"java.lang.SecurityException: class x.y.z.SomeClass's signer information does not match signer information of other classes in the same package" error from JBoss EAP 5.x

Solution Verified - Updated 2016-08-22T11:20:05+00:00 -

Issue

When starting up the EAP we see the following exception

        WARN  [ClassLoaderManager] Unexpected error during load of:x.y.z.SomeClassjava.lang.SecurityException: class "x.y.z.SomeClass"'s signer information does not match signer information of other classes in the same package
         at java.lang.ClassLoader.checkCerts(ClassLoader.java:776)
         at java.lang.ClassLoader.preDefineClass(ClassLoader.java:488)
         at java.lang.ClassLoader.defineClass(ClassLoader.java:615)

Example Error

java.lang.SecurityException: class "javax.servlet.FilterRegistration"'s signer information does not match signer information of other classes in the same package
at java.lang.ClassLoader.checkCerts(ClassLoader.java:952)
    at java.lang.ClassLoader.preDefineClass(ClassLoader.java:666)
    at java.lang.ClassLoader.defineClass(ClassLoader.java:794)
    at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
    at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
    at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
    at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
    at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
    at org.eclipse.jetty.servlet.ServletContextHandler.<init>(ServletContextHandler.java:136)
    at org.eclipse.jetty.servlet.ServletContextHandler.<init>(ServletContextHandler.java:116)
    at org.apache.camel.component.jetty.JettyHttpComponent.createServletForConnector(JettyHttpComponent.java:921)

We observe this error intermittently, the jar file is signed correctly, there is no duplicated .jar / .class file, and it only happens sometimes (randomly) after the restart of EAP.
This error is also observed while running using camel-jetty endpoint as a HTTP Cosumer the java.lang.SecurityException: class "javax.servlet.FilterRegistration"'s signer information does not match signer information of other classes in the same package occurs.
When starting JBoss with the monitoring software Riverbed problems arise with signed jar files. Is it possible to JBoss EAP 5.1.0 version without getting signed jar files or we may delete the certificates manually without our support to lose?

Environment

JBoss Enterprise Application Platform (EAP)
- 5.x
JBoss SOA Platform (SOA-P)
- 5.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

New to Red Hat?

Learn more about Red Hat subscriptions

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories