Whenever I try to run the index.jsp example provided by Tomcat on /jsp/security/protected, I get the following error:
type Exception report
message Unable to compile class for JSP:
description The server encountered an internal error that prevented it from fulfilling this request.
exception
org.apache.jasper.JasperException: Unable to compile class for JSP:
An error occurred at line: 31 in the jsp file: /index.jsp
util.HTMLFilter cannot be resolved to a type
28: <body bgcolor="white">
29:
30: You are logged in as remote user
31: <b><%= util.HTMLFilter.filter(request.getRemoteUser()) %></b>
32: in session <b><%= session.getId() %></b><br><br>
33:
34: <%
An error occurred at line: 38 in the jsp file: /index.jsp
util.HTMLFilter cannot be resolved to a type
35: if (request.getUserPrincipal() != null) {
36: %>
37: Your user principal name is
38: <b><%= util.HTMLFilter.filter(request.getUserPrincipal().getName()) %></b>
39: <br><br>
40: <%
41: } else {
An error occurred at line: 56 in the jsp file: /index.jsp
util.HTMLFilter cannot be resolved to a type
53: if (request.isUserInRole(role)) {
54: %>
55: You have been granted role
56: <b><%= util.HTMLFilter.filter(role) %></b><br><br>
57: <%
58: } else {
59: %>
An error occurred at line: 61 in the jsp file: /index.jsp
util.HTMLFilter cannot be resolved to a type
58: } else {
59: %>
60: You have <i>not</i> been granted role
61: <b><%= util.HTMLFilter.filter(role) %></b><br><br>
62: <%
63: }
64: }
An error occurred at line: 70 in the jsp file: /index.jsp
util.HTMLFilter cannot be resolved to a type
67: To check whether your username has been granted a particular role,
68: enter it here:
69: <form method="GET" action='<%= response.encodeURL("index.jsp") %>'>
70: <input type="text" name="role" value="<%= util.HTMLFilter.filter(role) %>">
71: </form>
72: <br><br>
73:
Stacktrace:
org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:103)
org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:366)
org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:476)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:378)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:353)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:340)
org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:657)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:357)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
The code of the file is
<%
if (request.getParameter("logoff") != null) {
session.invalidate();
response.sendRedirect("index.jsp");
return;
}
%>
<html>
<head>
<title>Protected Page for Examples</title>
</head>
<body bgcolor="white">
You are logged in as remote user
<b><%= util.HTMLFilter.filter(request.getRemoteUser()) %></b>
in session <b><%= session.getId() %></b><br><br>
<%
if (request.getUserPrincipal() != null) {
%>
Your user principal name is
<b><%= util.HTMLFilter.filter(request.getUserPrincipal().getName()) %></b>
<br><br>
<%
} else {
%>
No user principal could be identified.<br><br>
<%
}
%>
<%
String role = request.getParameter("role");
if (role == null)
role = "";
if (role.length() > 0) {
if (request.isUserInRole(role)) {
%>
You have been granted role
<b><%= util.HTMLFilter.filter(role) %></b><br><br>
<%
} else {
%>
You have <i>not</i> been granted role
<b><%= util.HTMLFilter.filter(role) %></b><br><br>
<%
}
}
%>
To check whether your username has been granted a particular role,
enter it here:
<form method="GET" action='<%= response.encodeURL("index.jsp") %>'>
<input type="text" name="role" value="<%= util.HTMLFilter.filter(role) %>">
</form>
<br><br>
If you have configured this app for form-based authentication, you can log
off by clicking
<a href='<%= response.encodeURL("index.jsp?logoff=true") %>'>here</a>.
This should cause you to be returned to the logon page after the redirect
that is performed.
</body>
</html>
As I assume it's a well tested example. I guess, I'm missing something, a library, or something. What could be the problem?
The JAAS implementation is OK, because I can login, if I point directly at the login.jsp.
Based on the log, the JSP engine was not able to find the class util.HTMLFilter.
If it's a 3rd party then the jar file should be there in WEB-INF/lib, if it's the class that you write then the compiled *.class file should be there in WEB-INF/classes and the package name should be correct.