from:"Philippe Eymann \(Commented\) \(JIRA\)"

[jira] [Commented] (OGNL-47) Unable to use Struts 2.3.1.2 application with OGNL 3.0.4 by enabling security manager

2012-01-31 Thread Philippe Eymann (Commented) (JIRA)


[ 
https://issues.apache.org/jira/browse/OGNL-47?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13196803#comment-13196803
 ] 

Philippe Eymann commented on OGNL-47:
-

I think the problem comes from the getPermission(Method method) method in the 
OGNLRuntime class.
See comments in the code extract below :

{code:title=getPermission() method|borderStyle=solid}
public static Permission getPermission(Method method)
{
// #1 : result setup as null
Permission result = null;
Class mc = method.getDeclaringClass();

Map permissions = (Map) _invokePermissionCache.get(mc);
// #2 If permissions object is not null, then result is always null, 
see #3 below
if (permissions == null) { // start-if permissions == null
synchronized (_invokePermissionCache) {
permissions = (Map) _invokePermissionCache.get(mc);

if (permissions == null) {
_invokePermissionCache.put(mc, permissions = new 
HashMap(101));
}
// #3 This bloc is never called if permissions is not null
if ((result = (Permission) permissions.get(method.getName())) 
== null) {
result = new OgnlInvokePermission(invoke. + mc.getName() 
+ . + method.getName());
permissions.put(method.getName(), result);
}
}   
} // end-if permissions = null
return result;
}
{code}
One way to solve this would be to code the following :
{code}
public static Permission getPermission(Method method)
{
Permission result = null;
Class mc = method.getDeclaringClass();

Map permissions = (Map) _invokePermissionCache.get(mc);
if (permissions == null) {
synchronized (_invokePermissionCache) {
permissions = (Map) _invokePermissionCache.get(mc);

if (permissions == null) {
_invokePermissionCache.put(mc, permissions = new 
HashMap(101));
}
}
}
synchronized (permissions) {
if ((result = (Permission) permissions.get(method.getName())) == 
null) {
result = new OgnlInvokePermission(invoke. + mc.getName() + 
. + method.getName());
permissions.put(method.getName(), result);
}
} 
return result;
}
{code}

Hope it helps.

Philippe

 Unable to use Struts 2.3.1.2 application with OGNL 3.0.4 by enabling security 
 manager 
 --

 Key: OGNL-47
 URL: https://issues.apache.org/jira/browse/OGNL-47
 Project: Commons OGNL
  Issue Type: Bug
Reporter: kesava
Priority: Blocker

 Unable to use Struts 2.3.1.2 application with OGNL 3.0.4 by enabling security 
 manager 
 Steps to reproduce
 1.Enable security manager
 2.Load the app
 {noformat}
 Caught an Ognl exception while getting property serviceProviders - Class: 
 ognl.ObjectPropertyAccessor
 File: ObjectPropertyAccessor.java
 Method: getPossibleProperty
 Line: 69 - ognl/ObjectPropertyAccessor.java:69:-1
   at 
 com.opensymphony.xwork2.ognl.accessor.CompoundRootAccessor.getProperty(CompoundRootAccessor.java:142)
   at ognl.OgnlRuntime.getProperty(OgnlRuntime.java:2303)
   at ognl.ASTProperty.getValueBody(ASTProperty.java:114)
   at ognl.SimpleNode.evaluateGetValueBody(SimpleNode.java:212)
   at ognl.SimpleNode.getValue(SimpleNode.java:258)
   at ognl.Ognl.getValue(Ognl.java:494)
   at ognl.Ognl.getValue(Ognl.java:458)
   at com.opensymphony.xwork2.ognl.OgnlUtil.getValue(OgnlUtil.java:213)
   at 
 com.opensymphony.xwork2.ognl.OgnlValueStack.getValueUsingOgnl(OgnlValueStack.java:277)
   at 
 com.opensymphony.xwork2.ognl.OgnlValueStack.tryFindValue(OgnlValueStack.java:260)
   at 
 com.opensymphony.xwork2.ognl.OgnlValueStack.tryFindValueWhenExpressionIsNotNull(OgnlValueStack.java:242)
   at 
 com.opensymphony.xwork2.ognl.OgnlValueStack.findValue(OgnlValueStack.java:222)
   at 
 com.opensymphony.xwork2.ognl.OgnlValueStack.findValue(OgnlValueStack.java:284)
   at 
 org.apache.struts2.views.velocity.StrutsVelocityContext.internalGet(StrutsVelocityContext.java:91)
   at 
 org.apache.velocity.context.AbstractContext.get(AbstractContext.java:193)
   at 
 org.apache.velocity.context.InternalContextAdapterImpl.get(InternalContextAdapterImpl.java:286)
   at 
 org.apache.velocity.runtime.parser.node.ASTReference.getVariableValue(ASTReference.java:843)
   at 
 org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:222)
   at 
 org.apache.velocity.runtime.parser.node.ASTReference.value(ASTReference.java:507)
   at

[jira] [Commented] (OGNL-47) Unable to use Struts 2.3.1.2 application with OGNL 3.0.4 by enabling security manager

2012-01-31 Thread Philippe Eymann (Commented) (JIRA)


[ 
https://issues.apache.org/jira/browse/OGNL-47?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13196872#comment-13196872
 ] 

Philippe Eymann commented on OGNL-47:
-

Hi Maurizio,

I think that this issue is mainly related to a problem with Struts 2.3.1, and 
the official OGNL release which is bundled with this version of Struts is the 
3.0.4, see [this link on the Stuts official 
page|http://newverhost.com/pub//struts/library/struts-2.3.1.2-lib.zip].
Is there any more recent released version of the OGNL jar which contains the 
current (SVN trunk) OgnlRuntime class ? I didn't find any download link on the 
Apache site.
Regards,

Philippe

 Unable to use Struts 2.3.1.2 application with OGNL 3.0.4 by enabling security 
 manager 
 --

 Key: OGNL-47
 URL: https://issues.apache.org/jira/browse/OGNL-47
 Project: Commons OGNL
  Issue Type: Bug
Reporter: kesava
Priority: Blocker

 Unable to use Struts 2.3.1.2 application with OGNL 3.0.4 by enabling security 
 manager 
 Steps to reproduce
 1.Enable security manager
 2.Load the app
 {noformat}
 Caught an Ognl exception while getting property serviceProviders - Class: 
 ognl.ObjectPropertyAccessor
 File: ObjectPropertyAccessor.java
 Method: getPossibleProperty
 Line: 69 - ognl/ObjectPropertyAccessor.java:69:-1
   at 
 com.opensymphony.xwork2.ognl.accessor.CompoundRootAccessor.getProperty(CompoundRootAccessor.java:142)
   at ognl.OgnlRuntime.getProperty(OgnlRuntime.java:2303)
   at ognl.ASTProperty.getValueBody(ASTProperty.java:114)
   at ognl.SimpleNode.evaluateGetValueBody(SimpleNode.java:212)
   at ognl.SimpleNode.getValue(SimpleNode.java:258)
   at ognl.Ognl.getValue(Ognl.java:494)
   at ognl.Ognl.getValue(Ognl.java:458)
   at com.opensymphony.xwork2.ognl.OgnlUtil.getValue(OgnlUtil.java:213)
   at 
 com.opensymphony.xwork2.ognl.OgnlValueStack.getValueUsingOgnl(OgnlValueStack.java:277)
   at 
 com.opensymphony.xwork2.ognl.OgnlValueStack.tryFindValue(OgnlValueStack.java:260)
   at 
 com.opensymphony.xwork2.ognl.OgnlValueStack.tryFindValueWhenExpressionIsNotNull(OgnlValueStack.java:242)
   at 
 com.opensymphony.xwork2.ognl.OgnlValueStack.findValue(OgnlValueStack.java:222)
   at 
 com.opensymphony.xwork2.ognl.OgnlValueStack.findValue(OgnlValueStack.java:284)
   at 
 org.apache.struts2.views.velocity.StrutsVelocityContext.internalGet(StrutsVelocityContext.java:91)
   at 
 org.apache.velocity.context.AbstractContext.get(AbstractContext.java:193)
   at 
 org.apache.velocity.context.InternalContextAdapterImpl.get(InternalContextAdapterImpl.java:286)
   at 
 org.apache.velocity.runtime.parser.node.ASTReference.getVariableValue(ASTReference.java:843)
   at 
 org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:222)
   at 
 org.apache.velocity.runtime.parser.node.ASTReference.value(ASTReference.java:507)
   at 
 org.apache.velocity.runtime.parser.node.ASTExpression.value(ASTExpression.java:71)
   at 
 org.apache.velocity.runtime.parser.node.ASTSetDirective.render(ASTSetDirective.java:142)
   at 
 org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:336)
   at org.apache.velocity.runtime.directive.Parse.render(Parse.java:263)
   at 
 org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:175)
   at 
 org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:336)
   at org.apache.velocity.runtime.directive.Parse.render(Parse.java:263)
   at 
 org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:175)
   at 
 org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:336)
   at org.apache.velocity.Template.merge(Template.java:328)
   at org.apache.velocity.Template.merge(Template.java:235)
   at 
 org.apache.struts2.dispatcher.VelocityResult.doExecute(VelocityResult.java:156)
   at 
 org.apache.struts2.dispatcher.StrutsResultSupport.execute(StrutsResultSupport.java:186)
   at 
 com.opensymphony.xwork2.DefaultActionInvocation.executeResult(DefaultActionInvocation.java:374)
   at 
 com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:278)
   at 
 com.sony.sce.producttool.web.CacheFlushFilterInterceptor$2.call(CacheFlushFilterInterceptor.java:69)
   at 
 com.sony.sce.producttool.web.CacheFlushFilterInterceptor$2.call(CacheFlushFilterInterceptor.java:1)
   at 
 com.sony.sce.producttool.web.CacheFlushFilterInterceptor.callWithHandling(CacheFlushFilterInterceptor.java:79)
   at 
 com.sony.sce.producttool.web.CacheFlushFilterInterceptor.intercept(CacheFlushFilterInterceptor.java:67)
   at

[jira] [Commented] (OGNL-47) Unable to use Struts 2.3.1.2 application with OGNL 3.0.4 by enabling security manager

[jira] [Commented] (OGNL-47) Unable to use Struts 2.3.1.2 application with OGNL 3.0.4 by enabling security manager

2 matches

Site Navigation

Mail list logo

Footer information