[
https://issues.apache.org/jira/browse/OGNL-255?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15245146#comment-15245146
]
Lukasz Lenart commented on OGNL-255:
------------------------------------
I think setting {{OgnlRuntime.setSecurityManager(null)}} is the only proper
solution, read this https://struts.apache.org/docs/google-app-engine-gae.html
> Reflection issue with google app engine and OGNL 3.1.2
> ------------------------------------------------------
>
> Key: OGNL-255
> URL: https://issues.apache.org/jira/browse/OGNL-255
> Project: Commons OGNL
> Issue Type: Bug
> Affects Versions: 3.1.2
> Environment: Google App Engine (or Google App Engine Dev Server)
> Reporter: Cornelius Mund
>
> When accessing a function directly from a thymeleaf template via ognl a
> IllegalAccessException is thrown even though the function is public.
> I've put together a sample application so you can reproduce the error:
> https://github.com/cornim/TLBugExample.git
> Please also note the following:
> If the function is accessed via the property (i.e. ${item.name} instead of
> ${item.getName()}) no exception is thrown.
> Also, if one sets OgnlRuntime.setSecurityManager(null); (see
> CtxListener.java) direct function access via ognl starts working, but that
> doesn't seem to be a sensible solution.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
