Confluence is not starting up after java.lang.NoClassDefFoundError: PanwHooks exception
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
The Confluence application fails to start afterjava.lang.NoClassDefFoundError: PanwHooksexception. This exception can be found in theatlassian-confluence.logfile.
Environment
Confluence 7.17.1, 7.13.x
Diagnosis
Confluence will not start with the following stack traces
In the Atlassian-Confluence.log file:
1
2
3
4
5
6
7
8
9
WARN [FelixStartLevel] [blueprint.context.support.OsgiBundleXmlApplicationContext] refresh Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.beans.factory.config.PropertyPlaceholderConfigurer#0' defined in OSGi resource[bundle://2.0:0/META-INF/spring/extender/extender-configuration.xml|bnd.id=1|bnd.sym=org.eclipse.gemini.blueprint.extender]: Initialization of bean failed; nested exception is java.lang.NoClassDefFoundError: PanwHooks
2022-04-22 09:51:20,786 ERROR [FelixDispatchQueue] [osgi.container.felix.FelixOsgiContainerManager] frameworkEvent Framework error in bundle org.eclipse.gemini.blueprint.extender
org.osgi.framework.BundleException: Activator start error in bundle org.eclipse.gemini.blueprint.extender [1].
at org.apache.felix.framework.Felix.activateBundle(Felix.java:2290)
at org.apache.felix.framework.Felix.startBundle(Felix.java:2146)
at org.apache.felix.framework.Felix.setActiveStartLevel(Felix.java:1373)
at org.apache.felix.framework.FrameworkStartLevelImpl.run(FrameworkStartLevelImpl.java:308)
at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.beans.factory.config.PropertyPlaceholderConfigurer#0' defined in OSGi resource[bundle://2.0:0/META-INF/spring/extender/extender-configuration.xml|bnd.id=1|bnd.sym=org.eclipse.gemini.blueprint.extender]: Initialization of bean failed; nested exception is java.lang.NoClassDefFoundError: PanwHooksIn the Confluene Site GUI, the following stack trace will display:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
caused by: java.lang.IllegalStateException: There should be at least one AvatarProvider module registered in the plugin system.
at com.atlassian.confluence.user.avatar.AvatarProviderAccessor.getAvatarProvider(AvatarProviderAccessor.java:30)
2022-04-20 14:03:20,630 ERROR [http-nio-8090-exec-11] [confluence.util.profiling.ConfluenceSitemeshErrorDecorator] renderInternal Failed to render error decorator. Falling back to using no decorator
-- traceId: 167c9144c8da246d
java.lang.IllegalStateException: There should be at least one AvatarProvider module registered in the plugin system.
at com.atlassian.confluence.user.avatar.AvatarProviderAccessor.getAvatarProvider(AvatarProviderAccessor.java:30)
at com.atlassian.confluence.user.DefaultUserAccessor.getLogoForUser(DefaultUserAccessor.java:716)
at com.atlassian.confluence.user.DefaultUserAccessor.lambda$getUserProfilePicture$3(DefaultUserAccessor.java:771)
at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:140)
at com.atlassian.confluence.user.DefaultUserAccessor.getUserProfilePicture(DefaultUserAccessor.java:769)
at jdk.internal.reflect.GeneratedMethodAccessor265.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:343)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:198)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
at com.atlassian.spring.interceptors.SpringProfilingInterceptor.invoke(SpringProfilingInterceptor.java:16)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:295)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:98)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
at com.sun.proxy.$Proxy137.getUserProfilePicture(Unknown Source)
at com.atlassian.confluence.setup.sitemesh.SitemeshContextItemProvider.getUserProfilePicture(SitemeshContextItemProvider.java:99)
at com.atlassian.confluence.setup.sitemesh.SitemeshContextItemProvider.getMap(SitemeshContextItemProvider.java:55)
at com.atlassian.confluence.setup.sitemesh.SitemeshContextItemProvider.<init>(SitemeshContextItemProvider.java:44)
at com.atlassian.confluence.setup.sitemesh.SitemeshContextItemProvider.getProvider(SitemeshContextItemProvider.java:39)
at com.atlassian.confluence.util.profiling.ConfluenceSitemeshDecorator.getSitemeshContext(ConfluenceSitemeshDecorator.java:150)
at com.atlassian.confluence.util.profiling.ConfluenceSitemeshDecorator.applyDecoratorUsingVelocity(ConfluenceSitemeshDecorator.java:165)
at com.atlassian.confluence.util.profiling.ConfluenceSitemeshDecorator.applyDecorator(ConfluenceSitemeshDecorator.java:138)
at com.atlassian.confluence.util.profiling.ConfluenceSitemeshErrorDecorator.renderInternal(Cause
This is caused by a security malware scanner blocking the Confluence process from starting as they found Log4j libraries as vulnerable.
Solution
Our Security team investigated the impact of the Log4j remote code execution vulnerability (CVE-2021-44228) and has determined that no Atlassian on-premises products are vulnerable to CVE-2021-44228. Please check the FAQ for CVE-2021-44228 for more detail.
After consulting with your internal security team, and the ensure Confluence application is on the allow list of the security scanner.
Restart Confluence
Was this helpful?