AccessToken class can't be found while accessing application

[mhfrq]

security related dependencies, get dependency tree with mvn dependency:tree:

[INFO] +- org.apache.tomee:javaee-api:jar:7.0-2:compile [INFO] +- com.sap.cloud.security:java-api:jar:2.8.4:provided [INFO] | - com.google.code.findbugs:jsr305:jar:3.0.2:provided [INFO] +- com.sap.cloud.security.xsuaa:token-client:jar:2.8.4:provided [INFO] | +- org.slf4j:slf4j-api:jar:1.7.30:provided [INFO] | +- com.sap.cloud.security.xsuaa:api:jar:2.8.4:provided [INFO] | +- org.json:json:jar:20201115:provided [INFO] | - com.github.ben-manes.caffeine:caffeine:jar:2.8.8:provided [INFO] | +- org.checkerframework:checker-qual:jar:3.8.0:provided [INFO] | - com.google.errorprone:error_prone_annotations:jar:2.4.0:provided [INFO]+- org.apache.httpcomponents:httpclient:jar:4.5.9:compile [INFO] | +- org.apache.httpcomponents:httpcore:jar:4.4.11:compile [INFO] | +- commons-logging:commons-logging:jar:1.2:compile [INFO] | - commons-codec:commons-codec:jar:1.11:compile [INFO] +- com.sap.cloud.security:java-security:jar:2.8.4:provided [INFO] | - commons-io:commons-io:jar:2.8.0:compile ...

(SAP) Java buildpack version, e.g. 1.26.1:

1.32.0

debug logs:

org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/].[MyServlet] Servlet.service() for servlet [MyServlet] in context with path [] threw exception [Servlet execution threw an exception] with root cause

java.lang.ClassNotFoundException: com.sap.cloud.security.token.AccessToken at java.net.URLClassLoader.findClass(URLClassLoader.java:444) at java.lang.ClassLoader.loadClass(ClassLoader.java:480) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:384) at java.lang.ClassLoader.loadClass(ClassLoader.java:413) ... at javax.servlet.http.HttpServlet.service(HttpServlet.java:626) at javax.servlet.http.HttpServlet.service(HttpServlet.java:733) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.tomee.webservices.CXFJAXRSFilter.doFilter(CXFJAXRSFilter.java:83) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) at org.apache.tomee.catalina.OpenEJBValve.invoke(OpenEJBValve.java:44) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:669) at com.sap.xs.security.container.XSSecurityAuthenticator.invoke(XSSecurityAuthenticator.java:62) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) at org.apache.tomee.catalina.OpenEJBSecurityListener$RequestCapturer.invoke(OpenEJBSecurityListener.java:97) at com.sap.xs.java.valves.ErrorReportValve.invoke(ErrorReportValve.java:66) at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:256) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) at com.sap.xs.jdbc.datasource.valve.JDBCValve.invoke(JDBCValve.java:62) at com.sap.xs.security.TenantIdValve.invoke(TenantIdValve.java:34) at com.sap.xs.security.UserInfoValve.invoke(UserInfoValve.java:18) at com.sap.xs.statistics.tomcat.valve.RequestTracingValve.invoke(RequestTracingValve.java:43) at com.sap.xs.logging.catalina.RuntimeInfoValve.invoke(RuntimeInfoValve.java:42) at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:764) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:616) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:831) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1634) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:836)

issue you’re facing / steps to reproduce:

While trying to access my application I get an Class Not Found Exception from AccessToken. (Build or Deployment doesn't throw any errors)

I'm importing sap-java-buildpack-bom and cf-tomee7-bom (version 1.32.0) in my pom.xml, and listing the java-api as dependency (like in this example: https://github.com/SAP/cloud-security-xsuaa-integration/blob/master/samples/sap-java-buildpack-api-usage/pom.xml)

I also tried to use the "compile"-scope, so the java-api jar is deployed within my war file in WEB-INF/lib folder. Still the class can't be found by the ClassLoader.

Any help is greatly appreciated.

[nenaraab]

Hi @mhfrq

there is something strange in your setup, as version 2.8.4 already provides AccessToken with java-api. What if you remove the tomcat dependency? I can just say, the sample is working properly with version 1.32.0

Best regards, Nena

[mhfrq]

Hello @nenaraab

This problem was caused by wrong maven configurations, but we were able to fix it. Thank you for your fast reply and support!

Best regards, Maria

[nenaraab]

HI @mhfrq thanks for your feedback!