Jira is not starting after Initialization of bean failed; nested exception is java.lang.NoClassDefFoundError: PanwHooks

Related content

Still need help?

The Atlassian Community is here for you.

Ask the community


Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

The Jira server fails to start after Initialization of bean failed; nested exception is java.lang.NoClassDefFoundError: PanwHooks.

Environment

8.x

Diagnosis

Jira will not start with the following stack trace in the catalina.out log file:

2022-05-05 14:23:52,528+0300 JIRA-Bootstrap INFO      [c.a.jira.startup.JiraStartupLogger] 
    
    ___ Starting the JIRA Plugin System _________________
    
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by org.apache.felix.framework.ext.ClassPathExtenderFactory$DefaultClassLoaderExtender (file:/<installation-directory>/atlassian/jira/atlassian-jira/WEB-INF/lib/org.apache.felix.framework-5.6.12.jar) to method java.net.URLClassLoader.addURL(java.net.URL)
WARNING: Please consider reporting this to the maintainers of org.apache.felix.framework.ext.ClassPathExtenderFactory$DefaultClassLoaderExtender
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
ERROR: Bundle org.eclipse.gemini.blueprint.extender [4] Error starting file:/<installation-directory>/atlassian/jira/atlassian-jira/WEB-INF/osgi-framework-bundles/gemini-blueprint-extender-3.0.0.M01.jar (org.osgi.framework.BundleException: Activator start error in bundle org.eclipse.gemini.blueprint.extender [4].)
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.beans.factory.config.PropertyPlaceholderConfigurer#0' defined in OSGi resource[bundle://2.0:0/META-INF/spring/extender/extender-configuration.xml|bnd.id=4|bnd.sym=org.eclipse.gemini.blueprint.extender]: Initialization of bean failed; nested exception is java.lang.NoClassDefFoundError: PanwHooks
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:628)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:213)
	at org.eclipse.gemini.blueprint.context.support.AbstractDelegatedExecutionApplicationContext.invokeBeanFactoryPostProcessors(AbstractDelegatedExecutionApplicationContext.java:478)
	at org.eclipse.gemini.blueprint.context.support.AbstractDelegatedExecutionApplicationContext.invokeBeanFactoryPostProcessors(AbstractDelegatedExecutionApplicationContext.java:359)
	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:564)
	at org.eclipse.gemini.blueprint.context.support.AbstractDelegatedExecutionApplicationContext.access$301(AbstractDelegatedExecutionApplicationContext.java:57)
	at org.eclipse.gemini.blueprint.context.support.AbstractDelegatedExecutionApplicationContext$1.run(AbstractDelegatedExecutionApplicationContext.java:165)
	at org.eclipse.gemini.blueprint.util.internal.PrivilegedUtils.executeWithCustomTCCL(PrivilegedUtils.java:85)
	at org.eclipse.gemini.blueprint.context.support.AbstractDelegatedExecutionApplicationContext.normalRefresh(AbstractDelegatedExecutionApplicationContext.java:161)
	at org.eclipse.gemini.blueprint.context.support.AbstractDelegatedExecutionApplicationContext$NoDependenciesWaitRefreshExecutor.refresh(AbstractDelegatedExecutionApplicationContext.java:75)
	at org.eclipse.gemini.blueprint.context.support.AbstractDelegatedExecutionApplicationContext.refresh(AbstractDelegatedExecutionApplicationContext.java:154)
	at org.eclipse.gemini.blueprint.extender.internal.support.ExtenderConfiguration.start(ExtenderConfiguration.java:164)
	at org.eclipse.gemini.blueprint.extender.internal.boot.ChainActivator.start(ChainActivator.java:93)
	at org.apache.felix.framework.util.SecureAction.startActivator(SecureAction.java:697)
	at org.apache.felix.framework.Felix.activateBundle(Felix.java:2240)
	at org.apache.felix.framework.Felix.startBundle(Felix.java:2146)
	at org.apache.felix.framework.Felix.setActiveStartLevel(Felix.java:1373)
	at org.apache.felix.framework.FrameworkStartLevelImpl.run(FrameworkStartLevelImpl.java:308)
	at java.base/java.lang.Thread.run(Unknown Source)
Caused by: java.lang.NoClassDefFoundError: PanwHooks
	at org.springframework.beans.AbstractPropertyAccessor.setPropertyValues(AbstractPropertyAccessor.java)
	at org.springframework.beans.AbstractPropertyAccessor.setPropertyValues(AbstractPropertyAccessor.java:79)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1740)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1452)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:619)
	... 22 more
Caused by: java.lang.ClassNotFoundException: PanwHooks not found by org.apache.servicemix.bundles.spring-beans [8]
	at org.apache.felix.framework.BundleWiringImpl.findClassOrResourceByDelegation(BundleWiringImpl.java:1639)
	at org.apache.felix.framework.BundleWiringImpl.access$200(BundleWiringImpl.java:80)
	at org.apache.felix.framework.BundleWiringImpl$BundleClassLoader.loadClass(BundleWiringImpl.java:2053)
	at java.base/java.lang.ClassLoader.loadClass(Unknown Source)
	... 27 more

Cause

This has been known to be caused by a security software Palo Alto Cortex XDR agent (a.k.a traps) injecting itself into Jira's JVM in attempt to prevent deserialisation exploits such as that found most recently in Log4j libraries.

Further Reading: 

Solution

Our Security team investigated the impact of the Log4j remote code execution vulnerability (CVE-2021-44228) and has determined that no Atlassian on-premises products are vulnerable to CVE-2021-44228. Please check the FAQ for CVE-2021-44228 for more detail.

After consulting with your internal security team, whitelist the Jira java process in Cortex XDR and restart Jira.

You can create a Global Exception to whitelist a specific Java executable (jar, class) that you know to be benign directly from the Cortex XDR alert. The new Java Deserialisation Exploit protection module is automatically activated when you enable Known Vulnerable Processes Protection in the Linux Exploit Security profile.

Source: https://live.paloaltonetworks.com/t5/blogs/cortex-xdr-features-introduced-in-december-2019/ba-p/302231

(info) Similar behaviour can be caused by other security malware scanner in the server so you will need to check on those even if you do not have Cortex XDR installed



Last modified on Aug 23, 2022

Was this helpful?

Yes
No
Provide feedback about this article

Related content

Powered by Confluence and Scroll Viewport.