I guess I assumed people had thought of this during the OGNL submission fiesta :(
Would it be quick and sufficient to include a parameter filter interceptor to disallow ActionSupport - implemented interface methods? d. --- Tom Schneider <[EMAIL PROTECTED]> wrote: > No because OGNL can access the private Session > variable directly. (I > noticed this behavior when I was fixing a race > condition) It first > tries to call the get<property>(), if that fails, > then it will turn on > reflection accessibility and access the variable > directly. > > On 10/17/07, Jim Cushing <[EMAIL PROTECTED]> wrote: > > I haven't tested this, but is the problem solved > by making your > > getSession() method protected, instead of public? > The SessionAware > > interface only requires a public setSession() > method. If you haven't > > defined a getSession() method, or if it's already > protected, then I > > suggest you file a JIRA ticket > (http://issues.apache.org/struts/), > > perhaps with some sample code. > > > > On Oct 17, 2007, at 9:12 AM, Hisato Killing wrote: > > > > > Hello. > > > > > > I'm sorry. Information that I had sent seems to > have been > > > insufficient. > > > > > > 1.This problem is caused in struts 2.0.9 and > others perhaps. > > > > > > In that case, it is assumed that it is as > follows. > > > i. SomeAction is implements SessionAware. > > > ii. And It is defined in struts-default. > > > iii. devMode is true or false. > > > > > > ["someValue"] of the name of "someKey" enters in > SessionMap when the > > > request shown in that URL is processed. > > > It is meant that ["someValue"] is an array > including "someValue". > > > This causes ClassCastException in case of > almost. > > > > > > [EMAIL PROTECTED] > > > It is thought that this only has to be my > mistake ,setting etc. > > > > > > Thanks > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
