Grails 5.1.2-Application fails on Tomcat with Security Manager enabled and JDK11

Parpet commented 2 years ago

Expected Behavior

Fresh created Grails 5.1.2-Application should start on Tomcat 9 with Security Manager enabled and all permissions granted (permission java.security.AllPermission in catalina.policy)

Actual Behaviour

Although all permissions are granted, Tomcat with Security Manager enabled and JDK11 throws this error:

'2022-01-27 14:16:26.180 ERROR --- [           main] o.s.boot.SpringApplication               : Application run failed

java.security.AccessControlException: access denied ("java.io.FilePermission" "/srv/catalina/apache-tomcat-9.0.56/webapps/testGrails512/WEB-INF/classes/META-INF/services/io.micronaut.inject.BeanDefinitionReference" "read")

Full log-file catalina.2022-01-27.log is attached.

The same Tomcat-Instance starts correct when changed to JDK8.

Without Security Manager there are no problems with both JDK's.

The workaround from a similar spring-boot issue (starting Tomcat with -Dsun.misc.URLClassPath.disableJarChecking=true) didn't solve this problem.

Steps To Reproduce

grails create-app testGrails512 -profile web cd testGrails512 grails war
In a standalone Tomcat-instance change the content of conf/catalina.policy to
```
grant{
permission java.security.AllPermission;
};
```
drop the war-file into the webapps-folder
start tomcat bin/startup.sh -security

Environment Information

Grails-Application generated on Windows:

grails -version
| Grails Version: 5.1.2
| JVM Version: 11.0.14

Tomcat 9.0.56 on openSUSE-Leap-15.3 (WSL2)

Example Application

No response

Version

5.1.2

manishkbharti commented 2 years ago

Same behavior with Jetty.

java.security.AccessControlException: access denied ("java.io.FilePermission" "/DIR/webapp/WEB-INF/lib/grails-core-5.1.2.jar" "read")

manishkbharti commented 2 years ago

Same with v5.1.5 -

java.security.AccessControlException: access denied ("java.io.FilePermission" "/DIR/webapp/WEB-INF/lib/grails-core-5.1.5.jar" "read")

FYI -- @puneetbehl @jeffbrown

manishkbharti commented 2 years ago

Same with v5.1.7 --

java.security.AccessControlException: access denied ("java.io.FilePermission" "/DIR/webapp/WEB-INF/lib/grails-core-5.1.7.jar" "read")

manishkbharti commented 1 year ago

Same with v5.2.5 --

java.security.AccessControlException: access denied ("java.io.FilePermission" "/DIR/webapp/WEB-INF/lib/grails-core-5.2.5.jar" "read")

grails / grails-core