[
https://issues.apache.org/jira/browse/OGNL-255?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15245258#comment-15245258
]
Cornelius Mund commented on OGNL-255:
-------------------------------------
I actually did see this FAQ post before, but figured there might be a better
solution.
If there isn't, would it be an option to add this to a OGNL FAQ and talk about
the ramifications of setting SecurityManager to null.
Regarding OGNL I couldn't find any info about that anywhere.
> Reflection issue with google app engine and OGNL 3.1.2
> ------------------------------------------------------
>
> Key: OGNL-255
> URL: https://issues.apache.org/jira/browse/OGNL-255
> Project: Commons OGNL
> Issue Type: Bug
> Affects Versions: 3.1.2
> Environment: Google App Engine (or Google App Engine Dev Server)
> Reporter: Cornelius Mund
>
> When accessing a function directly from a thymeleaf template via ognl a
> IllegalAccessException is thrown even though the function is public.
> I've put together a sample application so you can reproduce the error:
> https://github.com/cornim/TLBugExample.git
> Please also note the following:
> If the function is accessed via the property (i.e. ${item.name} instead of
> ${item.getName()}) no exception is thrown.
> Also, if one sets OgnlRuntime.setSecurityManager(null); (see
> CtxListener.java) direct function access via ognl starts working, but that
> doesn't seem to be a sensible solution.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
