Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tomcat 10.1.36 causes application startup failures due to DirResourceSet.initInternal() changes #44342

Closed
philwebb opened this issue Feb 18, 2025 · 6 comments
Closed

Tomcat 10.1.36 causes application startup failures due to DirResourceSet.initInternal() changes #44342

philwebb opened this issue Feb 18, 2025 · 6 comments
Labels
status: superseded An issue that has been superseded by another

Comments

@philwebb
Copy link
Member

Running SampleTomcatApplication fails for me with the following exception:

java.util.concurrent.ExecutionException: org.apache.catalina.LifecycleException: A child container failed during start
	at java.base/java.util.concurrent.FutureTask.report(FutureTask.java:122) ~[na:na]
	at java.base/java.util.concurrent.FutureTask.get(FutureTask.java:191) ~[na:na]
	at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:756) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:203) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.StandardService.startInternal(StandardService.java:415) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:870) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.startup.Tomcat.start(Tomcat.java:437) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.initialize(TomcatWebServer.java:128) ~[main/:na]
	at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.<init>(TomcatWebServer.java:107) ~[main/:na]
	at org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory.getTomcatWebServer(TomcatServletWebServerFactory.java:516) ~[main/:na]
	at org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory.getWebServer(TomcatServletWebServerFactory.java:222) ~[main/:na]
	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.createWebServer(ServletWebServerApplicationContext.java:193) ~[main/:na]
	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.onRefresh(ServletWebServerApplicationContext.java:167) ~[main/:na]
	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:621) ~[spring-context-6.2.3.jar:6.2.3]
	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:146) ~[main/:na]
	at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:752) ~[main/:na]
	at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:439) ~[main/:na]
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:318) ~[main/:na]
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1361) ~[main/:na]
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1350) ~[main/:na]
	at smoketest.tomcat.SampleTomcatApplication.main(SampleTomcatApplication.java:51) ~[main/:na]
Caused by: org.apache.catalina.LifecycleException: A child container failed during start
	at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:768) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:772) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1203) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1193) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) ~[na:na]
	at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:145) ~[na:na]
	at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:749) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	... 21 common frames omitted
Caused by: java.util.concurrent.ExecutionException: org.apache.catalina.LifecycleException: Failed to initialize component [org.apache.catalina.webresources.DirResourceSet@5d58c727]
	at java.base/java.util.concurrent.FutureTask.report(FutureTask.java:122) ~[na:na]
	at java.base/java.util.concurrent.FutureTask.get(FutureTask.java:191) ~[na:na]
	at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:756) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	... 29 common frames omitted
Caused by: org.apache.catalina.LifecycleException: Failed to initialize component [org.apache.catalina.webresources.DirResourceSet@5d58c727]
	at org.apache.catalina.util.LifecycleBase.handleSubClassException(LifecycleBase.java:406) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:125) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:155) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.webresources.StandardRoot.startInternal(StandardRoot.java:726) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.StandardContext.resourcesStart(StandardContext.java:4162) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:4284) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1203) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1193) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) ~[na:na]
	at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:145) ~[na:na]
	at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:749) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	... 29 common frames omitted
Caused by: java.lang.IllegalStateException: Unable to disable the global canonical file name cache or confirm that it is disabled when starting the WebResourceSet at [/var/folders/q9/d8h90v6965b8z19fm4_5pnw80000gn/T/tomcat-docbase.8080.15696593139772065661] which is part of the web application []. The WebResourceSet may be exposed to CVE-2024-56337.
	at org.apache.catalina.webresources.DirResourceSet.initInternal(DirResourceSet.java:364) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:122) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	... 41 common frames omitted

2025-02-18T12:03:09.582-08:00  INFO 45424 --- [           main] o.apache.catalina.core.StandardService   : Stopping service [Tomcat]
2025-02-18T12:03:09.584-08:00  WARN 45424 --- [           main] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.context.ApplicationContextException: Unable to start web server
2025-02-18T12:03:09.589-08:00  INFO 45424 --- [           main] .s.b.a.l.ConditionEvaluationReportLogger : 

Error starting ApplicationContext. To display the condition evaluation report re-run your application with 'debug' enabled.
2025-02-18T12:03:09.601-08:00 ERROR 45424 --- [           main] o.s.boot.SpringApplication               : Application run failed

org.springframework.context.ApplicationContextException: Unable to start web server
	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.onRefresh(ServletWebServerApplicationContext.java:170) ~[main/:na]
	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:621) ~[spring-context-6.2.3.jar:6.2.3]
	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:146) ~[main/:na]
	at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:752) ~[main/:na]
	at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:439) ~[main/:na]
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:318) ~[main/:na]
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1361) ~[main/:na]
	at org.springframework.boot.SpringApplication.run(SpringApplication.java:1350) ~[main/:na]
	at smoketest.tomcat.SampleTomcatApplication.main(SampleTomcatApplication.java:51) ~[main/:na]
Caused by: org.springframework.boot.web.server.WebServerException: Unable to start embedded Tomcat
	at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.initialize(TomcatWebServer.java:147) ~[main/:na]
	at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.<init>(TomcatWebServer.java:107) ~[main/:na]
	at org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory.getTomcatWebServer(TomcatServletWebServerFactory.java:516) ~[main/:na]
	at org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory.getWebServer(TomcatServletWebServerFactory.java:222) ~[main/:na]
	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.createWebServer(ServletWebServerApplicationContext.java:193) ~[main/:na]
	at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.onRefresh(ServletWebServerApplicationContext.java:167) ~[main/:na]
	... 8 common frames omitted
Caused by: org.apache.catalina.LifecycleException: A child container failed during start
	at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:768) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:203) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.StandardService.startInternal(StandardService.java:415) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:870) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.startup.Tomcat.start(Tomcat.java:437) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.initialize(TomcatWebServer.java:128) ~[main/:na]
	... 13 common frames omitted
Caused by: java.util.concurrent.ExecutionException: org.apache.catalina.LifecycleException: A child container failed during start
	at java.base/java.util.concurrent.FutureTask.report(FutureTask.java:122) ~[na:na]
	at java.base/java.util.concurrent.FutureTask.get(FutureTask.java:191) ~[na:na]
	at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:756) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	... 21 common frames omitted
Caused by: org.apache.catalina.LifecycleException: A child container failed during start
	at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:768) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:772) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1203) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1193) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) ~[na:na]
	at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:145) ~[na:na]
	at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:749) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	... 21 common frames omitted
Caused by: java.util.concurrent.ExecutionException: org.apache.catalina.LifecycleException: Failed to initialize component [org.apache.catalina.webresources.DirResourceSet@5d58c727]
	at java.base/java.util.concurrent.FutureTask.report(FutureTask.java:122) ~[na:na]
	at java.base/java.util.concurrent.FutureTask.get(FutureTask.java:191) ~[na:na]
	at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:756) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	... 29 common frames omitted
Caused by: org.apache.catalina.LifecycleException: Failed to initialize component [org.apache.catalina.webresources.DirResourceSet@5d58c727]
	at org.apache.catalina.util.LifecycleBase.handleSubClassException(LifecycleBase.java:406) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:125) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:155) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.webresources.StandardRoot.startInternal(StandardRoot.java:726) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.StandardContext.resourcesStart(StandardContext.java:4162) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:4284) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:164) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1203) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1193) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) ~[na:na]
	at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at java.base/java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:145) ~[na:na]
	at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:749) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	... 29 common frames omitted
Caused by: java.lang.IllegalStateException: Unable to disable the global canonical file name cache or confirm that it is disabled when starting the WebResourceSet at [/var/folders/q9/d8h90v6965b8z19fm4_5pnw80000gn/T/tomcat-docbase.8080.15696593139772065661] which is part of the web application []. The WebResourceSet may be exposed to CVE-2024-56337.
	at org.apache.catalina.webresources.DirResourceSet.initInternal(DirResourceSet.java:364) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:122) ~[tomcat-embed-core-10.1.36.jar:10.1.36]
	... 41 common frames omitted

I also see similar failures from :spring-boot-project:spring-boot-docs:runLoggingFormatExample.
@philwebb
Copy link
Member Author

It looks like there are a few things happening. Firstly, the DirResourceSet.isCaseSensitive() method always returns false, even on a Mac. This appears to be because calling upper.getCanonicalPath() returns the lowercase name so true is never returned.

The second problem is that JreCompat uses reflection to check FileSystem.useCanonCaches. On Java 17 a InaccessibleObjectException is thrown so this method isn't available.

@philwebb philwebb mentioned this issue Feb 18, 2025
Closed
@ftreede
Copy link

ftreede commented Feb 20, 2025

I also ran into this issue. Seems like tomcat can set the readonly flag on multiple levels; for the DefaultServlet it defaults to true but for DirResourceSet it defaults to false, and DirResourceSet is the class where the check is performed.

It's possible to work around this by setting the resource root to readonly too:

@Bean
TomcatContextCustomizer readOnlyTomcatContextCustomizer() {
    return context -> {
        if (context.getResources() == null) {
            context.setResources(new StandardRoot());
        }
        context.getResources().setReadOnly(true);
    };
}

However there are still issues, since a similar attempt will also be caused by org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory.StaticResourceConfigurer. In that case it happens if the classpath contains folders with meta-inf/resources. It doesn't crash the server as the exception ends up getting eaten by a broad empty catch block though:

spring-boot/spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/tomcat/TomcatServletWebServerFactory.java

Lines 861 to 863 in 7db43b5

catch (Exception ex) {
// Ignore (probably not a directory)
}

@wilkinsona
Copy link
Member

Superseded by #44331.

@wilkinsona wilkinsona closed this as not planned Won't fix, can't repro, duplicate, stale Feb 20, 2025
@wilkinsona wilkinsona added the status: superseded An issue that has been superseded by another label Feb 20, 2025
@mycad
Copy link

mycad commented Feb 23, 2025
edited
Loading

and have CVE-2024-56337 error message:

Caused by: java.lang.IllegalStateException: Unable to disable the global canonical file name cache or confirm that it is disabled when starting the WebResourceSet at [C:\Users\ADMINI~1\AppData\Local\Temp\tomcat-docbase.8080.6017016405716347101] which is part of the web application []. The WebResourceSet may be exposed to CVE-2024-56337.

@mycad
Copy link

mycad commented Feb 23, 2025 

@Override
    protected void initInternal() throws LifecycleException {
        super.initInternal();
        caseSensitive = isCaseSensitive();
        // Is this an exploded web application?
        if (getWebAppMount().equals("")) {
            // Look for a manifest
            File mf = file("META-INF/MANIFEST.MF", true);
            if (mf != null && mf.isFile()) {
                try (FileInputStream fis = new FileInputStream(mf)) {
                    setManifest(new Manifest(fis));
                } catch (IOException e) {
                    log.warn(sm.getString("dirResourceSet.manifestFail", mf.getAbsolutePath()), e);
                }
            }
        }
        // Check for exposure to CVE-2024-56337
        if (caseSensitive) {
            // CVE-2024-56337 (nor CVE-2024-50379) is not exploitable on a case sensitive file system
            return;
        }
        if (isReadOnly()) {
            // CVE-2024-56337 (nor CVE-2024-50379) is not exploitable on a read-only ResourceSet
            return;
        }
        if (JreCompat.getInstance().isCanonCachesDisabled()) {
            // CVE-2024-56337 (nor CVE-2024-50379) is not exploitable if the canonical file name cache is disabled
            return;
        }
        // This ResourceSet may be exposed to CVE-2024-56337.
        if (JreCompat.getInstance().disableCanonCaches()) {
            /*
             * The canonical file name cache was enabled and is now disabled.
             */
            log.warn(sm.getString("dirResourceSet.canonCaches.disabled", getFileBase(),
                    getRoot().getContext().getName()));
        } else {
            /*
             * The canonical file name cache could not be disabled (or Tomcat cannot confirm it has been disabled). This
             * ResourceSet may be exposed to CVE-2024-56337.
             */
            throw new IllegalStateException(sm.getString("dirResourceSet.canonCaches.enabled", getFileBase(),
                    getRoot().getContext().getName()));
        }
    }

and DirResourceSet missing setReadonly method provied by AbstractFileResourceSet, readonly default value is false

    public DirResourceSet(WebResourceRoot root, String webAppMount, String base, String internalPath) {
        super(internalPath);
        setRoot(root);
        setWebAppMount(webAppMount);
        setBase(base);

        if (root.getContext().getAddWebinfClassesResources()) {
            File f = new File(base, internalPath);
            f = new File(f, "/WEB-INF/classes/META-INF/resources");

            if (f.isDirectory()) {
                root.createWebResourceSet(ResourceSetType.RESOURCE_JAR, "/", f.getAbsolutePath(), null, "/");
            }
        }

        if (getRoot().getState().isAvailable()) {
            try {
                start();
            } catch (LifecycleException e) {
                throw new IllegalStateException(e);
            }
        }
    }

public abstract class AbstractFileResourceSet extends AbstractResourceSet {

    private static final Log log = LogFactory.getLog(AbstractFileResourceSet.class);

    protected static final String[] EMPTY_STRING_ARRAY = new String[0];

    private File fileBase;
    private String absoluteBase;
    private String canonicalBase;
    private boolean readOnly = false;

    protected AbstractFileResourceSet(String internalPath) {
        setInternalPath(internalPath);
    }

    protected final File getFileBase() {
        return fileBase;
    }

@wilkinsona
Copy link
Member

@mycad if you want to use Tomcat 10.1.36, you need to use Spring Boot 3.3.9 or 3.4.3 that were released last week. If you're seeing problems with those versions, please open a new issue with a minimal sample that reproduces the problem.

Kehrlann added a commit to Kehrlann/uaa that referenced this issue Feb 26, 2025
@Kehrlann
Fix cargo local with Tomcat 9.0.100
ae37cc1 
- Fixes a dev regression introduced in 4d292c2
- This is similar to a Boot issue here: spring-projects/spring-boot#44342 ;
  since this is Tomcat-version related issue, and only happens in cargo, we're using the simplest fix.
  We chose not to invest in this, because when the Boot migration is complete we will be getting rid
  of Cargo entirely.
@Kehrlann Kehrlann mentioned this issue Feb 26, 2025
Merged
duanemay pushed a commit to cloudfoundry/uaa that referenced this issue Feb 26, 2025
@Kehrlann @duanemay
Fix cargo local with Tomcat 9.0.100
11955af 
- Fixes a dev regression introduced in 4d292c2
- This is similar to a Boot issue here: spring-projects/spring-boot#44342 ;
  since this is Tomcat-version related issue, and only happens in cargo, we're using the simplest fix.
  We chose not to invest in this, because when the Boot migration is complete we will be getting rid
  of Cargo entirely.
duanemay added a commit to cloudfoundry/uaa that referenced this issue Feb 26, 2025
@duanemay
Fix cargo local with Tomcat 9.0.100
c0e1b31 
- Fixes a dev regression introduced in 4d292c2
- This is similar to a Boot issue here: spring-projects/spring-boot#44342 ;
  since this is Tomcat-version related issue, and only happens in cargo, we're using the simplest fix.
  We chose not to invest in this, because when the Boot migration is complete we will be getting rid
  of Cargo entirely.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: superseded An issue that has been superseded by another
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@philwebb @wilkinsona @mycad @ftreede