java.lang.SecurityException: class “org.apache.log4j.Logger” does not match trust level of other classes in the same package

百般思念 提交于 2019-12-07 09:30:13

问题


For an java web application, I got this error when using JRE 1.6.0_22

java.lang.SecurityException: class "org.apache.log4j.Logger" does not match trust level of other classes in the same package

However, it works fine when using JRE 1.6.0_13.

I searched in Google, and find the there is a security enhancement since update 19.

And for this exception, it says,

The following two SecurityExceptions are thrown after mixed components had previously been detected and a decision was made to allow them to coexist. The exceptions indicate that a component name collision (resource name or class package name) was detected between trusted and untrusted components and the request to load the resource or class was denied.

Now the problem is, how could i find which classes (maybe org.apache.log4j.Logger?) have the collision and which packages they are in?

I find there is a similar question in Oracle forums


回答1:


Interesting link. I didn't have the problem yet - but may it be that you have the jar with "org.apache..." in the JavaEE container classpath somewhere and in the web application.

Look for that and to test remove it from the web app



来源:https://stackoverflow.com/questions/4680823/java-lang-securityexception-class-org-apache-log4j-logger-does-not-match-trus

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!