I had an issue with this release, I'm not sure what is causing it nor how to
replicate it, but this is the stacktrace:
The error is thrown every time I visit that path WITHOUT a valid session when I
login the error stops happening. My use-case is that I save the application
logo at DB and show it everywhere by printing bytes directly to the response, I
do that from inside a struts2 action.
```
javax.servlet.ServletException: La ejecución del Filtro lanzó una excepción
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:185)
~[catalina.jar:9.0.78]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
~[catalina.jar:9.0.78]
at Framework.Config.SecurityFilter.doFilter(SecurityFilter.java:88)
~[classes/:?]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
~[catalina.jar:9.0.78]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
~[catalina.jar:9.0.78]
at
org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter.doFilterInternal(OpenEntityManagerInViewFilter.java:186)
~[spring-orm-5.3.39.jar:5.3.39]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
~[spring-web-5.3.39.jar:5.3.39]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
~[catalina.jar:9.0.78]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
~[catalina.jar:9.0.78]
at Framework.Config.LogFilter.doFilter(LogFilter.java:44) [classes/:?]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[catalina.jar:9.0.78]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[catalina.jar:9.0.78]
at Framework.Config.LoginFilter.doFilter(LoginFilter.java:62)
[classes/:?]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[catalina.jar:9.0.78]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[catalina.jar:9.0.78]
at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
[spring-web-5.3.39.jar:5.3.39]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
[spring-web-5.3.39.jar:5.3.39]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[catalina.jar:9.0.78]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[catalina.jar:9.0.78]
at
org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:70)
[log4j-web-2.24.1.jar:2.24.1]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[catalina.jar:9.0.78]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[catalina.jar:9.0.78]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:352)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:117)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:126)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:120)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:131)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:85)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter.doFilterInternal(OAuth2AuthorizationCodeGrantFilter.java:183)
[spring-security-oauth2-client-5.8.15.jar:5.8.15]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
[spring-web-5.3.39.jar:5.3.39]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:100)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:164)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:227)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:221)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:227)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:221)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter.doFilterInternal(OAuth2AuthorizationRequestRedirectFilter.java:187)
[spring-security-oauth2-client-5.8.15.jar:5.8.15]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
[spring-web-5.3.39.jar:5.3.39]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter.doFilterInternal(OAuth2AuthorizationRequestRedirectFilter.java:187)
[spring-security-oauth2-client-5.8.15.jar:5.8.15]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
[spring-web-5.3.39.jar:5.3.39]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:107)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:93)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
[spring-web-5.3.39.jar:5.3.39]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:117)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
mx.bnext.qms.security.LicencingFilter.doFilter(LicencingFilter.java:69)
[classes/:?]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:62)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
[spring-web-5.3.39.jar:5.3.39]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117)
[spring-web-5.3.39.jar:5.3.39]
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:361)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:225)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:190)
[spring-security-web-5.8.15.jar:5.8.15]
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354)
[spring-web-5.3.39.jar:5.3.39]
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267)
[spring-web-5.3.39.jar:5.3.39]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[catalina.jar:9.0.78]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[catalina.jar:9.0.78]
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167)
[catalina.jar:9.0.78]
at
org.apache.catalina.core.StandardContextValve.__invoke(StandardContextValve.java:90)
[catalina.jar:9.0.78]
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:41002)
[catalina.jar:9.0.78]
at
org.apache.catalina.valves.rewrite.RewriteValve.invoke(RewriteValve.java:545)
[catalina.jar:9.0.78]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:596)
[catalina.jar:9.0.78]
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:130)
[catalina.jar:9.0.78]
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
[catalina.jar:9.0.78]
at
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:673)
[catalina.jar:9.0.78]
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
[catalina.jar:9.0.78]
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
[catalina.jar:9.0.78]
at
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:390)
[tomcat-coyote.jar:9.0.78]
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
[tomcat-coyote.jar:9.0.78]
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:926)
[tomcat-coyote.jar:9.0.78]
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1791)
[tomcat-coyote.jar:9.0.78]
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
[tomcat-coyote.jar:9.0.78]
at
org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
[tomcat-util.jar:9.0.78]
at
org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
[tomcat-util.jar:9.0.78]
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
[tomcat-util.jar:9.0.78]
at java.base/java.lang.Thread.run(Thread.java:833) [?:?]
Caused by: java.lang.IllegalAccessError: class
com.opensymphony.xwork2.config.ConfigurationManager tried to access protected
method 'void org.apache.struts2.ActionContext.<init>(java.util.Map)'
(com.opensymphony.xwork2.config.ConfigurationManager and
org.apache.struts2.ActionContext are in unnamed module of loader
org.apache.catalina.loader.ParallelWebappClassLoader @6db4f643)
at
com.opensymphony.xwork2.config.ConfigurationManager.conditionalReload(ConfigurationManager.java:42011)
~[struts2-core-6.7.0.jar:6.7.0]
at
com.opensymphony.xwork2.config.ConfigurationManager.getConfiguration(ConfigurationManager.java:62)
~[struts2-core-6.7.0.jar:6.7.0]
at
org.apache.struts2.dispatcher.Dispatcher.getContainer(Dispatcher.java:1160)
~[struts2-core-6.7.0.jar:6.7.0]
at org.apache.struts2.dispatcher.Dispatcher.prepare(Dispatcher.java:956)
~[struts2-core-6.7.0.jar:6.7.0]
at
org.apache.struts2.dispatcher.PrepareOperations.setEncodingAndLocale(PrepareOperations.java:124)
~[struts2-core-6.7.0.jar:6.7.0]
at
org.apache.struts2.dispatcher.filter.StrutsPrepareAndExecuteFilter.handleRequest(StrutsPrepareAndExecuteFilter.java:151)
~[struts2-core-6.7.0.jar:6.7.0]
at
org.apache.struts2.dispatcher.filter.StrutsPrepareAndExecuteFilter.tryHandleRequest(StrutsPrepareAndExecuteFilter.java:146)
~[struts2-core-6.7.0.jar:6.7.0]
at
org.apache.struts2.dispatcher.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:134)
~[struts2-core-6.7.0.jar:6.7.0]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
~[catalina.jar:9.0.78]
... 95 more
```
My request:
```
Request Received at 2024-11-22 19:13:41.84
characterEncoding = UTF-8
contentLength = -1
contentType = null
locale = es_MX
locales = es_MX , es , en , en_US , es_ES , gl , la , ca
protocol = HTTP/1.1
remoteAddr = 0:0:0:0:0:0:0:1
remoteHost = 0:0:0:0:0:0:0:1
scheme = http
serverName = localhost
serverPort = 7002
isSecure = false
---------------------------------------------
contextPath = /app
cookie = build-version = 3.1.183.0_-
cookie = JSESSIONID = 06060606060606060606060606
header = 'host' = 'localhost:1616'
header = 'connection' = 'keep-alive'
header = 'sec-ch-ua-platform' = '"Windows"'
header = 'user-agent' = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36'
header = 'sec-ch-ua' = '"Google Chrome";v="131",
"Chromium";v="131", "Not_A Brand";v="24"'
header = 'sec-ch-ua-mobile' = '?0'
header = 'accept' =
'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8'
header = 'sec-fetch-site' = 'same-origin'
header = 'sec-fetch-mode' = 'no-cors'
header = 'sec-fetch-dest' = 'image'
header = 'referer' =
'http://localhost:1616/app/qms/es?ngsw-bypass=1'
header = 'accept-encoding' = 'gzip, deflate, br, zstd'
header = 'accept-language' =
'es-MX,es;q=0.9,en;q=0.8,en-US;q=0.7,es-ES;q=0.6,gl;q=0.5,la;q=0.4,ca;q=0.3'
header = 'cookie' = 'build-version=3.1.183.0_-;
JSESSIONID=0624FD610F2E1581DE0DE388284BBA59'
method = GET
pathInfo = null
queryString = null
remoteUser = null
requestedSessionId = 06060606060606060606060606
requestURI = /app/view/v-application-logo.view
servletPath = /view/v-application-logo.view
```
On 2024/11/17 16:06:41 Lukasz Lenart wrote:
> Hello,
>
> This is a minor release of Struts 6.x series mostly because of
> depreciating a lot of classes.
> Please take the time and test the bits - any help is appreciated.
> Please report any problems you will spot.
>
> Here are the changes from the previous version:
> https://github.com/apache/struts/releases/tag/STRUTS_6_7_0
>
> Staging Maven repo
> https://repository.apache.org/content/groups/staging/
>
> Standalone artifacts
> https://dist.apache.org/repos/dist/dev/struts/6.7.0/
>
> Release notes
> https://cwiki.apache.org/confluence/display/WW/Version+Notes+6.7.0
>
>
> Kind regards
> --
> Łukasz
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org
> For additional commands, e-mail: dev-h...@struts.apache.org
>
>
The information transmitted is intended only for the person or entity to which
it is addressed and may contain confidential and/or privileged material. Any
review, retransmission, dissemination or other use of, or taking of any action
in reliance upon, this information by persons or entities other than the
intended recipient is prohibited. If you received this in error, please contact
the sender and delete the material from any computer.
La información transmitida está destinada únicamente a la persona o entidad a
quien que va dirigida y puede contener información confidencial y/o material
privilegiado. Cualquier revisión, retransmisión, difusión u otros usos, o
cualquier acción tomada por personas o entidades distintas al destinatario
basándose en esta información está prohibida. Si usted recibe este mensaje por
error, por favor contacte al remitente y elimine el material de cualquier
computadora.
