Bug 61696 - Initialize Nashorn ScriptEngine with SecurityManager cause a "Security Violation, attempt to use Restricted Class: jdk.internal.dynalink.support.messages".
Summary: Initialize Nashorn ScriptEngine with SecurityManager cause a "Security Violat...
Status: RESOLVED INVALID
Alias: None
Product: Tomcat 8
Classification: Unclassified
Component: Catalina (show other bugs)
Version: 8.5.23
Hardware: PC All
: P2 normal (vote)
Target Milestone: ----
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-10-30 09:02 UTC by Gherlan Robert
Modified: 2017-11-08 14:15 UTC (History)
0 users


Attachments
Project used to reproduce the security violation error. (228.23 KB, application/zip)
2017-10-30 09:02 UTC, Gherlan Robert 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Gherlan Robert 2017-10-30 09:02:06 UTC 
Created attachment 35475 [details]
Project used to reproduce the security violation error.

When run Tomcat 8.5.23 with SecurityManager and a servlet or a JSP page try to initialize a ScriptManager, then a security violation message is thrown on catalina log:
org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security Violation, attempt to use Restricted Class: jdk.internal.dynalink.support.messages
 java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.jdk.internal.dynalink.support")
 
${catalina.home}/conf/catalina.policy file contains:
grant {
  permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.dynalink.support";
}; 
Same error is thrown if the following lines are present:
grant {
  permission java.security.AllPermission;
};


Same error is reproducible in Tomcat 7, 8, 9, but is not present in Tomcat 6.

The test was made using JDK 1.8.0_144.

In order to reproduce this error, we build a short example(see ScriptManager.war in attachment) containing a simple servlet with the following source code:

package servlet;

import java.io.IOException;
import java.io.PrintWriter;

import javax.script.ScriptEngine;
import javax.script.ScriptEngineManager;
import javax.script.ScriptException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@WebServlet("/")
public class MyServlet extends HttpServlet {

  private static final long serialVersionUID = -1647039991464261998L;

  @Override
  protected void doGet(HttpServletRequest reqest, HttpServletResponse response) throws ServletException, IOException {
    ScriptEngineManager scriptMgr = new ScriptEngineManager();
    ScriptEngine scriptEngine = scriptMgr.getEngineByName("JavaScript");
    PrintWriter out = response.getWriter();
    String name = "Print function is called.";
    try {
      scriptEngine.eval("print('" + name + "')");
    } catch (ScriptException e) {
      out.println("Error executing script: " + e.getMessage());
    }
    out.println("Successfully loaded.");
  }
}

Steps to reproduce:
1) Deploy the provided ScriptManager.war web project (which also includes in the archive the source code) in ${catalina.home}/webapps folder.

2) You can add in ${catalina.home}/conf/catalina.policy file the following lines:

grant {
  permission java.security.AllPermission;
};

but it will not work in this case either.

3) Start server with SecurityManager:
catalina.bat run -security

4) Access the following page: http://localhost:8080/ScriptManager/

Now the following stacktrace is thrown on catalina log:

30-Oct-2017 09:55:31.808 INFO [http-nio-8000-exec-2] org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security Violation, attempt to use Restricted Class: jdk.internal.dynalink.support.messages
 java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.jdk.internal.dynalink.support")
	at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
	at java.security.AccessController.checkPermission(AccessController.java:884)
	at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
	at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
	at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1226)
	at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1119)
	at java.util.ResourceBundle$Control.newBundle(ResourceBundle.java:2640)
	at java.util.ResourceBundle.loadBundle(ResourceBundle.java:1501)
	at java.util.ResourceBundle.findBundle(ResourceBundle.java:1465)
	at java.util.ResourceBundle.findBundle(ResourceBundle.java:1419)
	at java.util.ResourceBundle.findBundle(ResourceBundle.java:1419)
	at java.util.ResourceBundle.getBundleImpl(ResourceBundle.java:1361)
	at java.util.ResourceBundle.getBundle(ResourceBundle.java:1082)
	at java.util.logging.Logger.findResourceBundle(Logger.java:1880)
	at java.util.logging.Logger.setupResourceInfo(Logger.java:1941)
	at java.util.logging.Logger.<init>(Logger.java:380)
	at java.util.logging.LogManager.demandLogger(LogManager.java:554)
	at java.util.logging.Logger.demandLogger(Logger.java:455)
	at java.util.logging.Logger.getLogger(Logger.java:553)
	at jdk.internal.dynalink.support.Guards.<clinit>(Guards.java:101)
	at jdk.nashorn.internal.runtime.Undefined.<clinit>(Undefined.java:51)
	at jdk.nashorn.internal.runtime.ScriptRuntime.<clinit>(ScriptRuntime.java:72)
	at jdk.nashorn.internal.objects.Global.<clinit>(Global.java:193)
	at jdk.nashorn.internal.runtime.Context.newGlobal(Context.java:1111)
	at jdk.nashorn.api.scripting.NashornScriptEngine$2.run(NashornScriptEngine.java:350)
	at jdk.nashorn.api.scripting.NashornScriptEngine$2.run(NashornScriptEngine.java:346)
	at java.security.AccessController.doPrivileged(Native Method)
	at jdk.nashorn.api.scripting.NashornScriptEngine.createNashornGlobal(NashornScriptEngine.java:346)
	at jdk.nashorn.api.scripting.NashornScriptEngine.<init>(NashornScriptEngine.java:143)
	at jdk.nashorn.api.scripting.NashornScriptEngineFactory.getScriptEngine(NashornScriptEngineFactory.java:148)
	at javax.script.ScriptEngineManager.getEngineByName(ScriptEngineManager.java:238)
	at servlet.MyServlet.doGet(MyServlet.java:26)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:635)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:282)
	at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:279)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.Subject.doAsPrivileged(Subject.java:549)
	at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:314)
	at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:170)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:225)
	at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:47)
	at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:149)
	at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:145)
	at java.security.AccessController.doPrivileged(Native Method)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:144)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:282)
	at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:279)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.Subject.doAsPrivileged(Subject.java:549)
	at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:314)
	at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:253)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:191)
	at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:47)
	at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:149)
	at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:145)
	at java.security.AccessController.doPrivileged(Native Method)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:144)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
	at com.edulib.muse.tomcat.valves.ErrorReportValve.invoke(ErrorReportValve.java:115)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:748)

30-Oct-2017 09:55:31.809 INFO [http-nio-8000-exec-2] org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security Violation, attempt to use Restricted Class: jdk.internal.dynalink.support.messages_en
 java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.jdk.internal.dynalink.support")
	at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
	at java.security.AccessController.checkPermission(AccessController.java:884)
	at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
	at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
	at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1226)
	at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1119)
	at java.util.ResourceBundle$Control.newBundle(ResourceBundle.java:2640)
	at java.util.ResourceBundle.loadBundle(ResourceBundle.java:1501)
	at java.util.ResourceBundle.findBundle(ResourceBundle.java:1465)
	at java.util.ResourceBundle.findBundle(ResourceBundle.java:1419)
	at java.util.ResourceBundle.getBundleImpl(ResourceBundle.java:1361)
	at java.util.ResourceBundle.getBundle(ResourceBundle.java:1082)
	at java.util.logging.Logger.findResourceBundle(Logger.java:1880)
	at java.util.logging.Logger.setupResourceInfo(Logger.java:1941)
	at java.util.logging.Logger.<init>(Logger.java:380)
	at java.util.logging.LogManager.demandLogger(LogManager.java:554)
	at java.util.logging.Logger.demandLogger(Logger.java:455)
	at java.util.logging.Logger.getLogger(Logger.java:553)
	at jdk.internal.dynalink.support.Guards.<clinit>(Guards.java:101)
	at jdk.nashorn.internal.runtime.Undefined.<clinit>(Undefined.java:51)
	at jdk.nashorn.internal.runtime.ScriptRuntime.<clinit>(ScriptRuntime.java:72)
	at jdk.nashorn.internal.objects.Global.<clinit>(Global.java:193)
	at jdk.nashorn.internal.runtime.Context.newGlobal(Context.java:1111)
	at jdk.nashorn.api.scripting.NashornScriptEngine$2.run(NashornScriptEngine.java:350)
	at jdk.nashorn.api.scripting.NashornScriptEngine$2.run(NashornScriptEngine.java:346)
	at java.security.AccessController.doPrivileged(Native Method)
	at jdk.nashorn.api.scripting.NashornScriptEngine.createNashornGlobal(NashornScriptEngine.java:346)
	at jdk.nashorn.api.scripting.NashornScriptEngine.<init>(NashornScriptEngine.java:143)
	at jdk.nashorn.api.scripting.NashornScriptEngineFactory.getScriptEngine(NashornScriptEngineFactory.java:148)
	at javax.script.ScriptEngineManager.getEngineByName(ScriptEngineManager.java:238)
	at servlet.MyServlet.doGet(MyServlet.java:26)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:635)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:282)
	at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:279)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.Subject.doAsPrivileged(Subject.java:549)
	at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:314)
	at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:170)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:225)
	at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:47)
	at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:149)
	at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:145)
	at java.security.AccessController.doPrivileged(Native Method)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:144)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:282)
	at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:279)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.Subject.doAsPrivileged(Subject.java:549)
	at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:314)
	at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:253)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:191)
	at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:47)
	at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:149)
	at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:145)
	at java.security.AccessController.doPrivileged(Native Method)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:144)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
	at com.edulib.muse.tomcat.valves.ErrorReportValve.invoke(ErrorReportValve.java:115)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:748)

30-Oct-2017 09:55:31.810 INFO [http-nio-8000-exec-2] org.apache.catalina.loader.WebappClassLoaderBase.loadClass Security Violation, attempt to use Restricted Class: jdk.internal.dynalink.support.messages_en_US
 java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.jdk.internal.dynalink.support")
	at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
	at java.security.AccessController.checkPermission(AccessController.java:884)
	at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
	at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1564)
	at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1226)
	at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1119)
	at java.util.ResourceBundle$Control.newBundle(ResourceBundle.java:2640)
	at java.util.ResourceBundle.loadBundle(ResourceBundle.java:1501)
	at java.util.ResourceBundle.findBundle(ResourceBundle.java:1465)
	at java.util.ResourceBundle.getBundleImpl(ResourceBundle.java:1361)
	at java.util.ResourceBundle.getBundle(ResourceBundle.java:1082)
	at java.util.logging.Logger.findResourceBundle(Logger.java:1880)
	at java.util.logging.Logger.setupResourceInfo(Logger.java:1941)
	at java.util.logging.Logger.<init>(Logger.java:380)
	at java.util.logging.LogManager.demandLogger(LogManager.java:554)
	at java.util.logging.Logger.demandLogger(Logger.java:455)
	at java.util.logging.Logger.getLogger(Logger.java:553)
	at jdk.internal.dynalink.support.Guards.<clinit>(Guards.java:101)
	at jdk.nashorn.internal.runtime.Undefined.<clinit>(Undefined.java:51)
	at jdk.nashorn.internal.runtime.ScriptRuntime.<clinit>(ScriptRuntime.java:72)
	at jdk.nashorn.internal.objects.Global.<clinit>(Global.java:193)
	at jdk.nashorn.internal.runtime.Context.newGlobal(Context.java:1111)
	at jdk.nashorn.api.scripting.NashornScriptEngine$2.run(NashornScriptEngine.java:350)
	at jdk.nashorn.api.scripting.NashornScriptEngine$2.run(NashornScriptEngine.java:346)
	at java.security.AccessController.doPrivileged(Native Method)
	at jdk.nashorn.api.scripting.NashornScriptEngine.createNashornGlobal(NashornScriptEngine.java:346)
	at jdk.nashorn.api.scripting.NashornScriptEngine.<init>(NashornScriptEngine.java:143)
	at jdk.nashorn.api.scripting.NashornScriptEngineFactory.getScriptEngine(NashornScriptEngineFactory.java:148)
	at javax.script.ScriptEngineManager.getEngineByName(ScriptEngineManager.java:238)
	at servlet.MyServlet.doGet(MyServlet.java:26)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:635)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:282)
	at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:279)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.Subject.doAsPrivileged(Subject.java:549)
	at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:314)
	at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:170)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:225)
	at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:47)
	at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:149)
	at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:145)
	at java.security.AccessController.doPrivileged(Native Method)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:144)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:282)
	at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:279)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.Subject.doAsPrivileged(Subject.java:549)
	at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:314)
	at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:253)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:191)
	at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:47)
	at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:149)
	at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:145)
	at java.security.AccessController.doPrivileged(Native Method)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:144)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
	at com.edulib.muse.tomcat.valves.ErrorReportValve.invoke(ErrorReportValve.java:115)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:748)
Comment 1 Mark Thomas 2017-11-08 14:15:00 UTC 
Thanks for the test case. It really helped make progress on this one quickly.

I as sure as I can be that this is a Nashorn bug. The creation of the static Logger in jdk.internal.dynalink.support.Guards needs to be in a privileged block.

Everything in the Nashorn environment runs in a sandbox with limited privileges. Stepping through the code I see that, at the point the code tries to create the logger, a ProtectionDomain in place with very minimal privileges.

As a work-around, try pre-loading the Guards class. You can use the memory leak prevention listener to do this:

<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"
          classesToInitialize="jdk.internal.dynalink.support.Guards" />


I'm marking this as invalid as I believe the root cause lies outside of Tomcat