问题
For an java web application, I got this error when using JRE 1.6.0_22
java.lang.SecurityException: class "org.apache.log4j.Logger" does not match trust level of other classes in the same package
However, it works fine when using JRE 1.6.0_13.
I searched in Google, and find the there is a security enhancement since update 19.
And for this exception, it says,
The following two SecurityExceptions are thrown after mixed components had previously been detected and a decision was made to allow them to coexist. The exceptions indicate that a component name collision (resource name or class package name) was detected between trusted and untrusted components and the request to load the resource or class was denied.
Now the problem is, how could i find which classes (maybe org.apache.log4j.Logger?) have the collision and which packages they are in?
I find there is a similar question in Oracle forums
回答1:
Interesting link. I didn't have the problem yet - but may it be that you have the jar with "org.apache..." in the JavaEE container classpath somewhere and in the web application.
Look for that and to test remove it from the web app
来源:https://stackoverflow.com/questions/4680823/java-lang-securityexception-class-org-apache-log4j-logger-does-not-match-trus