IBM Support

PI67034: ACCESS WAS DENIED FOR PROPERTY ORG.APACHE.JASPER.CONSTANTS.JSP_S ERVLET_BASE.

Fixes are available

9.0.0.2: WebSphere Application Server traditional V9.0 Fix Pack 2
16.0.0.4: WebSphere Application Server Liberty 16.0.0.4
9.0.0.3: WebSphere Application Server traditional V9.0 Fix Pack 3
9.0.0.4: WebSphere Application Server traditional V9.0 Fix Pack 4
9.0.0.5: WebSphere Application Server traditional V9.0 Fix Pack 5
9.0.0.6: WebSphere Application Server traditional V9.0 Fix Pack 6
9.0.0.7: WebSphere Application Server traditional V9.0 Fix Pack 7
17.0.0.1: WebSphere Application Server Liberty 17.0.0.1
17.0.0.2: WebSphere Application Server Liberty 17.0.0.2
17.0.0.3: WebSphere Application Server Liberty 17.0.0.3
17.0.0.4: WebSphere Application Server Liberty 17.0.0.4
18.0.0.1: WebSphere Application Server Liberty 18.0.0.1
18.0.0.2: WebSphere Application Server Liberty 18.0.0.2
9.0.0.8: WebSphere Application Server traditional V9.0 Fix Pack 8
9.0.0.9: WebSphere Application Server traditional V9.0 Fix Pack 9
18.0.0.3: WebSphere Application Server Liberty 18.0.0.3
9.0.0.10: WebSphere Application Server traditional V9.0 Fix Pack 10
18.0.0.4: WebSphere Application Server Liberty 18.0.0.4
19.0.0.1: WebSphere Application Server Liberty 19.0.0.1
19.0.0.2: WebSphere Application Server Liberty 19.0.0.2
19.0.0.3: WebSphere Application Server Liberty 19.0.0.3
9.0.0.11: WebSphere Application Server traditional V9.0 Fix Pack 11
19.0.0.4: WebSphere Application Server Liberty 19.0.0.4
19.0.0.5: WebSphere Application Server Liberty 19.0.0.5
9.0.5.0: WebSphere Application Server traditional Version 9.0.5 Refresh Pack
19.0.0.6: WebSphere Application Server Liberty 19.0.0.6
19.0.0.7: WebSphere Application Server Liberty 19.0.0.7
19.0.0.8: WebSphere Application Server Liberty 19.0.0.8
9.0.5.1: WebSphere Application Server traditional Version 9.0.5 Fix Pack 1
19.0.0.9: WebSphere Application Server Liberty 19.0.0.9
19.0.0.10: WebSphere Application Server Liberty 19.0.0.10
19.0.0.11: WebSphere Application Server Liberty 19.0.0.11
9.0.5.2: WebSphere Application Server traditional Version 9.0.5 Fix Pack 2
19.0.0.12: WebSphere Application Server Liberty 19.0.0.12
20.0.0.1: WebSphere Application Server Liberty 20.0.0.1
20.0.0.2: WebSphere Application Server Liberty 20.0.0.2
9.0.5.3: WebSphere Application Server traditional Version 9.0.5 Fix Pack 3
20.0.0.3: WebSphere Application Server Liberty 20.0.0.3
20.0.0.4: WebSphere Application Server Liberty 20.0.0.4
20.0.0.5: WebSphere Application Server Liberty 20.0.0.5
20.0.0.6: WebSphere Application Server Liberty 20.0.0.6
9.0.5.4: WebSphere Application Server traditional Version 9.0.5 Fix Pack 4
20.0.0.7: WebSphere Application Server Liberty 20.0.0.7
20.0.0.8: WebSphere Application Server Liberty 20.0.0.8
9.0.5.5: WebSphere Application Server traditional Version 9.0.5 Fix Pack 5
20.0.0.9: WebSphere Application Server Liberty 20.0.0.9
20.0.0.10: WebSphere Application Server Liberty 20.0.0.10
20.0.0.11: WebSphere Application Server Liberty 20.0.0.11
20.0.0.12: WebSphere Application Server Liberty 20.0.0.12
9.0.5.6: WebSphere Application Server traditional Version 9.0.5 Fix Pack 6

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Current Java 2 Security policy reported a potential violation of
    Java 2 Security Permission.
    
    Permission:
    
          org.apache.jasper.Constants.JSP_SERVLET_BASE : access
    denied ("java.util.PropertyPermission"
    "org.apache.jasper.Constants.JSP_SERVLET_BASE" "read")
    
    Code:
    
         com.ibm.ws.jsp.tagfile.webinf._test  in
    {file:/opt/Moonstone/WAS/profiles/node1/installedApps/ndcell/PM1
    2658.ear/PM12658.war}
    
    
    
    Stack Trace:
    
    java.security.AccessControlException: access denied
    ("java.util.PropertyPermission"
    "org.apache.jasper.Constants.JSP_SERVLET_BASE" "read")
     at
    java.security.AccessControlContext.checkPermission(AccessControl
    Context.java:472)
     at
    java.security.AccessController.checkPermission(AccessController.
    java:884)
     at
    java.lang.SecurityManager.checkPermission(SecurityManager.java:5
    49)
     at
    com.ibm.ws.security.core.SecurityManager.checkPermission(Securit
    yManager.java:208)
     at
    java.lang.SecurityManager.checkPropertyAccess(SecurityManager.ja
    va:1294)
     at java.lang.System.getProperty(System.java:753)
     at org.apache.jasper.Constants.<clinit>
    (Constants.java:36)
     at org.apache.jasper.el.ELContextImpl.<clinit>
    (ELContextImpl.java:83)
     at
    org.apache.jasper.runtime.JspApplicationContextImpl.createELCont
    ext(JspApplicationContextImpl.java:124)
     at
    org.apache.jasper.runtime.PageContextImpl.getELContext(PageConte
    xtImpl.java:837)
     at
    org.apache.jasper.runtime.JspContextWrapper.getELContext(JspCont
    extWrapper.java:498)
     at
    com.ibm.ws.jsp.tagfile.webinf._test.doTag(_test.java:57)
     at
    com.ibm._jsp._PM12658._jspx_meth_t_test_0(_PM12658.java:119)
     at com.ibm._jsp._PM12658._jspService(_PM12658.java:97)
     at
    com.ibm.ws.jsp.runtime.HttpJspBase.service(HttpJspBase.java:99)
     at
    javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  IBM WebSphere Application Server            *
    *                  Traditional                                 *
    *                  Profile version 9.0 and Liberty Profile     *
    *                  version 16.0.0 users of JavaServer Pages    *
    *                  (JSP)                                       *
    ****************************************************************
    * PROBLEM DESCRIPTION: An AccessControlException is thrown on  *
    *                      Solaris systems where the access is     *
    *                      denied for Constants.JSP_SERVLET_BASE   *
    *                      property.                               *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    An AccessControlException is thrown on Solaris systems where the
    access is denied for
    org.apache.jasper.Constants.JSP_SERVLET_BASE property when Java
    2 Security is enabled. As a result, you will see the following
    issue:
    java.security.AccessControlException: access denied
    ("java.util.PropertyPermission"
    "org.apache.jasper.Constants.JSP_SERVLET_BASE" "read")
    at
    java.security.AccessControlContext.checkPermission(AccessControl
    Context.java:472)
    at
    java.security.AccessController.checkPermission(AccessController.
    java:884)
    at
    java.lang.SecurityManager.checkPermission(SecurityManager.java:5
    49)
    at
    com.ibm.ws.security.core.SecurityManager.checkPermission(Securit
    yManager.java:208)
    at
    java.lang.SecurityManager.checkPropertyAccess(SecurityManager.ja
    va:1294)
    at java.lang.System.getProperty(System.java:753)
    at org.apache.jasper.Constants.<clinit>(Constants.java:36)
    at org.apache.jasper.el.ELContextImpl.<clinit>
    (ELContextImpl.java:83)
    at
    org.apache.jasper.runtime.JspApplicationContextImpl.createELCont
    ext(JspApplicationContextImpl.java:124)
    at
    org.apache.jasper.runtime.PageContextImpl.getELContext(PageConte
    xtImpl.java:837)
    

Problem conclusion

  • The JSP container was modified to fix the access control
    exception on the JSP_SERVLET_BASE property.
    
    The fix for this APAR is currently targeted for inclusion in
    fix pack 9.0.0.2 and 16.0.0.4. Please refer to the Recommended
    Updates page for delivery information:
    http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI67034

  • Reported component name

    WEBS APP SERV N

  • Reported component ID

    5724H8800

  • Reported release

    900

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2016-08-05

  • Closed date

    2016-08-30

  • Last modified date

    2016-08-30

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WEBS APP SERV N

  • Fixed component ID

    5724H8800

Applicable component levels

  • R900 PSY

       UP

[{"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"900","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
16 October 2021