Created attachment 35244 [details] logs_2017-08-17.zip Smoke-testing examples webapp of Tomcat 8.0.46 Release Candidate Configuration: Java 7u80, configured connector to use NIO protocol Steps to reproduce: 1. Start Tomcat with SecurityManager enabled > catalina.bat start -security 2. Go to 'Examples' page, click on Websocket examples http://localhost:8080/examples/ http://localhost:8080/examples/websocket/index.xhtml 3. Open 4 websocket examples in new browser tabs http://localhost:8080/examples/websocket/echo.xhtml http://localhost:8080/examples/websocket/chat.xhtml http://localhost:8080/examples/websocket/snake.xhtml http://localhost:8080/examples/websocket/drawboard.xhtml Result: Snake and Drawboard examples fail immediately, printing "WebSocket connection closed" messages into their log areas. In catalina.2017-08-17.log there is exception: [[[ java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.org.apache.catalina.webresources") at java.security.AccessControlContext.checkPermission(AccessControlContext.java:372) at java.security.AccessController.checkPermission(AccessController.java:559) at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1525) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:305) at java.lang.ClassLoader.loadClass(ClassLoader.java:412) at java.lang.ClassLoader.loadClass(ClassLoader.java:358) at org.apache.catalina.webresources.StandardRoot.isPackedWarFile(StandardRoot.java:651) at org.apache.catalina.webresources.CachedResource.validateResource(CachedResource.java:96) at org.apache.catalina.webresources.Cache.getResource(Cache.java:69) at org.apache.catalina.webresources.StandardRoot.getResource(StandardRoot.java:216) at org.apache.catalina.webresources.StandardRoot.getResource(StandardRoot.java:206) at org.apache.catalina.webresources.FileResource.getCodeBase(FileResource.java:224) at org.apache.catalina.loader.WebappClassLoaderBase.findClassInternal(WebappClassLoaderBase.java:2499) at org.apache.catalina.loader.WebappClassLoaderBase.findClass(WebappClassLoaderBase.java:859) at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1302) at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1167) at websocket.snake.SnakeAnnotation.onOpen(SnakeAnnotation.java:78) ]]] This is followed by java.lang.NoClassDefFoundError: websocket/snake/SnakeTimer In localhost.2017-08-17.log there is java.lang.ClassNotFoundException: websocket.drawboard.DrawboardEndpoint$3 A zip with log files is attached.
If I start by visiting one of plain Servlet examples - "Hello world", and go to WebSockets examples after that - all works successfully. I mean. the following sequence of visits. http://localhost:8080/examples/ http://localhost:8080/examples/servlets/ http://localhost:8080/examples/servlets/servlet/HelloWorldExample http://localhost:8080/examples/websocket/index.xhtml http://localhost:8080/examples/websocket/echo.xhtml http://localhost:8080/examples/websocket/chat.xhtml http://localhost:8080/examples/websocket/snake.xhtml http://localhost:8080/examples/websocket/drawboard.xhtml If I run without SecurityManager, all runs successfully as well.
> StandardRoot.isPackedWarFile(StandardRoot.java:651) The code there is [[[ protected boolean isPackedWarFile() { return main instanceof WarResourceSet && preResources.isEmpty() && postResources.isEmpty(); } ]]] If I configure JreMemoryLeakPreventionListener in server.xml to preload WarResourceSet class, this issue does not happen. This is: to work-around this issue, add the following attribute to JreMemoryLeakPreventionListener configured in conf/server.xml: [[[ classesToInitialize="org.apache.catalina.webresources.WarResourceSet" ]]]
Good catch. Fixed in: - 8.0.x for 8.0.47 onwards