The type java.io.ObjectInputStream cannot be resolved. It is indirectly referenced from required .class files

Something happened in Java 8 Update 91 that broke existing JSP code. That seems pretty clear. Here is a sample of similar questions and bug reports:

• Unable to compile JSP file with JDK1.8.0_92
• Spring MVC - Unable to compile class for JSP
• Unable to access CloudPlatform Client
• https://bugs.openjdk.java.net/browse/JDK-8155588 (closed as "not an issue")
• https://bugs.openjdk.java.net/browse/JDK-8155223 (closed as "not an issue")
• https://access.redhat.com/solutions/2294701
• https://alluxio.atlassian.net/browse/ALLUXIO-1956
• https://jira.atlassian.com/browse/CWD-4729
• https://community.exoplatform.com/portal/intranet/forum/topic/topic991e097d9e45345236bb2bd1920a4c68
• https://issues.apache.org/jira/browse/OOZIE-2533 (from a comment: "This is really looking like a JDK bug")
• https://bugzilla.redhat.com/show_bug.cgi?id=1337940 (comment 2 mentions the change to java.io.ObjectInputStream in Update 91 that "made it incompatible with RHEL6's current ECJ version")
• https://github.com/mit-cml/appinventor-sources/issues/814
• https://community.oracle.com/thread/3953395

All these are about problems with Java 8 Update 91 (or later) that are not present when using earlier JRE/JDK versions.

The following OpenJDK changeset from 22 January 2016 appears to be related: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/32f64c19b5fb (commit message "8144430: Improve JMX connections"). The changeset seems to be related to this vulnerability, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3427, which is mentioned in a comment to this Red Hat bug report, https://bugzilla.redhat.com/show_bug.cgi?id=1336481.

The Update 91 release notes document mentions JDK-8144430 (non-public ticket): http://www.oracle.com/technetwork/java/javase/8u91-relnotes-2949462.html.

In "Oracle Critical Patch Update Advisory - April 2016", the CVE-2016-3427 vulnerability is mentioned: http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html.

You simply need to upgrade your Tomcat version, to Tomcat 8.0.xx. Java8 <-> Tomcat8

This is the configuration that I have been using and it has always worked out well

same problem with me. This is not a solution but a workaround, which worked for me: Buildpath->Configure buildpath->Libraries-> Here remove the JRE system library pointing to JRE8 and add JRE system library for JRE7.

Using the latest 7.x Tomcat (currently 7.0.69) solved the problem for me.

We did also try a workaround in a old eclipse bug, maybe that did it's part to solve the problem, too?

https://bugs.eclipse.org/bugs/show_bug.cgi?id=67414

Workaround:

• Window->Preferences->Java->Installed JREs
• Uncheck selected JRE
• Click OK (this step may be optional?)
• Check JRE again

Workaround:

Window -> Preferences -> Java -> Installed JREs, select a different JRE

maybe this JDK edition is not suitable:

So try this one instead:

Problem solved!

Upgrading to tomcat 7.0.70 resolved the issue for me

Okay, this question was a year ago but I recently got this problem as well.

So what I did :

1. Update tomcat 7 to tomcat 8.
2. Update to the latest java (java 1.8.0_141).
3. Update the JRE System Library in Project > Properties > Java Build Path. Make sure it has the latest version which in my case is jre1.8.0_141 (before it was the previous version jre1.8.0_111)

When I did the first two steps it still doesn't remove the error so the last step is important. It didn't automatically change the build path for jre.

I am using Google appengine java sdk and was facing similar issue. I had to add

<runtime>java8</runtime>

in appengine-web.xml file to make it work.

Reason : Old versions of Tomcat 6 JSP compiler don't seem to be aware of JDK 8 constant pool enhancements - eg. method handles. New code in JDK 8u is using a method handle instead of creating an anonymous class. This will cause the method handle to be listed in the constant pool and the eclipse compiler will choke on this - https://bz.apache.org/bugzilla/show_bug.cgi?id=56613

I was also facing same issue. I had Jdk1.7.0.79. Then I updated it with Jdk8.0.120. Then the problem solved. After successful completion of upgraded jdk. Go to project->clean. It will rebuild the project and all red alert will be eliminated.