Obviously updating to the most recent supported version of Tomcat would be a good idea, if you need to run Jenkins on Tomcat at all (most people use the built-in Jetty server), but that does not change the fact that there appears to be a regression in Jenkins core related to certain Tomcat versions and we would like to correct that regression. Once we either know how to reproduce from scratch, or have access to sufficient field diagnostics, the fix is likely simple.
I did not see anything from turning on logging for ClassFilterImpl and triggering the exception.
Then you did not properly configuring logging. There should be a logger for jenkins.security.ClassFilterImpl registering messages at FINE or above. At some point, probably early in startup (most likely long before you try to reconfigure a user and see the error), there should be a message from the isLocationWhitelisted method about ssh-cli-auth-1.4.jar. When Jenkins is operating normally, this should be saying
… seems to be a Jenkins plugin, OK
followed by a message from isBlacklisted saying
… permitting … due to its location in …
In your case, I suspect there is some other message being logged from isLocationWhitelisted, most likely
… is not recognized; rejecting
where the message is showing a URL which is not in the expected format file://some/path/to/ssh-cli-auth-1.4.jar. At least, that was the root cause of
JENKINS-49147, so I am guessing this one is similar.
BTW it is advisable to install the support-core plugin as that will ensure that all output from custom loggers is captured to log files on disk and included in a ZIP file you can share (in part or in whole). Jenkins core only saves (by default) the last 256 messages from any given logger, so you might miss the critical messages from ClassFilterImpl in scrollback.