I am developing a spring-boot web application using version 1.5.6 that is packaged into a war file. This works perfectly fine on my local machine. When I deploy this application on tomcat server on my webspace, the application fails to start because it tries to read 'file:./config/application.properties' and that results in a "java.security.AccessControlException: access denied", see full stack trace below:
22-Aug-2017 20:55:36.687 INFO [ContainerBackgroundProcessor[StandardEngine[Catalina]]] org.apache.catalina.startup.HostConfig.undeploy Undeploying context [/backend-0.0.1]
22-Aug-2017 20:56:16.780 INFO [localhost-startStop-16] org.apache.catalina.startup.HostConfig.deployWAR Deploying web application archive /tomcat/webapps/backend-0.0.1.war
22-Aug-2017 20:56:35.256 INFO [localhost-startStop-16] org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time.
20:56:36.136 [localhost-startStop-16] DEBUG org.springframework.boot.logging.ClasspathLoggingApplicationListener - Application failed to start with classpath: [file:/tomcat/webapps/backend-0.0.1/WEB-INF/classes/, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/antlr-2.7.7.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/aspectjweaver-1.8.10.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/classmate-1.3.3.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/dom4j-1.6.1.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/hibernate-commons-annotations-5.0.1.Final.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/hibernate-core-5.0.12.Final.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/hibernate-entitymanager-5.0.12.Final.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/hibernate-jpa-2.1-api-1.0.0.Final.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/hibernate-validator-5.3.5.Final.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/jackson-annotations-2.8.0.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/jackson-core-2.8.9.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/jackson-databind-2.8.9.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/jandex-2.0.0.Final.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/javassist-3.21.0-GA.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/javax.transaction-api-1.2.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/jboss-logging-3.3.1.Final.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/jcl-over-slf4j-1.7.25.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/jjwt-0.7.0.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/jul-to-slf4j-1.7.25.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/log4j-over-slf4j-1.7.25.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/logback-classic-1.1.11.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/logback-core-1.1.11.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/mysql-connector-java-5.1.43.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/slf4j-api-1.7.25.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/snakeyaml-1.17.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-aop-4.3.10.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-aspects-4.3.10.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-beans-4.3.10.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-boot-1.5.6.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-boot-autoconfigure-1.5.6.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-boot-starter-1.5.6.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-boot-starter-aop-1.5.6.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-boot-starter-data-jpa-1.5.6.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-boot-starter-jdbc-1.5.6.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-boot-starter-logging-1.5.6.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-boot-starter-security-1.5.6.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-boot-starter-validation-1.5.6.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-boot-starter-web-1.5.6.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-context-4.3.10.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-core-4.3.10.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-data-commons-1.13.6.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-data-jpa-1.11.6.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-expression-4.3.10.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-jdbc-4.3.10.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-orm-4.3.10.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-security-config-4.2.3.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-security-core-4.2.3.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-security-web-4.2.3.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-tx-4.3.10.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-web-4.3.10.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/spring-webmvc-4.3.10.RELEASE.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/tomcat-embed-el-8.5.16.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/tomcat-jdbc-8.5.16.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/tomcat-juli-8.5.16.jar, file:/tomcat/webapps/backend-0.0.1/WEB-INF/lib/validation-api-1.1.0.Final.jar]
20:56:36.141 [localhost-startStop-16] ERROR org.springframework.boot.SpringApplication - Application startup failed
java.lang.IllegalStateException: Failed to load property source from location 'file:./config/application.properties'
at org.springframework.boot.context.config.ConfigFileApplicationListener$Loader.loadIntoGroup(ConfigFileApplicationListener.java:476)
at org.springframework.boot.context.config.ConfigFileApplicationListener$Loader.load(ConfigFileApplicationListener.java:465)
at org.springframework.boot.context.config.ConfigFileApplicationListener$Loader.load(ConfigFileApplicationListener.java:386)
at org.springframework.boot.context.config.ConfigFileApplicationListener.addPropertySources(ConfigFileApplicationListener.java:225)
at org.springframework.boot.context.config.ConfigFileApplicationListener.postProcessEnvironment(ConfigFileApplicationListener.java:195)
at org.springframework.boot.context.config.ConfigFileApplicationListener.onApplicationEnvironmentPreparedEvent(ConfigFileApplicationListener.java:182)
at org.springframework.boot.context.config.ConfigFileApplicationListener.onApplicationEvent(ConfigFileApplicationListener.java:168)
at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:167)
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:139)
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:122)
at org.springframework.boot.context.event.EventPublishingRunListener.environmentPrepared(EventPublishingRunListener.java:74)
at org.springframework.boot.SpringApplicationRunListeners.environmentPrepared(SpringApplicationRunListeners.java:54)
at org.springframework.boot.SpringApplication.prepareEnvironment(SpringApplication.java:325)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:296)
at org.springframework.boot.web.support.SpringBootServletInitializer.run(SpringBootServletInitializer.java:151)
at org.springframework.boot.web.support.SpringBootServletInitializer.createRootApplicationContext(SpringBootServletInitializer.java:131)
at org.springframework.boot.web.support.SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:86)
at org.springframework.web.SpringServletContainerInitializer.onStartup(SpringServletContainerInitializer.java:169)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5205)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:752)
at org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:129)
at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:150)
at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:140)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:726)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:952)
at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1823)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.security.AccessControlException: access denied ("java.io.FilePermission" "./config/application.properties" "read")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
at java.io.File.exists(File.java:814)
at org.springframework.core.io.AbstractFileResolvingResource.exists(AbstractFileResolvingResource.java:94)
at org.springframework.boot.context.config.ConfigFileApplicationListener$Loader.doLoadIntoGroup(ConfigFileApplicationListener.java:487)
at org.springframework.boot.context.config.ConfigFileApplicationListener$Loader.loadIntoGroup(ConfigFileApplicationListener.java:473)
... 33 common frames omitted
22-Aug-2017 20:56:36.142 SEVERE [localhost-startStop-16] org.apache.catalina.core.ContainerBase.addChildInternal ContainerBase.addChild: start:
org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/backend-0.0.1]]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:167)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:752)
at org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:129)
at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:150)
at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:140)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:726)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:952)
at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1823)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.IllegalStateException: Failed to load property source from location 'file:./config/application.properties'
at org.springframework.boot.context.config.ConfigFileApplicationListener$Loader.loadIntoGroup(ConfigFileApplicationListener.java:476)
at org.springframework.boot.context.config.ConfigFileApplicationListener$Loader.load(ConfigFileApplicationListener.java:465)
at org.springframework.boot.context.config.ConfigFileApplicationListener$Loader.load(ConfigFileApplicationListener.java:386)
at org.springframework.boot.context.config.ConfigFileApplicationListener.addPropertySources(ConfigFileApplicationListener.java:225)
at org.springframework.boot.context.config.ConfigFileApplicationListener.postProcessEnvironment(ConfigFileApplicationListener.java:195)
at org.springframework.boot.context.config.ConfigFileApplicationListener.onApplicationEnvironmentPreparedEvent(ConfigFileApplicationListener.java:182)
at org.springframework.boot.context.config.ConfigFileApplicationListener.onApplicationEvent(ConfigFileApplicationListener.java:168)
at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:167)
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:139)
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:122)
at org.springframework.boot.context.event.EventPublishingRunListener.environmentPrepared(EventPublishingRunListener.java:74)
at org.springframework.boot.SpringApplicationRunListeners.environmentPrepared(SpringApplicationRunListeners.java:54)
at org.springframework.boot.SpringApplication.prepareEnvironment(SpringApplication.java:325)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:296)
at org.springframework.boot.web.support.SpringBootServletInitializer.run(SpringBootServletInitializer.java:151)
at org.springframework.boot.web.support.SpringBootServletInitializer.createRootApplicationContext(SpringBootServletInitializer.java:131)
at org.springframework.boot.web.support.SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:86)
at org.springframework.web.SpringServletContainerInitializer.onStartup(SpringServletContainerInitializer.java:169)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5205)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
... 14 more
Caused by: java.security.AccessControlException: access denied ("java.io.FilePermission" "./config/application.properties" "read")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
at java.security.AccessController.checkPermission(AccessController.java:884)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
at java.io.File.exists(File.java:814)
at org.springframework.core.io.AbstractFileResolvingResource.exists(AbstractFileResolvingResource.java:94)
at org.springframework.boot.context.config.ConfigFileApplicationListener$Loader.doLoadIntoGroup(ConfigFileApplicationListener.java:487)
at org.springframework.boot.context.config.ConfigFileApplicationListener$Loader.loadIntoGroup(ConfigFileApplicationListener.java:473)
... 33 more
22-Aug-2017 20:56:36.143 SEVERE [localhost-startStop-16] org.apache.catalina.startup.HostConfig.deployWAR Error deploying web application archive /tomcat/webapps/backend-0.0.1.war
java.lang.IllegalStateException: ContainerBase.addChild: start: org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/backend-0.0.1]]
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:756)
at org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:129)
at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:150)
at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:140)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:726)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:952)
at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1823)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
22-Aug-2017 20:56:36.146 INFO [localhost-startStop-16] org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application archive /tomcat/webapps/backend-0.0.1.war has finished in 19,366 ms
From my point of view this exception should be handled as if this directory did not exist and proceed with the next step. Anyhow, it should not interrupt the startup process.
Kind regards
Michael
Comment From: snicoll
The application does not fail because the directory does not exist. It does fail because this environment has a security manager in place that prevents the VM to look in certain areas of the file system.
It looks like we should handle such security issue. The core framework does it as well.
Comment From: wilkinsona
5115 is somewhat similar to this
Comment From: jaredtbates
I was thinking about working on fixing this issue, however with JEP-411 deprecating the security manager in JDK 17, is it even necessary anymore?
Comment From: wilkinsona
Thanks, @jaredtbates. You're right, this issue should be closed, aligning with the deprecation of the security manager and the corresponding changes that we made in Spring Framework 6 and Spring Boot 3.