czw., 29 maj 2025 o 20:42 Ute Kaiser napisał(a):
>
> Lukasz, thank you for your advice.
> I got rid of almost all by moving logic into the action and passing new flags
> to jsp instead.
>
> e.g.
> Migrating struts1
>
>
> by
>
> raised
> WARN [org.apache.struts2.ognl.SecurityMemberAccess] (def
Lukasz, thank you for your advice.
I got rid of almost all by moving logic into the action and passing new flags
to jsp instead.
e.g.
Migrating struts1
by
raised
WARN [org.apache.struts2.ognl.SecurityMemberAccess] (default task-2) Declaring
class [class java.util.ArrayList] of member type [p
This happens if you use java.util.Locale directly in an expression -
SecurityMemberAccess is only involved if an OGNL expression is used.
Having said that, I wouldn't use any of java.* jakarta.* in OGNL
expressions as this brings a security risk. Moving such logic into
actions is the safest option.
Thank you Lukasz,
Great advice and great documentation.
I guess I need some search machine on the documentation.
I edited struts.xml and added the variable to the Eclipse Wildfly Runtime (Tab
Environment), and it works fine.
Best regards Ute
It is recommended enabling the allowlist capability with
struts.allowlist.enable.
I added my package names to the struts.allowlist.packageNames.
But I get these warnings (leading to further errors)
WARN [org.apache.struts2.ognl.SecurityMemberAccess] (default task-2) Declaring
class [class java.
czw., 29 maj 2025 o 11:22 Ute Kaiser napisał(a):
>
> I face the issue that I have to change my struts.xml any time I want to
> deploy from dev environment to test or production environment.
> Either struts.devMode value=true or false. This might lead to deploying
> devMode to production by accid
I face the issue that I have to change my struts.xml any time I want to deploy
from dev environment to test or production environment.
Either struts.devMode value=true or false. This might lead to deploying devMode
to production by accident.
Is there an alternative place to set devMode more flexi
7 matches
Mail list logo
