• Post Reply Bookmark Topic Watch Topic
  • New Topic

Security Exception while starting tomcat  RSS feed

Bharadwaj Adepu
Ranch Hand
Posts: 99
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi am getting a security exception when i am trying to start the tomcat..
can any one please solve this?
What is the reason for this error?

Mar 12, 2008 11:27:57 AM org.apache.catalina.core.AprLifecycleListener init
INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: C:\Program Files\Java\jdk1.5.0\bin;.;C:\WINDOWS\system32;C:\WINDOWS;D:\OraDb10g\bin;C:\Program Files\Java\jdk1.5.0\jre\bin;C:\Program Files\Java\jdk1.5.0\jre\bin\client;C:\Program Files\Java\jdk1.5.0\bin
Mar 12, 2008 11:27:57 AM org.apache.coyote.http11.Http11Protocol init
INFO: Initializing Coyote HTTP/1.1 on http-80
Mar 12, 2008 11:27:57 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 786 ms
Mar 12, 2008 11:27:57 AM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Mar 12, 2008 11:27:57 AM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/6.0.14
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: java.lang.SecurityException: Servlet of class org.apache.catalina.servlets.InvokerServlet is privileged and cannot be loaded by this web application
at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1134)
at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:981)
at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:4045)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4351)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
at org.apache.catalina.core.StandardService.start(StandardService.java:516)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:566)
... 6 more
Anubhav Anand
Ranch Hand
Posts: 341
Firefox Browser Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
As far as I know Invoker servlet, is condemned except for casual testing or development. Some people call it certifiably evil

You may like to view this link.

I suppose you have made the InvokerServlet as your servlet-class in the web.xml file.Something like

A way to reslove the privilege issue may be to have a context.xml file and include something like :

Well, as the verdict has it DON'T use InvokerServlet it is evil.
View this for more details.
An even better explanation is here JavaRanch FAQ-InvokerServlet
[ March 12, 2008: Message edited by: Anubhav Anand ]
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!