
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
>          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
>          at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:11
> 42)
>          at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:6
> 17)
>          at java.lang.Thread.run(Thread.java:745)
>
> 02-Mar-2016 22:08:59.435 INFO [localhost-startStop-1]
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security
> Violation, attempt to use Re
> stricted Class: org.apache.jasper.compiler.JspRuntimeContext
>   java.security.AccessControlException: access denied
> ("java.lang.RuntimePermission"
> "accessClassInPackage.org.apache.jasper.compiler")
>          at
> java.security.AccessControlContext.checkPermission(AccessControlContext.java
> :472)
>          at
> java.security.AccessController.checkPermission(AccessController.java:884)
>          at
> java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
>          at
> java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
>          at
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoader
> Base.java:1243)
>          at
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoader
> Base.java:1142)
>          at java.lang.Class.forName0(Native Method)
>          at java.lang.Class.forName(Class.java:264)
>          at
> org.apache.myfaces.webapp.Jsp21FacesInitializer.getJspFactory(Jsp21FacesInit
> ializer.java:88)
>          at
> org.apache.myfaces.webapp.Jsp21FacesInitializer.initContainerIntegration(Jsp
> 21FacesInitializer.java:62)
>          at
> org.apache.myfaces.webapp.AbstractFacesInitializer.initFaces(AbstractFacesIn
> itializer.java:172)
>          at
> org.apache.myfaces.webapp.StartupServletContextListener.contextInitialized(S
> tartupServletContextListener.java:121)
>          at
> org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:
> 4810)
>          at
> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:
> 5255)
>          at
> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
>          at
> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:7
> 25)
>          at
> org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:131)
>          at
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
> java:153)
>          at
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
> java:143)
>          at java.security.AccessController.doPrivileged(Native Method)
>          at
> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:699)
>          at
> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717)
>          at
> org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:939)
>          at
> org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1812)
>          at
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
>          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
>          at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:11
> 42)
>          at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:6
> 17)
>          at java.lang.Thread.run(Thread.java:745)
>
> I previously had a 2.1.9 version running on Tomcat 6 without any problems.
> Is it true that now MyFaces cannot be deployed in these circumstances? If
> not, can anyone tell me how I can overcome these problems?
>
> Many thanks,
> Neil
>
>
>


Reply | Threaded
Open this post in threaded view
|

RE: FW: Tomcat Security Exceptions on deployment of example war (reformatted)

Neil Richards
Hi,

As you can imagine this has become a bit of a showstopper for me. I've added
a bug report but as yet it has not been assigned or commented on etc. Just
wondering how long these issues take to fix? Assume we're talking months?
Need to have some idea to determine how to move forward.

Many thanks,
Neil

-----Original Message-----
From: Werner Punz [mailto:[hidden email]]
Sent: 04 March 2016 07:36
To: [hidden email]
Subject: Re: FW: Tomcat Security Exceptions on deployment of example war
(reformatted)

Hi this is clearly a bug.
Can you please put a bugreport on

https://issues.apache.org/jira/browse/MYFACES

Werner



Am 02.03.16 um 23:12 schrieb Neil Richards:
> Hi,
>
> I've been having trouble deploying my MyFaces(2.2.9) app on Tomcat 8
> with the security manager enabled, so I then tried deploying the
> myfaces-example-simple-1.1.14.war and had the same problem. I need the
> security manager enabled as I am deploying in production on a shared
Tomcat

> instance and the hosts will not allow the   RuntimePermissions on
> org.apache.catalina.core, org.apache.catalina.servlets or
> org.apache.jasper.compiler. These are the stack traces I get:
>
> 02-Mar-2016 22:08:54.902 INFO [localhost-startStop-1]
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security
> Violation, attempt to use Re stricted Class:
> org.apache.catalina.servlets.DefaultServlet
>   java.security.AccessControlException: access denied
> ("java.lang.RuntimePermission"
> "accessClassInPackage.org.apache.catalina.servlets")
>          at
> java.security.AccessControlContext.checkPermission(AccessControlContex
> t.java
> :472)
>          at
> java.security.AccessController.checkPermission(AccessController.java:884)
>          at
> java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
>          at
> java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
>          at
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClass
> Loader
> Base.java:1243)
>          at
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClass
> Loader
> Base.java:1142)
>          at java.lang.Class.forName0(Native Method)
>          at java.lang.Class.forName(Class.java:264)
>          at
> org.apache.myfaces.ee6.MyFacesContainerInitializer.isDelegatedFacesSer
> vlet(M
> yFacesContainerInitializer.java:280)
>          at
> org.apache.myfaces.ee6.MyFacesContainerInitializer.onStartup(MyFacesCo
> ntaine
> rInitializer.java:150)
>          at
>
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:

> 5244)
>          at
> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
>          at
> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.
> java:7
> 25)
>          at
> org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:131)
>          at
>
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
> java:153)
>          at
>
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.

> java:143)
>          at java.security.AccessController.doPrivileged(Native Method)
>          at
> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:699)
>          at
> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717)
>          at
> org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:939)
>          at
> org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1812)
>          at
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
>          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
>          at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.j
> ava:11
> 42)
>          at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.
> java:6
> 17)
>          at java.lang.Thread.run(Thread.java:745)
>
> 02-Mar-2016 22:08:59.435 INFO [localhost-startStop-1]
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security
> Violation, attempt to use Re stricted Class:
> org.apache.jasper.compiler.JspRuntimeContext
>   java.security.AccessControlException: access denied
> ("java.lang.RuntimePermission"
> "accessClassInPackage.org.apache.jasper.compiler")
>          at
> java.security.AccessControlContext.checkPermission(AccessControlContex
> t.java
> :472)
>          at
> java.security.AccessController.checkPermission(AccessController.java:884)
>          at
> java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
>          at
> java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
>          at
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClass
> Loader
> Base.java:1243)
>          at
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClass
> Loader
> Base.java:1142)
>          at java.lang.Class.forName0(Native Method)
>          at java.lang.Class.forName(Class.java:264)
>          at
> org.apache.myfaces.webapp.Jsp21FacesInitializer.getJspFactory(Jsp21Fac
> esInit
> ializer.java:88)
>          at
> org.apache.myfaces.webapp.Jsp21FacesInitializer.initContainerIntegrati
> on(Jsp
> 21FacesInitializer.java:62)
>          at
> org.apache.myfaces.webapp.AbstractFacesInitializer.initFaces(AbstractF
> acesIn
> itializer.java:172)
>          at
> org.apache.myfaces.webapp.StartupServletContextListener.contextInitial
> ized(S
> tartupServletContextListener.java:121)
>          at
>
org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:
> 4810)
>          at
>
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:

> 5255)
>          at
> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
>          at
> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.
> java:7
> 25)
>          at
> org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:131)
>          at
>
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
> java:153)
>          at
>
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.

> java:143)
>          at java.security.AccessController.doPrivileged(Native Method)
>          at
> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:699)
>          at
> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717)
>          at
> org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:939)
>          at
> org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1812)
>          at
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
>          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
>          at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.j
> ava:11
> 42)
>          at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.
> java:6
> 17)
>          at java.lang.Thread.run(Thread.java:745)
>
> I previously had a 2.1.9 version running on Tomcat 6 without any problems.
> Is it true that now MyFaces cannot be deployed in these circumstances?
> If not, can anyone tell me how I can overcome these problems?
>
> Many thanks,
> Neil
>
>
>



Reply | Threaded
Open this post in threaded view
|

Re: FW: Tomcat Security Exceptions on deployment of example war (reformatted)

Mike Kienenberger
MyFaces is a project staffed by volunteers.   While things are
normally fixed rather quickly, it all depends on the various
individuals involved with that particular area and their available
free time.

One thing that would greatly speed up the process is if you were to
submit a unified diff patch fixing the problem.

On Wed, Mar 30, 2016 at 11:28 AM, Neil Richards <[hidden email]> wrote:

> Hi,
>
> As you can imagine this has become a bit of a showstopper for me. I've added
> a bug report but as yet it has not been assigned or commented on etc. Just
> wondering how long these issues take to fix? Assume we're talking months?
> Need to have some idea to determine how to move forward.
>
> Many thanks,
> Neil
>
> -----Original Message-----
> From: Werner Punz [mailto:[hidden email]]
> Sent: 04 March 2016 07:36
> To: [hidden email]
> Subject: Re: FW: Tomcat Security Exceptions on deployment of example war
> (reformatted)
>
> Hi this is clearly a bug.
> Can you please put a bugreport on
>
> https://issues.apache.org/jira/browse/MYFACES
>
> Werner
>
>
>
> Am 02.03.16 um 23:12 schrieb Neil Richards:
>> Hi,
>>
>> I've been having trouble deploying my MyFaces(2.2.9) app on Tomcat 8
>> with the security manager enabled, so I then tried deploying the
>> myfaces-example-simple-1.1.14.war and had the same problem. I need the
>> security manager enabled as I am deploying in production on a shared
> Tomcat
>> instance and the hosts will not allow the   RuntimePermissions on
>> org.apache.catalina.core, org.apache.catalina.servlets or
>> org.apache.jasper.compiler. These are the stack traces I get:
>>
>> 02-Mar-2016 22:08:54.902 INFO [localhost-startStop-1]
>> org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security
>> Violation, attempt to use Re stricted Class:
>> org.apache.catalina.servlets.DefaultServlet
>>   java.security.AccessControlException: access denied
>> ("java.lang.RuntimePermission"
>> "accessClassInPackage.org.apache.catalina.servlets")
>>          at
>> java.security.AccessControlContext.checkPermission(AccessControlContex
>> t.java
>> :472)
>>          at
>> java.security.AccessController.checkPermission(AccessController.java:884)
>>          at
>> java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
>>          at
>> java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
>>          at
>> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClass
>> Loader
>> Base.java:1243)
>>          at
>> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClass
>> Loader
>> Base.java:1142)
>>          at java.lang.Class.forName0(Native Method)
>>          at java.lang.Class.forName(Class.java:264)
>>          at
>> org.apache.myfaces.ee6.MyFacesContainerInitializer.isDelegatedFacesSer
>> vlet(M
>> yFacesContainerInitializer.java:280)
>>          at
>> org.apache.myfaces.ee6.MyFacesContainerInitializer.onStartup(MyFacesCo
>> ntaine
>> rInitializer.java:150)
>>          at
>>
> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:
>> 5244)
>>          at
>> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
>>          at
>> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.
>> java:7
>> 25)
>>          at
>> org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:131)
>>          at
>>
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
>> java:153)
>>          at
>>
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
>> java:143)
>>          at java.security.AccessController.doPrivileged(Native Method)
>>          at
>> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:699)
>>          at
>> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717)
>>          at
>> org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:939)
>>          at
>> org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1812)
>>          at
>> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
>>          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
>>          at
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.j
>> ava:11
>> 42)
>>          at
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.
>> java:6
>> 17)
>>          at java.lang.Thread.run(Thread.java:745)
>>
>> 02-Mar-2016 22:08:59.435 INFO [localhost-startStop-1]
>> org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security
>> Violation, attempt to use Re stricted Class:
>> org.apache.jasper.compiler.JspRuntimeContext
>>   java.security.AccessControlException: access denied
>> ("java.lang.RuntimePermission"
>> "accessClassInPackage.org.apache.jasper.compiler")
>>          at
>> java.security.AccessControlContext.checkPermission(AccessControlContex
>> t.java
>> :472)
>>          at
>> java.security.AccessController.checkPermission(AccessController.java:884)
>>          at
>> java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
>>          at
>> java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
>>          at
>> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClass
>> Loader
>> Base.java:1243)
>>          at
>> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClass
>> Loader
>> Base.java:1142)
>>          at java.lang.Class.forName0(Native Method)
>>          at java.lang.Class.forName(Class.java:264)
>>          at
>> org.apache.myfaces.webapp.Jsp21FacesInitializer.getJspFactory(Jsp21Fac
>> esInit
>> ializer.java:88)
>>          at
>> org.apache.myfaces.webapp.Jsp21FacesInitializer.initContainerIntegrati
>> on(Jsp
>> 21FacesInitializer.java:62)
>>          at
>> org.apache.myfaces.webapp.AbstractFacesInitializer.initFaces(AbstractF
>> acesIn
>> itializer.java:172)
>>          at
>> org.apache.myfaces.webapp.StartupServletContextListener.contextInitial
>> ized(S
>> tartupServletContextListener.java:121)
>>          at
>>
> org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:
>> 4810)
>>          at
>>
> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:
>> 5255)
>>          at
>> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
>>          at
>> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.
>> java:7
>> 25)
>>          at
>> org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:131)
>>          at
>>
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
>> java:153)
>>          at
>>
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
>> java:143)
>>          at java.security.AccessController.doPrivileged(Native Method)
>>          at
>> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:699)
>>          at
>> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717)
>>          at
>> org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:939)
>>          at
>> org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1812)
>>          at
>> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
>>          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
>>          at
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.j
>> ava:11
>> 42)
>>          at
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.
>> java:6
>> 17)
>>          at java.lang.Thread.run(Thread.java:745)
>>
>> I previously had a 2.1.9 version running on Tomcat 6 without any problems.
>> Is it true that now MyFaces cannot be deployed in these circumstances?
>> If not, can anyone tell me how I can overcome these problems?
>>
>> Many thanks,
>> Neil
>>
>>
>>
>
>
>
Reply | Threaded
Open this post in threaded view
|

RE: FW: Tomcat Security Exceptions on deployment of example war (reformatted)

Neil Richards
OK thanks :)

-----Original Message-----
From: Mike Kienenberger [mailto:[hidden email]]
Sent: 30 March 2016 16:47
To: MyFaces Discussion <[hidden email]>
Subject: Re: FW: Tomcat Security Exceptions on deployment of example war (reformatted)

MyFaces is a project staffed by volunteers.   While things are
normally fixed rather quickly, it all depends on the various individuals involved with that particular area and their available free time.

One thing that would greatly speed up the process is if you were to submit a unified diff patch fixing the problem.

On Wed, Mar 30, 2016 at 11:28 AM, Neil Richards <[hidden email]> wrote:

> Hi,
>
> As you can imagine this has become a bit of a showstopper for me. I've
> added a bug report but as yet it has not been assigned or commented on
> etc. Just wondering how long these issues take to fix? Assume we're talking months?
> Need to have some idea to determine how to move forward.
>
> Many thanks,
> Neil
>
> -----Original Message-----
> From: Werner Punz [mailto:[hidden email]]
> Sent: 04 March 2016 07:36
> To: [hidden email]
> Subject: Re: FW: Tomcat Security Exceptions on deployment of example
> war
> (reformatted)
>
> Hi this is clearly a bug.
> Can you please put a bugreport on
>
> https://issues.apache.org/jira/browse/MYFACES
>
> Werner
>
>
>
> Am 02.03.16 um 23:12 schrieb Neil Richards:
>> Hi,
>>
>> I've been having trouble deploying my MyFaces(2.2.9) app on Tomcat 8
>> with the security manager enabled, so I then tried deploying the
>> myfaces-example-simple-1.1.14.war and had the same problem. I need
>> the security manager enabled as I am deploying in production on a
>> shared
> Tomcat
>> instance and the hosts will not allow the   RuntimePermissions on
>> org.apache.catalina.core, org.apache.catalina.servlets or
>> org.apache.jasper.compiler. These are the stack traces I get:
>>
>> 02-Mar-2016 22:08:54.902 INFO [localhost-startStop-1]
>> org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security
>> Violation, attempt to use Re stricted Class:
>> org.apache.catalina.servlets.DefaultServlet
>>   java.security.AccessControlException: access denied
>> ("java.lang.RuntimePermission"
>> "accessClassInPackage.org.apache.catalina.servlets")
>>          at
>> java.security.AccessControlContext.checkPermission(AccessControlConte
>> x
>> t.java
>> :472)
>>          at
>> java.security.AccessController.checkPermission(AccessController.java:884)
>>          at
>> java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
>>          at
>> java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
>>          at
>> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClas
>> s
>> Loader
>> Base.java:1243)
>>          at
>> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClas
>> s
>> Loader
>> Base.java:1142)
>>          at java.lang.Class.forName0(Native Method)
>>          at java.lang.Class.forName(Class.java:264)
>>          at
>> org.apache.myfaces.ee6.MyFacesContainerInitializer.isDelegatedFacesSe
>> r
>> vlet(M
>> yFacesContainerInitializer.java:280)
>>          at
>> org.apache.myfaces.ee6.MyFacesContainerInitializer.onStartup(MyFacesC
>> o
>> ntaine
>> rInitializer.java:150)
>>          at
>>
> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:
>> 5244)
>>          at
>> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
>>          at
>> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.
>> java:7
>> 25)
>>          at
>> org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:131)
>>          at
>>
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
>> java:153)
>>          at
>>
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
>> java:143)
>>          at java.security.AccessController.doPrivileged(Native Method)
>>          at
>> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:699)
>>          at
>> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717)
>>          at
>> org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:939)
>>          at
>> org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1812)
>>          at
>> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
>>          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
>>          at
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.
>> j
>> ava:11
>> 42)
>>          at
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.
>> java:6
>> 17)
>>          at java.lang.Thread.run(Thread.java:745)
>>
>> 02-Mar-2016 22:08:59.435 INFO [localhost-startStop-1]
>> org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security
>> Violation, attempt to use Re stricted Class:
>> org.apache.jasper.compiler.JspRuntimeContext
>>   java.security.AccessControlException: access denied
>> ("java.lang.RuntimePermission"
>> "accessClassInPackage.org.apache.jasper.compiler")
>>          at
>> java.security.AccessControlContext.checkPermission(AccessControlConte
>> x
>> t.java
>> :472)
>>          at
>> java.security.AccessController.checkPermission(AccessController.java:884)
>>          at
>> java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
>>          at
>> java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
>>          at
>> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClas
>> s
>> Loader
>> Base.java:1243)
>>          at
>> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClas
>> s
>> Loader
>> Base.java:1142)
>>          at java.lang.Class.forName0(Native Method)
>>          at java.lang.Class.forName(Class.java:264)
>>          at
>> org.apache.myfaces.webapp.Jsp21FacesInitializer.getJspFactory(Jsp21Fa
>> c
>> esInit
>> ializer.java:88)
>>          at
>> org.apache.myfaces.webapp.Jsp21FacesInitializer.initContainerIntegrat
>> i
>> on(Jsp
>> 21FacesInitializer.java:62)
>>          at
>> org.apache.myfaces.webapp.AbstractFacesInitializer.initFaces(Abstract
>> F
>> acesIn
>> itializer.java:172)
>>          at
>> org.apache.myfaces.webapp.StartupServletContextListener.contextInitia
>> l
>> ized(S
>> tartupServletContextListener.java:121)
>>          at
>>
> org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:
>> 4810)
>>          at
>>
> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:
>> 5255)
>>          at
>> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
>>          at
>> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.
>> java:7
>> 25)
>>          at
>> org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:131)
>>          at
>>
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
>> java:153)
>>          at
>>
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
>> java:143)
>>          at java.security.AccessController.doPrivileged(Native Method)
>>          at
>> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:699)
>>          at
>> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717)
>>          at
>> org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:939)
>>          at
>> org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1812)
>>          at
>> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
>>          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
>>          at
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.
>> j
>> ava:11
>> 42)
>>          at
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.
>> java:6
>> 17)
>>          at java.lang.Thread.run(Thread.java:745)
>>
>> I previously had a 2.1.9 version running on Tomcat 6 without any problems.
>> Is it true that now MyFaces cannot be deployed in these circumstances?
>> If not, can anyone tell me how I can overcome these problems?
>>
>> Many thanks,
>> Neil
>>
>>
>>
>
>
>

Reply | Threaded
Open this post in threaded view
|

Re: FW: Tomcat Security Exceptions on deployment of example war (reformatted)

Leonardo Uribe
Hi

I think the problem here is that it is not clear what needs to be fixed.
Looking on the stack trace and in the code:

    protected JspFactory getJspFactory()
    {
        if (jspFactory == null)
        {
            // TODO: this Class.forName will be removed when Tomcat fixes a
bug
            // also, we should then be able to remove jasper.jar from the
deployment
            try
            {

Class.forName("org.apache.jasper.compiler.JspRuntimeContext");
            }
            catch (ClassNotFoundException e)
            {
                // ignore
            }
            catch (Exception ex)
            {
                log.log(Level.FINE, "An unexpected exception occured "
                        + "while loading the JspRuntimeContext.", ex);
            }

            jspFactory = JspFactory.getDefaultFactory();
        }

        return jspFactory;
    }

These lines are very old. Looking on the svn it comes from 1.2.x, see:

https://issues.apache.org/jira/browse/MYFACES-1693

Probably the solution could be catch a Throwable instead an Exception and
swallow it (just log but continue startup). I mean, this line looks like
something done by some reason long time ago by a bug in Tomcat.

It is clear the security manager is causing trouble in this case, but since
JSP was deprecated since JSF 2.0, should we worry about this one?

Please note there is a web config param called
org.apache.myfaces.FACES_INITIALIZER that allows you to bypass the default
initializer and provide a custom one (so you can copy the default
initializer and customize it to your needs), or set
org.apache.myfaces.SUPPORT_JSP_AND_FACES_EL disable JSP and uses
org.apache.myfaces.webapp.FaceletsInitilializer instead.

There are plenty of options to deal with this issue. Please try the options
I have described here and let us know if that works for you or not, so if
necessary we can fix the lines if necessary.

regards,

Leonardo Uribe


2016-03-30 11:40 GMT-05:00 Neil Richards <[hidden email]>:

> OK thanks :)
>
> -----Original Message-----
> From: Mike Kienenberger [mailto:[hidden email]]
> Sent: 30 March 2016 16:47
> To: MyFaces Discussion <[hidden email]>
> Subject: Re: FW: Tomcat Security Exceptions on deployment of example war
> (reformatted)
>
> MyFaces is a project staffed by volunteers.   While things are
> normally fixed rather quickly, it all depends on the various individuals
> involved with that particular area and their available free time.
>
> One thing that would greatly speed up the process is if you were to submit
> a unified diff patch fixing the problem.
>
> On Wed, Mar 30, 2016 at 11:28 AM, Neil Richards <[hidden email]>
> wrote:
> > Hi,
> >
> > As you can imagine this has become a bit of a showstopper for me. I've
> > added a bug report but as yet it has not been assigned or commented on
> > etc. Just wondering how long these issues take to fix? Assume we're
> talking months?
> > Need to have some idea to determine how to move forward.
> >
> > Many thanks,
> > Neil
> >
> > -----Original Message-----
> > From: Werner Punz [mailto:[hidden email]]
> > Sent: 04 March 2016 07:36
> > To: [hidden email]
> > Subject: Re: FW: Tomcat Security Exceptions on deployment of example
> > war
> > (reformatted)
> >
> > Hi this is clearly a bug.
> > Can you please put a bugreport on
> >
> > https://issues.apache.org/jira/browse/MYFACES
> >
> > Werner
> >
> >
> >
> > Am 02.03.16 um 23:12 schrieb Neil Richards:
> >> Hi,
> >>
> >> I've been having trouble deploying my MyFaces(2.2.9) app on Tomcat 8
> >> with the security manager enabled, so I then tried deploying the
> >> myfaces-example-simple-1.1.14.war and had the same problem. I need
> >> the security manager enabled as I am deploying in production on a
> >> shared
> > Tomcat
> >> instance and the hosts will not allow the   RuntimePermissions on
> >> org.apache.catalina.core, org.apache.catalina.servlets or
> >> org.apache.jasper.compiler. These are the stack traces I get:
> >>
> >> 02-Mar-2016 22:08:54.902 INFO [localhost-startStop-1]
> >> org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security
> >> Violation, attempt to use Re stricted Class:
> >> org.apache.catalina.servlets.DefaultServlet
> >>   java.security.AccessControlException: access denied
> >> ("java.lang.RuntimePermission"
> >> "accessClassInPackage.org.apache.catalina.servlets")
> >>          at
> >> java.security.AccessControlContext.checkPermission(AccessControlConte
> >> x
> >> t.java
> >> :472)
> >>          at
> >>
> java.security.AccessController.checkPermission(AccessController.java:884)
> >>          at
> >> java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
> >>          at
> >> java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
> >>          at
> >> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClas
> >> s
> >> Loader
> >> Base.java:1243)
> >>          at
> >> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClas
> >> s
> >> Loader
> >> Base.java:1142)
> >>          at java.lang.Class.forName0(Native Method)
> >>          at java.lang.Class.forName(Class.java:264)
> >>          at
> >> org.apache.myfaces.ee6.MyFacesContainerInitializer.isDelegatedFacesSe
> >> r
> >> vlet(M
> >> yFacesContainerInitializer.java:280)
> >>          at
> >> org.apache.myfaces.ee6.MyFacesContainerInitializer.onStartup(MyFacesC
> >> o
> >> ntaine
> >> rInitializer.java:150)
> >>          at
> >>
> >
> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:
> >> 5244)
> >>          at
> >> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
> >>          at
> >> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.
> >> java:7
> >> 25)
> >>          at
> >>
> org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:131)
> >>          at
> >>
> >
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
> >> java:153)
> >>          at
> >>
> >
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
> >> java:143)
> >>          at java.security.AccessController.doPrivileged(Native Method)
> >>          at
> >> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:699)
> >>          at
> >> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717)
> >>          at
> >> org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:939)
> >>          at
> >>
> org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1812)
> >>          at
> >> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
> >>          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> >>          at
> >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.
> >> j
> >> ava:11
> >> 42)
> >>          at
> >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.
> >> java:6
> >> 17)
> >>          at java.lang.Thread.run(Thread.java:745)
> >>
> >> 02-Mar-2016 22:08:59.435 INFO [localhost-startStop-1]
> >> org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security
> >> Violation, attempt to use Re stricted Class:
> >> org.apache.jasper.compiler.JspRuntimeContext
> >>   java.security.AccessControlException: access denied
> >> ("java.lang.RuntimePermission"
> >> "accessClassInPackage.org.apache.jasper.compiler")
> >>          at
> >> java.security.AccessControlContext.checkPermission(AccessControlConte
> >> x
> >> t.java
> >> :472)
> >>          at
> >>
> java.security.AccessController.checkPermission(AccessController.java:884)
> >>          at
> >> java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
> >>          at
> >> java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
> >>          at
> >> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClas
> >> s
> >> Loader
> >> Base.java:1243)
> >>          at
> >> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClas
> >> s
> >> Loader
> >> Base.java:1142)
> >>          at java.lang.Class.forName0(Native Method)
> >>          at java.lang.Class.forName(Class.java:264)
> >>          at
> >> org.apache.myfaces.webapp.Jsp21FacesInitializer.getJspFactory(Jsp21Fa
> >> c
> >> esInit
> >> ializer.java:88)
> >>          at
> >> org.apache.myfaces.webapp.Jsp21FacesInitializer.initContainerIntegrat
> >> i
> >> on(Jsp
> >> 21FacesInitializer.java:62)
> >>          at
> >> org.apache.myfaces.webapp.AbstractFacesInitializer.initFaces(Abstract
> >> F
> >> acesIn
> >> itializer.java:172)
> >>          at
> >> org.apache.myfaces.webapp.StartupServletContextListener.contextInitia
> >> l
> >> ized(S
> >> tartupServletContextListener.java:121)
> >>          at
> >>
> >
> org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:
> >> 4810)
> >>          at
> >>
> >
> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:
> >> 5255)
> >>          at
> >> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
> >>          at
> >> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.
> >> java:7
> >> 25)
> >>          at
> >>
> org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:131)
> >>          at
> >>
> >
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
> >> java:153)
> >>          at
> >>
> >
> org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.
> >> java:143)
> >>          at java.security.AccessController.doPrivileged(Native Method)
> >>          at
> >> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:699)
> >>          at
> >> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717)
> >>          at
> >> org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:939)
> >>          at
> >>
> org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1812)
> >>          at
> >> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
> >>          at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> >>          at
> >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.
> >> j
> >> ava:11
> >> 42)
> >>          at
> >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.
> >> java:6
> >> 17)
> >>          at java.lang.Thread.run(Thread.java:745)
> >>
> >> I previously had a 2.1.9 version running on Tomcat 6 without any
> problems.
> >> Is it true that now MyFaces cannot be deployed in these circumstances?
> >> If not, can anyone tell me how I can overcome these problems?
> >>
> >> Many thanks,
> >> Neil
> >>
> >>
> >>
> >
> >
> >
>
>