Re: Help : Disable Strict Method Invocation for struts 2 rest plugin

[DevaGerald]

Yes i have configured rest plugin for that



--
Sent from: http://struts.1045723.n5.nabble.com/Struts-User-f3426046.html

-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

REMINDER - TAC Applications closes in 2 weeks for ACNA Montréal

[Rene Gielen]

Reminder that travel assistance applications for ApacheCon NA 2018 are
still open but only for another*2 weeks*!
Please get your applications in NOW.

We will be supporting ApacheCon NA Montréal, Canada on 24th - 29th
September 2018

 TAC exists to help those that would like to attend ApacheCon events,
but are unable to do so for financial reasons. 
For more info on this years applications and qualifying criteria, please
visit the TAC website at < http://www.apache.org/travel/ >. Applications
are now open and will close 1st May. 

*Important*: Applications close on May 1st, 2018. Applicants have until
the closing date above to submit their applications (which should
contain as much supporting material as required to efficiently and
accurately process their request), this will enable TAC to announce
successful awards shortly afterwards. 

As usual, TAC expects to deal with a range of applications from a
diverse range of backgrounds. We therefore encourage (as always) anyone
thinking about sending in an application to do so ASAP.   
We look forward to greeting many of you in Montreal

Kind Regards, 
Gavin - (On behalf of the Travel Assistance Committee)


-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: Help : Disable Strict Method Invocation for struts 2 rest plugin

[Lukasz Lenart]

2018-04-18 9:15 GMT+02:00 DevaGerald :
> Yes i have configured rest plugin for that

Ach... so we must fix allowed-methods to include those REST methods,
could you fill a ticket?


Regards
-- 
Łukasz
+ 48 606 323 122 http://www.lenart.org.pl/

-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: [S2] ExecuteAndWait Interceptor // Only re-submit token parameters on refresh?

[Martin Gainty]

MG2>some confusion on where session is accessed


From: Yasser Zamani  on behalf of Yasser Zamani 

Sent: Wednesday, April 18, 2018 2:57 AM
To: user@struts.apache.org
Subject: Re: [S2] ExecuteAndWait Interceptor // Only re-submit token parameters 
on refresh?



On 4/18/2018 1:21 AM, Martin Gainty wrote:
> MG>AFAIK a redirect terminates the old session and creates a new session

I think redirect to same domain:ip in same browser tab page should keep
session.

MG2>2 alternatives: build out HTTPGet with ¶ms

 * Calls the {@link HttpServletResponse#sendRedirect(String) sendRedirect}
 * method to the location specified. The response is told to redirect the
 * browser to the specified location (a new request from the client). The
 * consequence of doing this means that the action (action instance, action
 * errors, field errors, etc) that was just executed is lost and no longer
 * available. This is because actions are built on a single-thread model. The
 * only way to pass data is through the session
MG2>with chain interceptor

 * or with web parameters

 * (url?name=value) which can be OGNL expressions.
MG2>essentially a HTTP Get with params. here is example:
* 
 * 
 * 
 *   foo.jsp
 *   false
 *   FRAGMENT
 * 
 * 
MG2>

MG2>Here is code that *should access session params* to pass to new 
finalLocation (but session is not accessed?)
/**
 * Redirects to the location specified by calling
 * {@link HttpServletResponse#sendRedirect(String)}.
 *
 * @param finalLocation the location to redirect to.
 * @param invocation an encapsulation of the action execution state.
 * @throws Exception if an error occurs when redirecting.
 */
protected void doExecute(String finalLocation, ActionInvocation invocation) 
throws Exception {
ActionContext ctx = invocation.getInvocationContext();
HttpServletRequest request = (HttpServletRequest) 
ctx.get(ServletActionContext.HTTP_REQUEST);
HttpServletResponse response = (HttpServletResponse) 
ctx.get(ServletActionContext.HTTP_RESPONSE);

if (isPathUrl(finalLocation)) {
if (!finalLocation.startsWith("/")) {
ActionMapping mapping = actionMapper.getMapping(request, 
Dispatcher.getInstance().getConfigurationManager());
String namespace = null;
if (mapping != null) {
namespace = mapping.getNamespace();
}

if ((namespace != null) && (namespace.length() > 0) && 
(!"/".equals(namespace))) {
finalLocation = namespace + "/" + finalLocation;
} else {
finalLocation = "/" + finalLocation;
}
}

// if the URL's are relative to the servlet context, append 
(prepend) the servlet context path to finalLocation
if (prependServletContext && (request.getContextPath() != null) && 
(request.getContextPath().length() > 0)) {
finalLocation = request.getContextPath() + finalLocation;
}

MG2>
//where the session *should* be accessed
// public Map getResults()
//i see ResultConfig here but no reference to session?
//where in ResultConfig The Builder class I see
 /**
 * The builder for this object.  An instance of this object is the only way 
to construct a new instance.  The
 * purpose is to enforce the immutability of the object.
 * The methods are structured in a way to support chaining.
 * After setting any values you need, call the {@link #build()} method to 
create the object.
 */

MG2>

ResultConfig resultConfig = 
invocation.getProxy().getConfig().getResults().get(invocation.getResultCode());

if (resultConfig != null) {
Map resultConfigParams = 
resultConfig.getParams();

List prohibitedResultParams = 
getProhibitedResultParams();
for (Map.Entry e : 
resultConfigParams.entrySet()) {
if (!prohibitedResultParams.contains(e.getKey())) {
Collection values = 
conditionalParseCollection(e.getValue(), invocation, suppressEmptyParameters);
if (!suppressEmptyParameters || !values.isEmpty()) {
requestParameters.put(e.getKey(), values);
}
}
}
}

StringBuilder tmpLocation = new StringBuilder(finalLocation);
urlHelper.buildParametersString(requestParameters, tmpLocation, 
"&");

// add the anchor
if (anchor != null) {
tmpLocation.append('#').append(anchor);
}

finalLocation = response.encodeRedirectURL(tmpLocation.toSt

Re: Help : Disable Strict Method Invocation for struts 2 rest plugin

[DevaGerald]

Sorry if I am so dumb. Where should i file the ticket?



--
Sent from: http://struts.1045723.n5.nabble.com/Struts-User-f3426046.html

-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: Help : Disable Strict Method Invocation for struts 2 rest plugin

[Lukasz Lenart]

Here https://issues.apache.org/jira/projects/WW/issues

2018-04-18 15:04 GMT+02:00 DevaGerald :
> Sorry if I am so dumb. Where should i file the ticket?
>
>
>
> --
> Sent from: http://struts.1045723.n5.nabble.com/Struts-User-f3426046.html
>
> -
> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
> For additional commands, e-mail: user-h...@struts.apache.org
>

-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: [S2] ExecuteAndWait Interceptor // Only re-submit token parameters on refresh?

[Yasser Zamani]

On 4/18/2018 5:27 PM, Martin Gainty wrote:
> MG2>some confusion on where session is accessed
>  * available. This is because actions are built on a single-thread model. The
>  * only way to pass data is through the session
> MG2>with chain interceptor

No it didn't mean "with chain interceptor" that you have added. It meant
the action1.execute (i.e. the Struts user him/herself) can store data in
session and can then retrieve them inside action2.execute after
redirect. It didn't mean Strut's RedirectAction result does these itself
i.e. access, read and pass all session data.

> MG2>Here is code that *should access session params* to pass to new 
> finalLocation (but session is not accessed?)

As mentioned above, we didn't mean RedirectAction result access, read
and pass all session data. The Struts user him/herself should store them
in action1.execute then redirect then access and read them in
action2.execute.

> MG2>
> //where the session *should* be accessed
> // public Map getResults()
> //i see ResultConfig here but no reference to session?

(Same as above)

> MG2>i found a testcase for redirect
> MG2>in this case a HTTPGet with appended params..but no session vars?

(Same as above)

> MG2>am i reading the code incorrectly?

No you're right that there is no session access but as mentioned above,
it's OK. There is no need to pass session data. They're always available
at server side.

Regards.

-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org

Re: Struts2 login action class seems to be reused

[Prasanth Pasala]

Below is the stack trace for setting of username. So struts2 has set the 
username, but that name doesn't exist in the request object.

Struts Data: Username: jsmith Action: Login
Request Data: Username: null Action: null

java.lang.Thread.getStackTrace(Thread.java:1559)
 com.x.webaccess.LoginAction.setUsername(LoginAction.java:273)
 sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 java.lang.reflect.Method.invoke(Method.java:498)
 ognl.OgnlRuntime.invokeMethod(OgnlRuntime.java:897)
 ognl.OgnlRuntime.callAppropriateMethod(OgnlRuntime.java:1299)
 ognl.OgnlRuntime.setMethodValue(OgnlRuntime.java:1508)
 ognl.ObjectPropertyAccessor.setPossibleProperty(ObjectPropertyAccessor.java:85)
 ognl.ObjectPropertyAccessor.setProperty(ObjectPropertyAccessor.java:162)
 
com.opensymphony.xwork2.ognl.accessor.ObjectAccessor.setProperty(ObjectAccessor.java:27)
 ognl.OgnlRuntime.setProperty(OgnlRuntime.java:2437)
 ognl.ASTProperty.setValueBody(ASTProperty.java:127)
 ognl.SimpleNode.evaluateSetValueBody(SimpleNode.java:220)
 ognl.SimpleNode.setValue(SimpleNode.java:301)
 ognl.Ognl.setValue(Ognl.java:713)
 com.opensymphony.xwork2.ognl.OgnlUtil$6.execute(OgnlUtil.java:504)
 com.opensymphony.xwork2.ognl.OgnlUtil$6.execute(OgnlUtil.java:501)
 com.opensymphony.xwork2.ognl.OgnlUtil.compileAndExecute(OgnlUtil.java:393)
 com.opensymphony.xwork2.ognl.OgnlUtil.copy(OgnlUtil.java:501)
 
com.opensymphony.xwork2.ognl.OgnlReflectionProvider.copy(OgnlReflectionProvider.java:73)
 
com.opensymphony.xwork2.interceptor.ChainingInterceptor.copyStack(ChainingInterceptor.java:153)
 
com.opensymphony.xwork2.interceptor.ChainingInterceptor.intercept(ChainingInterceptor.java:143)
 
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245)
 
com.opensymphony.xwork2.interceptor.PrepareInterceptor.doIntercept(PrepareInterceptor.java:171)
 
com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98)
 
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245)
 
com.opensymphony.xwork2.interceptor.I18nInterceptor.intercept(I18nInterceptor.java:140)
 
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245)
 
org.apache.struts2.interceptor.ServletConfigInterceptor.intercept(ServletConfigInterceptor.java:164)
 
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245)
 
com.opensymphony.xwork2.interceptor.AliasInterceptor.intercept(AliasInterceptor.java:193)
 
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245)
 
com.opensymphony.xwork2.interceptor.ExceptionMappingInterceptor.intercept(ExceptionMappingInterceptor.java:189)
 
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245)
 org.apache.struts2.impl.StrutsActionProxy.execute(StrutsActionProxy.java:54)
 org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:575)
 
org.apache.struts2.dispatcher.ng.ExecuteOperations.executeAction(ExecuteOperations.java:81)
 
org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:99)
 io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
 
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
 com.x.webaccess.LoginFilter.doFilter(LoginFilter.java:52)
 io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
 
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
 io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
 
io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
 
io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
 
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
 
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
 
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
 
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:274)
 
io.undertow.servlet.handlers.ServletInitialHandler.dispatchToPath(ServletInitialHandler.java:209)
 
io.undertow.servlet.spec.RequestDispatcherImpl.forwardImpl(RequestDispatcherImpl.java:221)
 
io.undertow.servlet.spec.RequestDispatcherImpl.forwardImplSetup(RequestDispatcherImpl.java:147)
 
io.undertow.servlet.spec.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:111)
 org.apache.jasper.runtime.PageContextImpl.doForward(PageContextImpl.java:722)
 org.apache.jasper.runtime.PageContextImpl.forward(PageContextImpl.java:695)
 org.apache.jsp.index_jsp._jspService(ind