Tomcat may not have all permissions granted. The method WebappClassLoader.getThread try to access the root ThreadGroup in order to list all threads. You should either manage SecurityException or avoid to access the parent ThreadGroup of the thread which start Tomcat.
Stack trace?
Tomcat is designed to work out of the box under a security manager. Calls to this particular code either originate from container code that has the necessary permissions or come via a appropriate PrivilegedAction code block. If you change Tomcat's default security permissions then that is likely to break something. Without a stack trace, this is going to get resolved as invalid.
Hello, I run tomcat and other applications under the same JVM. Each application has a thread group and cannot access to thread group of other application. This is enforce by a modified SecurityManager. I know I can authorize Tomcat to access all thread group (I do it in fact) however I would like to remove this permission. Stacktrace just show my SecurityManager throwing a SecurityException to ThreadGroup.getParent(). Javadoc of ThreadGroup.getParent() indicates that a SecurityException can be thrown.
A clean solution could be to have the possibility to set the root thread group in WebappClassLoader. So WebappClassLoader.getThread() can avoid to loop inside parent thread group while not null.
Fixed in trunk for 8.0.0-RC6 and 7.0.x for 7.0.48.