Bug 1240279 - The command tomcat-digest doesn't work with RHEL 7
Summary: The command tomcat-digest doesn't work with RHEL 7
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: tomcat   
(Show other bugs)
Version: 7.0
Hardware: Unspecified
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Coty Sutherland
QA Contact: fgoldefu
Lucie Maňásková
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: 1203710 1298191 1313485 1364056 1364068
TreeView+ depends on / blocked
 
Reported: 2015-07-06 12:29 UTC by Pankaj Degave
Modified: 2016-11-03 21:09 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Release Note
Doc Text:
Fix for *tomcat-digest* to generate password hashes When using the *tomcat-digest* utility to create an SHA hash of Tomcat passwords, the command terminated unexpectedly with the *ClassNotFoundException* Java exception. A patch has been provided to fix this bug and *tomcat-digest* now generates password hashes as expected.
Story Points: ---
Clone Of:
: 1364056 1364068 (view as bug list)
Environment:
Last Closed: 2016-11-03 21:09:08 UTC
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
JBoss Issue Tracker JWS-232 Critical Closed Tomcat 7/8 RPM: obsolete digest script 2018-10-30 16:34 UTC
Red Hat Product Errata RHSA-2016:2599 normal SHIPPED_LIVE Moderate: tomcat security, bug fix, and enhancement update 2016-11-03 12:12:12 UTC

Description Pankaj Degave 2015-07-06 12:29:25 UTC
Description of problem:
1. When using cmd "tomcat-digest" in order to create a SHA hash of tomcat passwords,the cmd fails with below java exception.
~~~
Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/tomcat/util/ExceptionUtils
        at org.apache.catalina.startup.Tool.main(Tool.java:230)
Caused by: java.lang.ClassNotFoundException: org.apache.tomcat.util.ExceptionUtils
        at java.net.URLClassLoader$1.run(URLClassLoader.java:366)
        at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
        at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
        ... 1 more
~~~

Version-Release number of selected component (if applicable):
~~~
Server version: Apache Tomcat/7.0.54
Server built:   Mar 24 2015 07:49:05
Server number:  7.0.54.0
OS Name:        Linux
OS Version:     3.10.0-229.el7.x86_64
Architecture:   amd64
~~~
How reproducible:
1. [pankaj@dhcp Desktop]tomcat-digest  (Use simple cmd with no parameter)

Actual results:
~~~
Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/tomcat/util/ExceptionUtils
        at org.apache.catalina.startup.Tool.main(Tool.java:230)
Caused by: java.lang.ClassNotFoundException: org.apache.tomcat.util.ExceptionUtils
        at java.net.URLClassLoader$1.run(URLClassLoader.java:366)
        at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
        at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
        ... 1 more
~~~

Expected results:
~~~
[pankaj@dhcp Desktop]$ tomcat-digest -a SHA-256 Foo
Foo:1cbec737f863e4922cee63cc2ebbfaafcd1cff8b790d8cfd2e6a5d550b648afa
~~~

Additional info:

- It can be seen that the cause of error is due to the class "org.apache.tomcat.util.ExceptionUtils" is not available for the class loader during this early stage.The class "org.apache.tomcat.util.ExceptionUtils" is located in "/usr/share/tomcat/lib/tomcat-coyote.jar" 

~~~~~~~~~
[pankaj@dhcp233-125 lib]egrep -ir "org.apache.tomcat.util.ExceptionUtils"  /usr/share/tomcat/lib/
O/P : Binary file /usr/share/tomcat/lib/tomcat-coyote.jar matches
~~~~~~~~~

- We also need to add "/usr/share/tomcat/lib/tomcat-util.jar" to classpath or else the cmd will throw the error something like :

~~~
java.lang.NoClassDefFoundError: org/apache/tomcat/util/res/StringManager
	at org.apache.catalina.util.LifecycleBase.<clinit>(LifecycleBase.java:39)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at org.apache.catalina.startup.Tool.main(Tool.java:228)
Caused by: java.lang.ClassNotFoundException: org.apache.tomcat.util.res.StringManager
~~~

Workaround : 

- The simple workaround is just add the jar's "tomcat-util.jar" and "tomcat-coyote.jar" to his classpath.

eg :  # CLASSPATH=/usr/share/tomcat/lib/tomcat-util.jar:/usr/share/tomcat/lib/tomcat-coyote.jar tomcat-digest -a md5 mycredentials

- The result would be it includes the missing .jar files needed by tomcat-digest.After adding these jar's the script works as expected.

Comment 2 Michal Karm Babacek 2015-07-07 04:55:01 UTC
Dear Filip, could you try to reproduce it with our JWS3 RHEL7 RPM and ZIP distro?

Comment 4 Coty Sutherland 2015-11-10 19:56:56 UTC
The workaround is the fix and matches (mostly) what was done for JWS-232 :)

Patch:
# diff -rupN /usr/bin/tomcat-digest.orig /usr/bin/tomcat-digest
--- /usr/bin/tomcat-digest.orig	2015-11-10 14:53:54.682000000 -0500
+++ /usr/bin/tomcat-digest	2015-11-10 14:52:53.539000000 -0500
@@ -34,7 +34,7 @@ export CLASSPATH
 MAIN_CLASS="org.apache.catalina.startup.Tool"
 BASE_FLAGS="-Dcatalina.home=\"$CATALINA_HOME\""
 BASE_OPTIONS=""
-BASE_JARS="commons-daemon tomcat/catalina servlet"
+BASE_JARS="commons-daemon tomcat/catalina servlet tomcat/tomcat-util tomcat/tomcat-coyote"
 
 # Set parameters
 set_classpath $BASE_JARS

Test:
# tomcat-digest -a md5 test
test:098f6bcd4621d373cade4e832627b4f6

Comment 10 errata-xmlrpc 2016-11-03 21:09:08 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2016-2599.html


Note You need to log in before you can comment on or make changes to this bug.