java - struts2 2.3.20 ognl allowStaticMethodAccess -

-

i updated project struts2 version 2.3.20 . cases in jsps uses static method access not work.

ie.

<s:set var="linkescaped"  value="@org.apache.commons.lang.stringescapeutils@escapehtml(#attr.myobject.link)" />

i have set in struts.properties -> 

struts.ognl.allowstaticmethodaccess=true

and tried in struts.xml -> 

<constant name="struts.ognl.allowstaticmethodaccess" value="true"/>

with no success. know has changed , need enable them again?

update

lukasz lenart commented:

to clear, in context of 2.3.20 it's bug , temporally fixed, see issues.apache.org/jira/browse/ww-4429 2.5 access static methods dropped.

---

allowing static method access never preferred way of doing things , in 2.3.20 won't work if struts.ognl.allowstaticmethodaccess set true.

from wiki:

accessing static methods

in case still use static methods in expressions (setting struts.ognl.allowstaticmethodaccess true) please aware won't work anymore internal security mechanism consider access java.lang.class on excluded list of classes (see above). temporary solution copy above struts.xml , remove java.lang.class excluded classes.

support accessing static methods expression disabled soon, please consider re-factoring application avoid further problems! please check ww-4348.

also ww-4429.


Comments

Post a Comment

Popular posts from this blog

java - Unable to make sub reports with Jasper -

-
i using jaspersoft studio create reports. having sub report in jasper main report. problem unable make work, because if add sub report detail band of main report, sub report generated number of times, row row, entire sub report repeated in number of pages. can't put in summery band due same reason. i unable put in column footer band or other footers because displays below error net.sf.jasperreports.engine.jrexception: net.sf.jasperreports.engine.jrruntimeexception: subreport overflowed on band not support overflow. @ com.jaspersoft.studio.editor.preview.view.control.reportcontroler.fillreport(reportcontroler.java:467) @ com.jaspersoft.studio.editor.preview.view.control.reportcontroler.access$18(reportcontroler.java:442) @ com.jaspersoft.studio.editor.preview.view.control.reportcontroler$4.run(reportcontroler.java:334) @ org.eclipse.core.internal.jobs.worker.run(worker.java:54) caused by: net.sf.jasperreports.engine.jrruntimeexception: subreport overflowe...
Read more

sql - The object name contains more than the maximum number of prefixes. The maximum is 2 -

-
i facing similar issue many others error message "the object name contains more maximum number of prefixes. maximum 2." my scenario is, create procedure dbo.[usp_procedure] begin declare @loadtime datetme2(7) set @loadtime = (select loadtime [linkedservername].[databasename].[schemaname].[tablename] tablename = 'xxxxxx') insert [currentserver].[schemaname].[tablename] select column1, column2, .... tablename join tablename1 on .... ... ... end the table containing loadtime present in linked server/database , important value utilized further in clause of procedure via @loadtime . query select loadtime .... works fine when try on present server individually. when run part of procedure, procedure fails above mentioned error. linked server connection set , working fine. , procedure needs run on present server, removes scope of creating procedure on linked server. hope scenario articulate. replies welcome. in advance. the line : insert [currentser...
Read more

Java Web Service Soap fault exception client -

-
i trying web service client in java using eclipse , error: exception in thread "main" javax.xml.ws.soap.soapfaultexception: message part not recognized. (does exist in service wsdl?) @ org.apache.cxf.jaxws.jaxwsclientproxy.invoke(jaxwsclientproxy.java:158) @ com.sun.proxy.$proxy26.req(unknown source) @ com.caller.main(caller.java:31) caused by: org.apache.cxf.binding.soap.soapfault: message part not recognized. (does exist in service wsdl?) @ org.apache.cxf.binding.soap.interceptor.soap11faultininterceptor.unmarshalfault(soap11faultininterceptor.java:84) @ org.apache.cxf.binding.soap.interceptor.soap11faultininterceptor.handlemessage(soap11faultininterceptor.java:51) @ org.apache.cxf.binding.soap.interceptor.soap11faultininterceptor.handlemessage(soap11faultininterceptor.java:40) @ org.apache.cxf.phase.phaseinterceptorchain.dointercept(phaseinterceptorchain.java:272) @ org.apache.cxf.interceptor.abstractfaultchaininitiatorobserver.onm...
Read more