Bug 63412 - WebSocket examples in Tomcat 9.0.20 RC fail with SecurityManager
Summary: WebSocket examples in Tomcat 9.0.20 RC fail with SecurityManager
Alias: None
Product: Tomcat 9
Classification: Unclassified
Component: Examples (show other bugs)
Version: 9.0.x
Hardware: PC All
: P2 normal (vote)
Target Milestone: -----
Assignee: Tomcat Developers Mailing List
Depends on:
Reported: 2019-05-08 16:06 UTC by Konstantin Kolinko
Modified: 2019-05-08 19:38 UTC (History)
0 users

catalina.2019-05-08.log (45.46 KB, text/plain)
2019-05-08 16:06 UTC, Konstantin Kolinko

Note You need to log in before you can comment on or make changes to this bug.
Description Konstantin Kolinko 2019-05-08 16:06:42 UTC
Created attachment 36577 [details]

Smoke-testing Tomcat 9.0.20 release candidate:
running apache-tomcat-9.0.20-windows-x64.zip + OpenJDK Java 12.0.1 64-bit on Windows 10.

WebSocket examples are failing and are not usable.

1. I opened all websocket examples in different tabs.
2. Testing the "echo" example:

1) The "Connect" button works, a connection is opened. 
2) Messages are sent to the server ("Sent: Here is a message!" line is printed), but there is no echo from server (nothing is received).
3) The "Disconnect" button does not work.
4) The connection closes itself after a timeout. The following is printed:
"Info: WebSocket connection closed, Code: 1006"

3. Other WebSocket examples fail to initialize. They open a connection but fail to operate any further.

4. If I run the same version of Tomcat and Java without enabling a SecurityManager, the WebSocket examples work correctly.

BTW, other examples work correctly. Running them with SecurityManager being enabled I do not note any issues.
Comment 1 Remy Maucherat 2019-05-08 17:05:38 UTC
I'm pretty sure it tries and fails to load the enums only there. Things worked mostly by accident before, and the classes of SocketWrapperBase should all be preloaded now since they're API usable in webapps now.
Will test it.
Comment 2 Remy Maucherat 2019-05-08 19:38:08 UTC
This will be fixed in 9.0.21. This is caused by the new async IO API which is now enabled by default (you can set useAsyncIO="false" on the Connector to avoid the exception; or add the permission to the policy file for now, IMO it's the best way).

In catalina.policy:
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.util.net";