Re: New warning message appearing with version 6.3 - SecurityMemberAccess - Access to non-public ... is blocked!
2023-12-18 11:51:43,756 WARN
[com.opensymphony.xwork2.ognl.SecurityMemberAccess] (default task-1075) Access
to non-public [private java.lang.String LoginAction.username] is blocked!
2023-12-18 11:51:43,757 WARN
[com.opensymphony.xwork2.ognl.SecurityMemberAccess] (default task-1075) Access
to non-public [private java.lang.String LoginAction.password] is blocked!
I do see these messages in my log. Should we be looking into our code?
Thanks,
Prasanth
On 12/17/23 9:04 AM, Lukasz Lenart wrote:
sob., 16 gru 2023 o 19:10 Ralph Grove napisał(a):
The setup action declares it this way:
private HashMap statuses;
statuses = User.getStatusMap();
And in the User class it’s created in the get method:
public static HashMap getStatusMap() {
HashMap statusMap = new HashMap<>();
statusMap.put(User.ACTIVE, "Active");
statusMap.put(User.INACTIVE, "Inactive");
return statusMap;
}
Do you use a custom template? Maybe you have your own radiomap.ftl? I
just tested the Showcase app and didn't notice such problems.
Basically you shouldn't notice such warning as it means someone is
trying to access a protected property of your bean
Cheers
Łukasz
-
To unsubscribe, e-mail:user-unsubscr...@struts.apache.org
For additional commands, e-mail:user-h...@struts.apache.org
Re: Jakarta EE9/10
Hi Lukasz, Do you know if the work has started to migrate Struts2 to Jakarta EE? Thanks, Prasanth On 11/1/22 4:05 AM, Lukasz Lenart wrote: pon., 31 paź 2022 o 15:20 Prasanth napisał(a): Thank you Lukasz. Is there a roadmap for Struts 7 or when it might be released? No exact date, there are a few things that need to be done first like moving Tag support into a plugin Regards
Re: Jakarta EE9/10
Thank you Lukasz. Is there a roadmap for Struts 7 or when it might be released? Thanks, Prasanth On 10/30/22 9:04 AM, Lukasz Lenart wrote: pt., 28 paź 2022 o 22:48 Prasanth napisał(a): Hi, Can we use struts 6 in Wildfly 27 (Jakarta EE 10)? With the name space change from javax to jakarta wasn't sure if struts would work in Jakarta EE 9/10. Not yet, but you can use a Tomcat migration tool https://issues.apache.org/jira/browse/WW-5110 Regards
Jakarta EE9/10
Hi, Can we use struts 6 in Wildfly 27 (Jakarta EE 10)? With the name space change from javax to jakarta wasn't sure if struts would work in Jakarta EE 9/10. Thanks, Prasanth
Re: StackOverflowError
I need an id added to the link as a param (coming from prior action), so have used a JSP forward. If I use redirect type and specify the url in the struts.xml itself would I be able to specify the dynamic id provided by prior action? Thanks, Prasanth On 2022-06-21 00:11, Lukasz Lenart wrote: wt., 21 cze 2022 o 04:31 Prasanth napisał(a): Would there be a release based on this? If not what is the best way to include a new swingset jar into Maven build for a project? Yes, I'm working on a fix. And if you cannot use "redirect" result instead of "dispatcher" in such case, you must wait with migration till a patch will be released. Regards - To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
Re: StackOverflowError
Hi,
Would there be a release based on this? If not what is the best way to
include a new swingset jar into Maven build for a project?
Thanks,
Prasanth
On 2022-06-15 04:09, Lukasz Lenart wrote:
Fix is ready
https://github.com/apache/struts/pull/571
śr., 15 cze 2022 o 10:14 Lukasz Lenart
napisał(a):
I have registered an issue [1], it's related to added support for
Async Actions
[1] https://issues.apache.org/jira/browse/WW-5190
Regards
--
Łukasz
wt., 14 cze 2022 o 18:38 Rubens Gomes
napisał(a):
>
> this happens for the result Action.NONE below. If I change "dispatcher" to
"redirect" it works.
>
> @Results( { @Result( name = { Action.INPUT, Action.ERROR },
> location =
"/WEB-INF/content/%{#request.device}/useraccount/register.jsp",
> type = "dispatcher" ),
> @Result( name = Action.NONE,
> location = "/index.do",
> type = "dispatcher" ),
> @Result( name = Action.SUCCESS,
> location = "/secure/addressbook/address-book.do",
> type = "redirect" ) } )
> //@formatter:on
> @Namespace( "/useraccount" )
> @Slf4j
> public class RegisterUserAccountAction extends BaseActionSupport
> implements ServletRequestAware, ServletResponseAware
>
>
> From: Lukasz Lenart
> Sent: Tuesday, June 14, 2022 1:02 AM
> To: Struts Users Mailing List
> Subject: Re: StackOverflowError
>
> Could you share a minimal configuration of this result?
>
> Regards
> Łukasz
>
> wt., 14 cze 2022 o 07:23 Rubens Gomes napisał(a):
> >
> > I am runnning a Spring Boot 2.7.0 (Latest) Tomcat embedded WAR + Spring Security +
Struts 6.0.0 Actions + JSP pages. I started noticing a loop when a Struts2 Action result type
is a "dispatcher" with following repetive stack trace. Then, a stack overflow is
raised.
> >
> > .. repeated several times ..
> > at
org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:637)
~[struts2-core-6.0.0.jar:6.0.0]
> > at
org.apache.struts2.dispatcher.ExecuteOperations.executeAction(ExecuteOperations.java:79)
~[struts2-core-6.0.0.jar:6.0.0]
> > at
org.apache.struts2.dispatcher.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:140)
~[struts2-core-6.0.0.jar:6.0.0]
> > at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
~[tomcat-embed-core-9.0.63.jar:9.0.63]
> > at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
~[tomcat-embed-core-9.0.63.jar:9.0.63]
> > at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:111)
~[spring-web-5.3.20.jar:5.3.20]
> > at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
~[tomcat-embed-core-9.0.63.jar:9.0.63]
> > at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
~[tomcat-embed-core-9.0.63.jar:9.0.63]
> > at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:111)
~[spring-web-5.3.20.jar:5.3.20]
> > at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
~[tomcat-embed-core-9.0.63.jar:9.0.63]
> > at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
~[tomcat-embed-core-9.0.63.jar:9.0.63]
> > at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:111)
~[spring-web-5.3.20.jar:5.3.20]
> > at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
~[tomcat-embed-core-9.0.63.jar:9.0.63]
> > at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
~[tomcat-embed-core-9.0.63.jar:9.0.63]
> > at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:711)
~[tomcat-embed-core-9.0.63.jar:9.0.63]
> > at
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:459)
~[tomcat-embed-core-9.0.63.jar:9.0.63]
> > at
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:385)
~[tomcat-embed-core-9.0.63.jar:9.0.63]
> > at
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:313)
~[tomcat-embed-core-9.0.63.jar:9.0.63]
> > at
org.springframework.security.web.header.HeaderWrit
Re: StackOverflowError
I see a forward after the execute is called. If this is the same issue as what I am having, code execution is going back to the first action class rather than the action class referred to by the forward. To confirm this you can run it in debug mode and have a break point in the first action execute method and see if you are getting back to the same action after the forward. Thanks, Prasanth On 6/14/22 12:23 AM, Rubens Gomes wrote: I am runnning a Spring Boot 2.7.0 (Latest) Tomcat embedded WAR + Spring Security + Struts 6.0.0 Actions + JSP pages. I started noticing a loop when a Struts2 Action result type is a "dispatcher" with following repetive stack trace. Then, a stack overflow is raised. .. repeated several times .. at org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:637) ~[struts2-core-6.0.0.jar:6.0.0] at org.apache.struts2.dispatcher.ExecuteOperations.executeAction(ExecuteOperations.java:79) ~[struts2-core-6.0.0.jar:6.0.0] at org.apache.struts2.dispatcher.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:140) ~[struts2-core-6.0.0.jar:6.0.0] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.63.jar:9.0.63] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.63.jar:9.0.63] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:111) ~[spring-web-5.3.20.jar:5.3.20] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.63.jar:9.0.63] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.63.jar:9.0.63] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:111) ~[spring-web-5.3.20.jar:5.3.20] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.63.jar:9.0.63] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.63.jar:9.0.63] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:111) ~[spring-web-5.3.20.jar:5.3.20] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.63.jar:9.0.63] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.63.jar:9.0.63] at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:711) ~[tomcat-embed-core-9.0.63.jar:9.0.63] at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:459) ~[tomcat-embed-core-9.0.63.jar:9.0.63] at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:385) ~[tomcat-embed-core-9.0.63.jar:9.0.63] at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:313) ~[tomcat-embed-core-9.0.63.jar:9.0.63] at org.springframework.security.web.header.HeaderWriterFilter$HeaderWriterRequestDispatcher.forward(HeaderWriterFilter.java:170) ~[spring-security-web-5.7.1.jar:5.7.1] at org.apache.struts2.result.ServletDispatcherResult.doExecute(ServletDispatcherResult.java:169) ~[struts2-core-6.0.0.jar:6.0.0] at org.apache.struts2.result.StrutsResultSupport.execute(StrutsResultSupport.java:206) ~[struts2-core-6.0.0.jar:6.0.0] at com.opensymphony.xwork2.DefaultActionInvocation.executeResult(DefaultActionInvocation.java:363) ~[struts2-core-6.0.0.jar:6.0.0] at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:280) ~[struts2-core-6.0.0.jar:6.0.0] at org.apache.struts2.factory.StrutsActionProxy.execute(StrutsActionProxy.java:48) ~[struts2-core-6.0.0.jar:6.0.0] at org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:637) ~[struts2-core-6.0.0.jar:6.0.0] at org.apache.struts2.dispatcher.ExecuteOperations.executeAction(ExecuteOperations.java:79) ~[struts2-core-6.0.0.jar:6.0.0] at org.apache.struts2.dispatcher.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:140) ~[struts2-core-6.0.0.jar:6.0.0] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.63.jar:9.0.63] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.63.jar:9.0.63] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:111) ~[spring-web-
Struts 6.0.0 - jsp forward in result page
Hi, We have a scenario where one of the results of a struts action is a jsp page with a forward to another action. This works fine under 2.5.X versions. In 6.0.0 I am seeing a stackoverflowerror. After debugging it seems like the first action processes it correctly and returns the result page and the jsp forward is triggered at this point struts seems to execute the first action again rather than the action specified in the jsp forward. from web.xml struts2 *.action FORWARD REQUEST Thanks, Prasanth
Re: OGNL in struts tag
Guessing you are trying to create dynamic names for the text fields. If you
have dynamic names how are you going to get the values into your action? You
could probably have an array of text fields
where the names of text fields are like mytext[columnName1],
mytext[columnName2] etc.
You can then use a map in the action to collect the values from the jsp. In the
below example you would use a map named mycolumns.
I think Struts2 tags don't allow EL so you have to use OGNL expression to
create dynamic names.
On 2/18/20 7:09 AM, Lukasz Lenart wrote:
> wt., 18 lut 2020 o 05:22 M Huzaifah napisał(a):
>> I've looking for solution how to create struts2 tag could generate
>> dynamically. This is my code:
>>
>>
>>
>>
> You shouldn't mix Struts and non-Struts tags, this is a bad idea. Why
> don't you use here?
> https://struts.apache.org/tag-developers/iterator-tag.html
>
> And I'm not sure what do you want achieve with this strange syntax
> "name:${column.columnName}"?
>
>
> Regards
Re: Invalid Field Value when using Map
I have built a test project to just test the Map variables. In the validate method it does give a String object (for value of map). But seems like a field error is also added. If I try to use the map in validate method I would get a class cast exception, but if I don't do anything with the map values then the input page is displayed with invalid field value error. So I guess the issue is that my validate method is trying to validate the values in the map and that causes the exception, as the map has String values in it. I have to update the validation methods to check if the value is of type Double or not. Is this how it is supposed to work? I would have thought that a field error would be added and the String value would not be added to the Map as the code is expecting Doubles. Thanks, Prasanth On 6/24/19 1:42 AM, Yasser Zamani wrote: Hi, I think putting breakpoints at [1] and [2] and seeing if you reach there and what happens next can help proceeding this issue. Thanks in advance! Regards. [1] https://github.com/apache/struts/blob/651eac2c57396aa11ee65002006b3123dd69cbb4/core/src/main/java/com/opensymphony/xwork2/conversion/impl/DefaultObjectTypeDeterminer.java#L114 [2] https://github.com/apache/struts/blob/651eac2c57396aa11ee65002006b3123dd69cbb4/core/src/main/java/com/opensymphony/xwork2/interceptor/ConversionErrorInterceptor.java#L118 -Original Message- From: Prasanth Sent: Friday, June 21, 2019 6:27 PM To: user@struts.apache.org Subject: Re: Invalid Field Value when using Map Hi Yasser, The conversion error occurs when the field is not a map. I have a form with int/long fields, if the user enters non numeric value the form display error. The actions are validation aware and the control does come to validation method. It is in the validation method that I usually get exceptions as the code is expecting to have a Double but the type of the object in the map is a String. I have tried to check in the validate method if the object is of type Double and if it is not a Double add a field error. When I do that OGNL seems to have an issue when displaying the input form with the values in the map. Seems like OGNL is now expecting a Double value and is not able to handle a String object being present in the map. The JSP stops at the field which has String value. So even if I add additional validations to make sure all values in the map are Doubles it would still cause a problem as Struts would not be able to display the input form. Thanks, Prasanth On 6/21/19 1:23 AM, Yasser Zamani wrote: Oh interesting! Have you seen [1]? e.g. conversion error interceptor should be present in your interceptor stack. To debug, for example put a number field which is not a map and see if conversion error appears - I think you should also have fieldErrors tag in your jsp. It seems your action also should be ValidationAware. Put a break-point at [2] and see if your code reaches there and what happens next. Regards. [1] https://struts.apache.org/core-developers/type-conversion.html#collect ion-and-map-support [2] https://github.com/apache/struts/blob/651eac2c57396aa11ee65002006b3123 dd69cbb4/core/src/main/java/com/opensymphony/xwork2/interceptor/Conver sionErrorInterceptor.java#L116 On 6/19/2019 10:35 PM, Prasanth Pasala wrote: Hi Yasser, I think at run time you can add any type of objects you want to the map. The checks are only at compile time on the data types of objects added to Maps. Thanks, Prasanth On 6/19/19 1:29 AM, Yasser Zamani wrote: Hi Prasanth, I'm surprised how you get non digit characters in your map while both key and value are not String! Regards. -Original Message- From: Prasanth Sent: Monday, June 17, 2019 8:52 PM To: Struts Users Mailing List Subject: Invalid Field Value when using Map Hi, I have a form that uses maps to store data as shown below. When the user enters valid numbers it works as expected, but when user enters non digit characters in the text field a String object is saved in the map rather than showing a "Invalid field value for field " message which is done for basic data types like int/long/double. Is this something that struts has not implemented for maps yet, as the annotations provide the expected data type? @Element(value=java.lang.Double.class) private HashMap deferralAmountValue = new HashMap(); @Element(value=java.lang.Double.class) private HashMap deferralPercentValue = new HashMap(); Thanks, Prasanth - To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org - To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org - To unsubscribe, e-mail: use
Re: Invalid Field Value when using Map
Hi Yasser, The conversion error occurs when the field is not a map. I have a form with int/long fields, if the user enters non numeric value the form display error. The actions are validation aware and the control does come to validation method. It is in the validation method that I usually get exceptions as the code is expecting to have a Double but the type of the object in the map is a String. I have tried to check in the validate method if the object is of type Double and if it is not a Double add a field error. When I do that OGNL seems to have an issue when displaying the input form with the values in the map. Seems like OGNL is now expecting a Double value and is not able to handle a String object being present in the map. The JSP stops at the field which has String value. So even if I add additional validations to make sure all values in the map are Doubles it would still cause a problem as Struts would not be able to display the input form. Thanks, Prasanth On 6/21/19 1:23 AM, Yasser Zamani wrote: Oh interesting! Have you seen [1]? e.g. conversion error interceptor should be present in your interceptor stack. To debug, for example put a number field which is not a map and see if conversion error appears - I think you should also have fieldErrors tag in your jsp. It seems your action also should be ValidationAware. Put a break-point at [2] and see if your code reaches there and what happens next. Regards. [1] https://struts.apache.org/core-developers/type-conversion.html#collection-and-map-support [2] https://github.com/apache/struts/blob/651eac2c57396aa11ee65002006b3123dd69cbb4/core/src/main/java/com/opensymphony/xwork2/interceptor/ConversionErrorInterceptor.java#L116 On 6/19/2019 10:35 PM, Prasanth Pasala wrote: Hi Yasser, I think at run time you can add any type of objects you want to the map. The checks are only at compile time on the data types of objects added to Maps. Thanks, Prasanth On 6/19/19 1:29 AM, Yasser Zamani wrote: Hi Prasanth, I'm surprised how you get non digit characters in your map while both key and value are not String! Regards. -Original Message- From: Prasanth Sent: Monday, June 17, 2019 8:52 PM To: Struts Users Mailing List Subject: Invalid Field Value when using Map Hi, I have a form that uses maps to store data as shown below. When the user enters valid numbers it works as expected, but when user enters non digit characters in the text field a String object is saved in the map rather than showing a "Invalid field value for field " message which is done for basic data types like int/long/double. Is this something that struts has not implemented for maps yet, as the annotations provide the expected data type? @Element(value=java.lang.Double.class) private HashMap deferralAmountValue = new HashMap(); @Element(value=java.lang.Double.class) private HashMap deferralPercentValue = new HashMap(); Thanks, Prasanth - To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org - To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
Re: Invalid Field Value when using Map
Hi Yasser, I think at run time you can add any type of objects you want to the map. The checks are only at compile time on the data types of objects added to Maps. Thanks, Prasanth On 6/19/19 1:29 AM, Yasser Zamani wrote: Hi Prasanth, I'm surprised how you get non digit characters in your map while both key and value are not String! Regards. -Original Message- From: Prasanth Sent: Monday, June 17, 2019 8:52 PM To: Struts Users Mailing List Subject: Invalid Field Value when using Map Hi, I have a form that uses maps to store data as shown below. When the user enters valid numbers it works as expected, but when user enters non digit characters in the text field a String object is saved in the map rather than showing a "Invalid field value for field " message which is done for basic data types like int/long/double. Is this something that struts has not implemented for maps yet, as the annotations provide the expected data type? @Element(value=java.lang.Double.class) private HashMap deferralAmountValue = new HashMap(); @Element(value=java.lang.Double.class) private HashMap deferralPercentValue = new HashMap(); Thanks, Prasanth - To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
Invalid Field Value when using Map
Hi, I have a form that uses maps to store data as shown below. When the user enters valid numbers it works as expected, but when user enters non digit characters in the text field a String object is saved in the map rather than showing a "Invalid field value for field " message which is done for basic data types like int/long/double. Is this something that struts has not implemented for maps yet, as the annotations provide the expected data type? @Element(value=java.lang.Double.class) private HashMap deferralAmountValue = new HashMap(); @Element(value=java.lang.Double.class) private HashMap deferralPercentValue = new HashMap(); Thanks, Prasanth
Re: HashMap with String as key
Sorry if I caused any confusion. This thread was meant to discuss String keys. I do have forms where I am using numeric keys and they work fine. I think I found a solution to my problem. Struts seems to expect single quotes for the keys when the key is string. Updated code is shown below. Also I changed my separator to "a" rather than "-". So the two changes I have made are i) change separator to "a" ii) use single quotes around the key when specifying the name for text field. JSP: Resulting HTML: Appreciate the input from everyone. Thanks, Prasanth On 3/14/19 2:36 PM, Lukasz Lenart wrote: > czw., 14 mar 2019 o 20:11 Prasanth napisał(a): >> If there a setting for struts that need to be changed to allow non numeric >> keys? > Nothing like that, but I suggest to start over because you first > reported that you want to have a numeric key and now you say you > don't. So maybe start a new topic with an example code. > > I assume you have defined a numeric key in your Map and Struts tries > to convert "2432-123" into a number and trims after the non-numeric > character, that's why you see only "2432". > > > Regards
Re: HashMap with String as key
The text field is also correctly populated based on the values in the hashmap (populated from database before showing the form). So the filed is correctly linked to the hashmap. I have even tried using an alphabet as a separator but that doesn't work either. But if I remove the hyphen (2241923545 as key) then the hashmap is populated, but I wouldn't be able to get the two values separated out if there is no separated. I could multiply one number with million and add another number to come up with a single number, but it will eventually create a problem as these keys grow. If there a setting for struts that need to be changed to allow non numeric keys? Thanks, Prasanth On 3/13/19 5:13 PM, Prasanth wrote: > The html form generated is correctly showing the key but the hashmap doesn't > have a value for 22419-23545 when the form is submitted. > > id="AccountAllocations_accountAllocation_22419-23545_" class="inline-input" > type="text"> Thanks, Prasanth > > On 3/12/19 9:26 AM, Prasanth Pasala wrote: >> Lukasz, >> >> There is no new keys in the hash map. The hash map is not updated at all. >> Before the form is displayed to the user, the hash map is populated based on >> the data in the database. These values are >> correctly displayed to the user in the text fields. But when the form is >> submitted by the user the data doesn't get populated in the hash map. Only >> the data I have populated in the hash map is present >> (as the model class is stored in session using scope interceptor) doesn't >> matter what values I type in the text fields. >> >> Yasser, That is right the key is a string, not long. >> >> Also as I was testing this (having keys with and with out hyphen) I realized >> that any values that I have added to hash map before showing the form are >> still in the map. The new values from the form >> (keys without hyphen) got added to the hash map. I was under the impression >> that struts would set a new hash map with just the keys present in the form. >> >> Thanks, >> Prasanth >> >> On 3/12/19 4:12 AM, Yasser Zamani wrote: >>> (regarding your previous emails background) Please also consider that the >>> key 2432-123 is not further Long. It's String. >>> >>> Regards. >>> >>>> -Original Message- >>>> From: Lukasz Lenart >>>> Sent: Tuesday, March 12, 2019 10:52 AM >>>> To: Struts Users Mailing List >>>> Subject: Re: HashMap with String as key >>>> >>>> pon., 11 mar 2019 o 18:41 Prasanth napisał(a): >>>>> When you have a HashMap backed form and String as key, are there any >>>> restrictions on the characters allowed? >>>>> I have keys like "2432-123" as I have to incorporate two ids in the >>>>> key. When I have these keys the HashMap is not getting populated. If I >>>>> change >>>> it, so that there is only one id (no hyphen) then the data is getting >>>> posted as >>>> expected. >>>> >>>> I assume it's because of the "-" (minus) sign, and OGNL performs an >>>> evaluation or >>>> something. Could you check if you have key 2309 in your map as a result of >>>> distraction operation (2432-123 = 2309)? >>>> >>>> >>>> Regards >>>> -- >>>> Łukasz >>>> + 48 606 323 122 http://www.lenart.org.pl/ >>>> >>>> - >>>> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org >>>> For additional commands, e-mail: user-h...@struts.apache.org >>> - >>> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org >>> For additional commands, e-mail: user-h...@struts.apache.org >>> >
Re: HashMap with String as key
The html form generated is correctly showing the key but the hashmap doesn't have a value for 22419-23545 when the form is submitted. Thanks, Prasanth On 3/12/19 9:26 AM, Prasanth Pasala wrote: > Lukasz, > > There is no new keys in the hash map. The hash map is not updated at all. > Before the form is displayed to the user, the hash map is populated based on > the data in the database. These values are > correctly displayed to the user in the text fields. But when the form is > submitted by the user the data doesn't get populated in the hash map. Only > the data I have populated in the hash map is present > (as the model class is stored in session using scope interceptor) doesn't > matter what values I type in the text fields. > > Yasser, That is right the key is a string, not long. > > Also as I was testing this (having keys with and with out hyphen) I realized > that any values that I have added to hash map before showing the form are > still in the map. The new values from the form > (keys without hyphen) got added to the hash map. I was under the impression > that struts would set a new hash map with just the keys present in the form. > > Thanks, > Prasanth > > On 3/12/19 4:12 AM, Yasser Zamani wrote: >> (regarding your previous emails background) Please also consider that the >> key 2432-123 is not further Long. It's String. >> >> Regards. >> >>> -Original Message- >>> From: Lukasz Lenart >>> Sent: Tuesday, March 12, 2019 10:52 AM >>> To: Struts Users Mailing List >>> Subject: Re: HashMap with String as key >>> >>> pon., 11 mar 2019 o 18:41 Prasanth napisał(a): >>>> When you have a HashMap backed form and String as key, are there any >>> restrictions on the characters allowed? >>>> I have keys like "2432-123" as I have to incorporate two ids in the >>>> key. When I have these keys the HashMap is not getting populated. If I >>>> change >>> it, so that there is only one id (no hyphen) then the data is getting >>> posted as >>> expected. >>> >>> I assume it's because of the "-" (minus) sign, and OGNL performs an >>> evaluation or >>> something. Could you check if you have key 2309 in your map as a result of >>> distraction operation (2432-123 = 2309)? >>> >>> >>> Regards >>> -- >>> Łukasz >>> + 48 606 323 122 http://www.lenart.org.pl/ >>> >>> - >>> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org >>> For additional commands, e-mail: user-h...@struts.apache.org >> - >> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org >> For additional commands, e-mail: user-h...@struts.apache.org >> >
Re: HashMap with String as key
Lukasz, There is no new keys in the hash map. The hash map is not updated at all. Before the form is displayed to the user, the hash map is populated based on the data in the database. These values are correctly displayed to the user in the text fields. But when the form is submitted by the user the data doesn't get populated in the hash map. Only the data I have populated in the hash map is present (as the model class is stored in session using scope interceptor) doesn't matter what values I type in the text fields. Yasser, That is right the key is a string, not long. Also as I was testing this (having keys with and with out hyphen) I realized that any values that I have added to hash map before showing the form are still in the map. The new values from the form (keys without hyphen) got added to the hash map. I was under the impression that struts would set a new hash map with just the keys present in the form. Thanks, Prasanth On 3/12/19 4:12 AM, Yasser Zamani wrote: > (regarding your previous emails background) Please also consider that the key > 2432-123 is not further Long. It's String. > > Regards. > >> -Original Message- >> From: Lukasz Lenart >> Sent: Tuesday, March 12, 2019 10:52 AM >> To: Struts Users Mailing List >> Subject: Re: HashMap with String as key >> >> pon., 11 mar 2019 o 18:41 Prasanth napisał(a): >>> When you have a HashMap backed form and String as key, are there any >> restrictions on the characters allowed? >>> I have keys like "2432-123" as I have to incorporate two ids in the >>> key. When I have these keys the HashMap is not getting populated. If I >>> change >> it, so that there is only one id (no hyphen) then the data is getting posted >> as >> expected. >> >> I assume it's because of the "-" (minus) sign, and OGNL performs an >> evaluation or >> something. Could you check if you have key 2309 in your map as a result of >> distraction operation (2432-123 = 2309)? >> >> >> Regards >> -- >> Łukasz >> + 48 606 323 122 http://www.lenart.org.pl/ >> >> - >> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org >> For additional commands, e-mail: user-h...@struts.apache.org > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
HashMap with String as key
Hi, When you have a HashMap backed form and String as key, are there any restrictions on the characters allowed? I have keys like "2432-123" as I have to incorporate two ids in the key. When I have these keys the HashMap is not getting populated. If I change it, so that there is only one id (no hyphen) then the data is getting posted as expected. Thanks, Prasanth
Re: Map backed form
Thank you Yasser. Changed the name of the properties file to use the model
class name, it is in same package as the action so no change in location. But
no success.
After reading the link you sent, the text in the properties file should be
Key_xxx & Element_xxx as you said before and should not be KeyProperty (this is
for lists to identify the id inside the
element itself).
I have now tried the @Element on the variable rather than @TypeConversion which
has to be used on setXXX method. This is working now as expected. Not sure why
properties file or @TypeConversion did
not work.
https://struts.apache.org/core-developers/element-annotation.html
Thanks for all your help.
Thanks,
Prasanth
On 3/7/19 3:57 AM, Yasser Zamani wrote:
> Hi Prasanth,
>
> I searched and saw it is some different for ModelDriven [1].
>
> Regards.
>
> [1]
> https://struts.apache.org/core-developers/type-conversion.html#applying-a-type-converter-to-a-bean-or-model
> (Applying a Type Converter to a bean or model)
>
> On 3/6/2019 7:36 PM, Prasanth wrote:
>> I have created the below in CompDeferralAction-conversion.properties (action
>> class is CompDeferralAction). The variable name is deferralCode. But still
>> struts is populating the value as Long rather
>> than Integer. Am I missing anything here?
>> This action is ModelDriven so the deferralCode variable is in a different
>> class.
>>
>> Looking at the documentation seems like it should be KeyProperty, so I named
>> it as such.
>> KeyProperty_deferralCode=java.lang.Long
>> Element_deferralCode=java.lang.Interger
>>
>> I have also tried the annotations
>>
>> @TypeConversion(rule=ConversionRule.MAP, key="java.lang.Long",
>> value="java.lang.Integer")
>> public void setDeferralCode(HashMap deferralCode) {
>> this.deferralCode = deferralCode;
>> }
>>
>> Thanks,
>> Prasanth
>>
>> On 2/16/19 3:20 AM, Yasser Zamani wrote:
>>> I think a file named yourActionClass-conversion.properties beside your
>>> action with following contents should help [1]:
>>>
>>> Key_xxx=java.lang.Long
>>> Element_xxx=java.lang.Double
>>>
>>> (where xxx is the field name of the collection property in your action or
>>> object)
>>>
>>> Regards.
>>>
>>> [1]
>>> https://struts.apache.org/core-developers/type-conversion.html#collection-and-map-support
>>>
>>>> -Original Message-
>>>> From: Prasanth
>>>> Sent: Friday, February 15, 2019 9:08 PM
>>>> To: user@struts.apache.org
>>>> Subject: Re: Map backed form
>>>>
>>>> Does struts follow a specific logic as to what the data type of the object
>>>> would be
>>>> based on user input? Meaning when is it converted to a Double vs Integer vs
>>>> String?
>>>>
>>>> Thanks,
>>>> Prasanth
>>>>
>>>> On 2/15/19 7:45 AM, Lukasz Lenart wrote:
>>>>> pt., 15 lut 2019 o 00:17 Prasanth napisał(a):
>>>>>> I have a map (Map) but based on the data entered by the
>>>>>> user the value in the Map is Double or String. Example if the user
>>>>>> enters a
>>>> value of 10 then it is coming in as double but if the user enters 10.5
>>>> then a string
>>>> is present in the value. Does Struts2 look at the data types of the key
>>>> and value of
>>>> the map and set the key and values in the map accordingly?
>>>>> Struts is not a problem here, generic types are erased at runtime, so
>>>>> basically this a Map at the end
>>>>> https://docs.oracle.com/javase/tutorial/java/generics/erasure.html
>>>>>
>>>>>> If not, what is the best practice for the declaration of Map, is there a
>>>>>> way to
>>>> force Struts2 to only have Double objects as values?
>>>>> I would probably use a custom type instead of Double and implement
>>>>> converter for it, or even replace the Map with a List of custom
>>>>> objects.
>>>>>
>>>>>
>>>>> Regards
>>> -
>>> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
>>> For additional commands, e-mail: user-h...@struts.apache.org
>>>
>>
> -
> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
> For additional commands, e-mail: user-h...@struts.apache.org
>
Re: Map backed form
I have created the below in CompDeferralAction-conversion.properties (action
class is CompDeferralAction). The variable name is deferralCode. But still
struts is populating the value as Long rather
than Integer. Am I missing anything here?
This action is ModelDriven so the deferralCode variable is in a different class.
Looking at the documentation seems like it should be KeyProperty, so I named it
as such.
KeyProperty_deferralCode=java.lang.Long
Element_deferralCode=java.lang.Interger
I have also tried the annotations
@TypeConversion(rule=ConversionRule.MAP, key="java.lang.Long",
value="java.lang.Integer")
public void setDeferralCode(HashMap deferralCode) {
this.deferralCode = deferralCode;
}
Thanks,
Prasanth
On 2/16/19 3:20 AM, Yasser Zamani wrote:
> I think a file named yourActionClass-conversion.properties beside your action
> with following contents should help [1]:
>
> Key_xxx=java.lang.Long
> Element_xxx=java.lang.Double
>
> (where xxx is the field name of the collection property in your action or
> object)
>
> Regards.
>
> [1]
> https://struts.apache.org/core-developers/type-conversion.html#collection-and-map-support
>
>> -Original Message-
>> From: Prasanth
>> Sent: Friday, February 15, 2019 9:08 PM
>> To: user@struts.apache.org
>> Subject: Re: Map backed form
>>
>> Does struts follow a specific logic as to what the data type of the object
>> would be
>> based on user input? Meaning when is it converted to a Double vs Integer vs
>> String?
>>
>> Thanks,
>> Prasanth
>>
>> On 2/15/19 7:45 AM, Lukasz Lenart wrote:
>>> pt., 15 lut 2019 o 00:17 Prasanth napisał(a):
>>>> I have a map (Map) but based on the data entered by the
>>>> user the value in the Map is Double or String. Example if the user enters a
>> value of 10 then it is coming in as double but if the user enters 10.5 then
>> a string
>> is present in the value. Does Struts2 look at the data types of the key and
>> value of
>> the map and set the key and values in the map accordingly?
>>> Struts is not a problem here, generic types are erased at runtime, so
>>> basically this a Map at the end
>>> https://docs.oracle.com/javase/tutorial/java/generics/erasure.html
>>>
>>>> If not, what is the best practice for the declaration of Map, is there a
>>>> way to
>> force Struts2 to only have Double objects as values?
>>> I would probably use a custom type instead of Double and implement
>>> converter for it, or even replace the Map with a List of custom
>>> objects.
>>>
>>>
>>> Regards
>
> -
> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
> For additional commands, e-mail: user-h...@struts.apache.org
>
Re: Map backed form
Thank you Yasser. I will try that. On 2/16/19 3:20 AM, Yasser Zamani wrote: > I think a file named yourActionClass-conversion.properties beside your action > with following contents should help [1]: > > Key_xxx=java.lang.Long > Element_xxx=java.lang.Double > > (where xxx is the field name of the collection property in your action or > object) > > Regards. > > [1] > https://struts.apache.org/core-developers/type-conversion.html#collection-and-map-support > >> -Original Message- >> From: Prasanth >> Sent: Friday, February 15, 2019 9:08 PM >> To: user@struts.apache.org >> Subject: Re: Map backed form >> >> Does struts follow a specific logic as to what the data type of the object >> would be >> based on user input? Meaning when is it converted to a Double vs Integer vs >> String? >> >> Thanks, >> Prasanth >> >> On 2/15/19 7:45 AM, Lukasz Lenart wrote: >>> pt., 15 lut 2019 o 00:17 Prasanth napisał(a): >>>> I have a map (Map) but based on the data entered by the >>>> user the value in the Map is Double or String. Example if the user enters a >> value of 10 then it is coming in as double but if the user enters 10.5 then >> a string >> is present in the value. Does Struts2 look at the data types of the key and >> value of >> the map and set the key and values in the map accordingly? >>> Struts is not a problem here, generic types are erased at runtime, so >>> basically this a Map at the end >>> https://docs.oracle.com/javase/tutorial/java/generics/erasure.html >>> >>>> If not, what is the best practice for the declaration of Map, is there a >>>> way to >> force Struts2 to only have Double objects as values? >>> I would probably use a custom type instead of Double and implement >>> converter for it, or even replace the Map with a List of custom >>> objects. >>> >>> >>> Regards > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
Re: Map backed form
Does struts follow a specific logic as to what the data type of the object would be based on user input? Meaning when is it converted to a Double vs Integer vs String? Thanks, Prasanth On 2/15/19 7:45 AM, Lukasz Lenart wrote: > pt., 15 lut 2019 o 00:17 Prasanth napisał(a): >> I have a map (Map) but based on the data entered by the user >> the value in the Map is Double or String. Example if the user enters a value >> of 10 then it is coming in as double but if the >> user enters 10.5 then a string is present in the value. Does Struts2 look at >> the data types of the key and value of the map and set the key and values in >> the map accordingly? > Struts is not a problem here, generic types are erased at runtime, so > basically this a Map at the end > https://docs.oracle.com/javase/tutorial/java/generics/erasure.html > >> If not, what is the best practice for the declaration of Map, is there a way >> to force Struts2 to only have Double objects as values? > I would probably use a custom type instead of Double and implement > converter for it, or even replace the Map with a List of custom > objects. > > > Regards
Array of submit buttons
Hi, I have a form with tabular data and need to have delete buttons for each row. So have a ArrayList in the action and the form has inside an iterator. When the user clicks on the Delete button the ArrayList was not populated. So changed the ArrayList to a Map. Interestingly the map is populated but the value in the map is a String array, rather than a single String, with one element having string Delete. Do s:submit work differently from s:textfield when it comes to saving data to ArrayList or Map? Thanks, Prasanth
Map backed form
Hi, I have a map (Map) but based on the data entered by the user the value in the Map is Double or String. Example if the user enters a value of 10 then it is coming in as double but if the user enters 10.5 then a string is present in the value. Does Struts2 look at the data types of the key and value of the map and set the key and values in the map accordingly? If not, what is the best practice for the declaration of Map, is there a way to force Struts2 to only have Double objects as values? Thanks, Prasanth
Re: Struts2 Checkboxlist
I think the issue I am having is due to the theme, I had old checkboxlist.ftl
code. Once it is updated to the latest code it is working well. The only change
I make in it is show each checkbox in a
separate line.
Appreciate all the help.
Thanks,
Prasanth
On 2/6/19 9:31 AM, Prasanth Pasala wrote:
> So there is no need to add MultiselectInterceptor in the action definition?
>
> Below is the checkboxlist in the jsp. accountNames map is in the account to
> provide the list values and names.
>
> listValue="%{value}" theme="tpg" >
>
> Thanks,
> Prasanth
>
> On 2/6/19 8:53 AM, Yasser Zamani wrote:
>> Ach! Sorry, you're right. For checkbox list it's MultiselectInterceptor
>> class which handles this and here it works with following config:
>>
>> List selectedLongs= new ArrayList<>();
>> public List getLongs(){
>> List longs= new ArrayList<>();
>> longs.add(0L);
>> longs.add(1L);
>> return longs;
>> }
>> public void setSelectedLongs(List selectedLongs){
>> this.selectedLongs = selectedLongs;
>> }
>> public List getSelectedLongs(){
>> return selectedLongs;
>> }
>>
>> > tooltip="longs test"
>> label="Longs Test"
>> list="longs"
>> name="selectedLongs"
>> value="selectedLongs"/>
>>
>> > class="org.apache.struts2.showcase.UITagExample" method="doSubmit">
>> /WEB-INF/tags/ui/exampleSubmited.jsp
>> /WEB-INF/tags/ui/example.jsp
>>
>>
>>
>> When I post an empty form, MultiselectInterceptor adds an empty string for
>> selectedLongs http param, then Struts internal conversion converts it to an
>> empty instance of List, then setSelectedLongs will be called here with
>> it.
>>
>> Regards.
>>
>>> -Original Message-
>>> From: Prasanth Pasala
>>> Sent: Wednesday, February 6, 2019 12:30 AM
>>> To: user@struts.apache.org
>>> Subject: Re: Struts2 Checkboxlist
>>>
>>> Hi Yasser,
>>>
>>> Even after having the param the ArrayList was not populated with -1
>>> for
>>> unchecked checkboxes. The ArrayList is in form. The set method in the
>>> form is not getting called when I don't check any of the checkboxes. I am
>>> using a
>>> checkboxlist rather than individual checkboxes.
>>>
>>>
>>>
>>> form
>>>
>>>
>>> -1
>>>
>>>
>>>
>>> Thanks,
>>> Prasanth
>>>
>>> On 2/5/19 5:43 AM, Yasser Zamani wrote:
>>>> Hi Prasanth,
>>>>
>>>> Yes, I think. Now I can recall a long discussion about this at [1]. i.e.
>>>> you also can
>>> keep array list of long but override the interceptor like below [2]:
>>>> >>> class="com.afs.ListConverterTestAction">
>>>>
>>>> -1
>>>>
>>>>
>>>> Kind Regards.
>>>>
>>>> [1] https://github.com/apache/struts/pull/169
>>>> [2] https://github.com/apache/struts/pull/169#issuecomment-352999309
>>>>
>>>>
>>>>> -Original Message-
>>>>> From: Prasanth Pasala
>>>>> Sent: Tuesday, February 5, 2019 3:26 AM
>>>>> To: user@struts.apache.org
>>>>> Subject: Re: Struts2 Checkboxlist
>>>>>
>>>>> I am using the defaultStack but the ArrayList used for the checkboxes
>>>>> is of type Long. If we change it to ArrayList of Boolean would the
>>>>> interceptor set the values to false? Or is this only applicable if
>>>>> you have individual checkboxes rather than checkboxlist?
>>>>>
>>>>> Thanks,
>>>>> Prasanth
>>>>>
>>>>> On 2/4/19 4:29 PM, Paul Zepernick wrote:
>>>>>> Yes, setFoo is only called if the checkbox is checked. However,
>>>>>> Struts 2 does have a checkbox interceptor:
>>>>>> https://struts.apache.org/core-de
Re: Struts2 Checkboxlist
So there is no need to add MultiselectInterceptor in the action definition?
Below is the checkboxlist in the jsp. accountNames map is in the account to
provide the list values and names.
Thanks,
Prasanth
On 2/6/19 8:53 AM, Yasser Zamani wrote:
> Ach! Sorry, you're right. For checkbox list it's MultiselectInterceptor class
> which handles this and here it works with following config:
>
> List selectedLongs= new ArrayList<>();
> public List getLongs(){
> List longs= new ArrayList<>();
> longs.add(0L);
> longs.add(1L);
> return longs;
> }
> public void setSelectedLongs(List selectedLongs){
> this.selectedLongs = selectedLongs;
> }
> public List getSelectedLongs(){
> return selectedLongs;
> }
>
> tooltip="longs test"
> label="Longs Test"
> list="longs"
> name="selectedLongs"
> value="selectedLongs"/>
>
> class="org.apache.struts2.showcase.UITagExample" method="doSubmit">
> /WEB-INF/tags/ui/exampleSubmited.jsp
> /WEB-INF/tags/ui/example.jsp
>
>
>
> When I post an empty form, MultiselectInterceptor adds an empty string for
> selectedLongs http param, then Struts internal conversion converts it to an
> empty instance of List, then setSelectedLongs will be called here with
> it.
>
> Regards.
>
>> -Original Message-
>> From: Prasanth Pasala
>> Sent: Wednesday, February 6, 2019 12:30 AM
>> To: user@struts.apache.org
>> Subject: Re: Struts2 Checkboxlist
>>
>> Hi Yasser,
>>
>> Even after having the param the ArrayList was not populated with -1 for
>> unchecked checkboxes. The ArrayList is in form. The set method in the
>> form is not getting called when I don't check any of the checkboxes. I am
>> using a
>> checkboxlist rather than individual checkboxes.
>>
>>
>>
>> form
>>
>>
>> -1
>>
>>
>>
>> Thanks,
>> Prasanth
>>
>> On 2/5/19 5:43 AM, Yasser Zamani wrote:
>>> Hi Prasanth,
>>>
>>> Yes, I think. Now I can recall a long discussion about this at [1]. i.e.
>>> you also can
>> keep array list of long but override the interceptor like below [2]:
>>> >> class="com.afs.ListConverterTestAction">
>>>
>>> -1
>>>
>>>
>>> Kind Regards.
>>>
>>> [1] https://github.com/apache/struts/pull/169
>>> [2] https://github.com/apache/struts/pull/169#issuecomment-352999309
>>>
>>>
>>>> -Original Message-
>>>> From: Prasanth Pasala
>>>> Sent: Tuesday, February 5, 2019 3:26 AM
>>>> To: user@struts.apache.org
>>>> Subject: Re: Struts2 Checkboxlist
>>>>
>>>> I am using the defaultStack but the ArrayList used for the checkboxes
>>>> is of type Long. If we change it to ArrayList of Boolean would the
>>>> interceptor set the values to false? Or is this only applicable if
>>>> you have individual checkboxes rather than checkboxlist?
>>>>
>>>> Thanks,
>>>> Prasanth
>>>>
>>>> On 2/4/19 4:29 PM, Paul Zepernick wrote:
>>>>> Yes, setFoo is only called if the checkbox is checked. However,
>>>>> Struts 2 does have a checkbox interceptor:
>>>>> https://struts.apache.org/core-developers/checkbox-interceptor.html
>>>>>
>>>>> This interceptor defaults checkbox Boolean's to False if the box is not
>> checked.
>>>> This is part of the default interceptor stack.
>>>>> Paul
>>>>>
>>>>> -Original Message-----
>>>>> From: Prasanth Pasala
>>>>> Sent: Monday, February 4, 2019 5:21 PM
>>>>> To: user@struts.apache.org
>>>>> Subject: Re: Struts2 Checkboxlist
>>>>>
>>>>> NOTICE: This email originated from outside of the organization. Do
>>>>> not click
>>>> links or open attachments unless you recognize the sender and know
>>>> the content is safe.
>>>>>
Re: Struts2 Checkboxlist
Hi Yasser, Even after having the param the ArrayList was not populated with -1 for unchecked checkboxes. The ArrayList is in form. The set method in the form is not getting called when I don't check any of the checkboxes. I am using a checkboxlist rather than individual checkboxes. form -1 Thanks, Prasanth On 2/5/19 5:43 AM, Yasser Zamani wrote: > Hi Prasanth, > > Yes, I think. Now I can recall a long discussion about this at [1]. i.e. you > also can keep array list of long but override the interceptor like below [2]: > > > > -1 > > > Kind Regards. > > [1] https://github.com/apache/struts/pull/169 > [2] https://github.com/apache/struts/pull/169#issuecomment-352999309 > > >> -Original Message- >> From: Prasanth Pasala >> Sent: Tuesday, February 5, 2019 3:26 AM >> To: user@struts.apache.org >> Subject: Re: Struts2 Checkboxlist >> >> I am using the defaultStack but the ArrayList used for the checkboxes is of >> type >> Long. If we change it to ArrayList of Boolean would the interceptor set the >> values >> to false? Or is this only applicable if you have individual checkboxes >> rather than >> checkboxlist? >> >> Thanks, >> Prasanth >> >> On 2/4/19 4:29 PM, Paul Zepernick wrote: >>> Yes, setFoo is only called if the checkbox is checked. However, >>> Struts 2 does have a checkbox interceptor: >>> https://struts.apache.org/core-developers/checkbox-interceptor.html >>> >>> This interceptor defaults checkbox Boolean's to False if the box is not >>> checked. >> This is part of the default interceptor stack. >>> Paul >>> >>> -Original Message- >>> From: Prasanth Pasala >>> Sent: Monday, February 4, 2019 5:21 PM >>> To: user@struts.apache.org >>> Subject: Re: Struts2 Checkboxlist >>> >>> NOTICE: This email originated from outside of the organization. Do not click >> links or open attachments unless you recognize the sender and know the >> content >> is safe. >>> Is that how Struts2 is expected to work? Meaning setFoo would not be called >>> if >> non of the Foo checkboxes are selected? I know that is how Struts1 worked. >>> Thanks, >>> Prasanth >>> >>> On 2/2/19 7:08 PM, Prasanth Pasala wrote: >>>> Hi Yasser, >>>> >>>> When none of the checkboxes is selected the setFoo is not getting called. >>>> >>>> Thanks >>>> Prasanth >>>> >>>> On February 2, 2019 8:02:07 AM CST, Yasser Zamani >> wrote: >>>>> Hi Prasanth, >>>>> >>>>> AFAIK this tag is like this: >>>>> >>>>> >>>>> >>>>> It calls getBar method of your action or finds bar in value stack to >>>>> find out what to display. Same for baz to find out which to be >>>>> selected. Then it calls yourAction.setFoo to post selected items. i.e. >>>>> it is up to you what you do with it in setFoo method. Normally you >>>>> should clear baz and fill it with them again to update selected items. >>>>> >>>>> Thanks for using Struts! >>>>> >>>>> Kind Regards. >>>>> >>>>>> -Original Message- >>>>>> From: Prasanth >>>>>> Sent: Saturday, February 2, 2019 1:08 AM >>>>>> To: user@struts.apache.org >>>>>> Subject: Struts2 Checkboxlist >>>>>> >>>>>> Hi, >>>>>> >>>>>> I am using a checkboxlist on a jsp page which corresponds to a >>>>> ArrayList in the >>>>>> form class, which is used to store form data from a multi page wizard. >>>>> I am using >>>>>> scope interceptor to store the form class in session so that the >>>>>> data >>>>> persists as >>>>>> the user navigates the wizard. When the user selects some check >>>>>> boxes >>>>> it is >>>>>> correctly populated in the form class but if the user navigates >>>>>> back >>>>> in the wizard >>>>>> and unchecks the check box (non of the check boxes selected) struts >>>>> doesn't set >>>>>> the ArrayList to empty. It will still contain the old selection. >>>>
Re: Struts2 Checkboxlist
I am using the defaultStack but the ArrayList used for the checkboxes is of type Long. If we change it to ArrayList of Boolean would the interceptor set the values to false? Or is this only applicable if you have individual checkboxes rather than checkboxlist? Thanks, Prasanth On 2/4/19 4:29 PM, Paul Zepernick wrote: > Yes, setFoo is only called if the checkbox is checked. However, Struts 2 > does have a checkbox interceptor: > https://struts.apache.org/core-developers/checkbox-interceptor.html > > This interceptor defaults checkbox Boolean's to False if the box is not > checked. This is part of the default interceptor stack. > > Paul > > -Original Message- > From: Prasanth Pasala > Sent: Monday, February 4, 2019 5:21 PM > To: user@struts.apache.org > Subject: Re: Struts2 Checkboxlist > > NOTICE: This email originated from outside of the organization. Do not click > links or open attachments unless you recognize the sender and know the > content is safe. > > Is that how Struts2 is expected to work? Meaning setFoo would not be called > if non of the Foo checkboxes are selected? I know that is how Struts1 worked. > > Thanks, > Prasanth > > On 2/2/19 7:08 PM, Prasanth Pasala wrote: >> Hi Yasser, >> >> When none of the checkboxes is selected the setFoo is not getting called. >> >> Thanks >> Prasanth >> >> On February 2, 2019 8:02:07 AM CST, Yasser Zamani >> wrote: >>> Hi Prasanth, >>> >>> AFAIK this tag is like this: >>> >>> >>> >>> It calls getBar method of your action or finds bar in value stack to >>> find out what to display. Same for baz to find out which to be >>> selected. Then it calls yourAction.setFoo to post selected items. i.e. >>> it is up to you what you do with it in setFoo method. Normally you >>> should clear baz and fill it with them again to update selected items. >>> >>> Thanks for using Struts! >>> >>> Kind Regards. >>> >>>> -Original Message- >>>> From: Prasanth >>>> Sent: Saturday, February 2, 2019 1:08 AM >>>> To: user@struts.apache.org >>>> Subject: Struts2 Checkboxlist >>>> >>>> Hi, >>>> >>>> I am using a checkboxlist on a jsp page which corresponds to a >>> ArrayList in the >>>> form class, which is used to store form data from a multi page wizard. >>> I am using >>>> scope interceptor to store the form class in session so that the >>>> data >>> persists as >>>> the user navigates the wizard. When the user selects some check >>>> boxes >>> it is >>>> correctly populated in the form class but if the user navigates back >>> in the wizard >>>> and unchecks the check box (non of the check boxes selected) struts >>> doesn't set >>>> the ArrayList to empty. It will still contain the old selection. >>>> What >>> is the best way >>>> to solve this issue? >>>> >>>> My Options: >>>> 1. Should I use Preparable and set this ArrayList to empty? Since >>>> this >>> is a wizard >>>> (multiple pages submitting to the same action) have to make sure it >>>> is >>> done only >>>> when submitting the page that have these checkboxes. >>>> 2. Create two separate ArrayLists, one to get values from Struts and >>> another to >>>> save the original selection and clear the first array list. Down >>>> side >>> is I need to >>>> populate the list linked to the form when user navigates back to >>>> that >>> page. >>>> Neither of them seem elegant. Is there a way to make struts set the >>> ArrayList to >>>> empty when user doesn't select any check box? >>>> >>>> Using Struts 2.3.35 >>>> >>>> Thanks, >>>> Prasanth >>> - >>> To unsubscribe, e-m > Disclaimer: This communication and any files transmitted with it may contain > information that is privileged, confidential and/or exempt from disclosure > under applicable law. If you are not the intended recipient, you are hereby > notified that any disclosure, copying, distribution, or use of the > information contained herein (including any reliance thereon) is strictly > prohibited. If you received this communication in error, please immediately > contact the sender and destroy the material in its entirety, whether in > electronic or hard copy format. Thank you. > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
Re: Struts2 Checkboxlist
Is that how Struts2 is expected to work? Meaning setFoo would not be called if non of the Foo checkboxes are selected? I know that is how Struts1 worked. Thanks, Prasanth On 2/2/19 7:08 PM, Prasanth Pasala wrote: > Hi Yasser, > > When none of the checkboxes is selected the setFoo is not getting called. > > Thanks > Prasanth > > On February 2, 2019 8:02:07 AM CST, Yasser Zamani > wrote: >> Hi Prasanth, >> >> AFAIK this tag is like this: >> >> >> >> It calls getBar method of your action or finds bar in value stack to >> find out what to display. Same for baz to find out which to be >> selected. Then it calls yourAction.setFoo to post selected items. i.e. >> it is up to you what you do with it in setFoo method. Normally you >> should clear baz and fill it with them again to update selected items. >> >> Thanks for using Struts! >> >> Kind Regards. >> >>> -Original Message- >>> From: Prasanth >>> Sent: Saturday, February 2, 2019 1:08 AM >>> To: user@struts.apache.org >>> Subject: Struts2 Checkboxlist >>> >>> Hi, >>> >>> I am using a checkboxlist on a jsp page which corresponds to a >> ArrayList in the >>> form class, which is used to store form data from a multi page wizard. >> I am using >>> scope interceptor to store the form class in session so that the data >> persists as >>> the user navigates the wizard. When the user selects some check boxes >> it is >>> correctly populated in the form class but if the user navigates back >> in the wizard >>> and unchecks the check box (non of the check boxes selected) struts >> doesn't set >>> the ArrayList to empty. It will still contain the old selection. What >> is the best way >>> to solve this issue? >>> >>> My Options: >>> 1. Should I use Preparable and set this ArrayList to empty? Since this >> is a wizard >>> (multiple pages submitting to the same action) have to make sure it is >> done only >>> when submitting the page that have these checkboxes. >>> 2. Create two separate ArrayLists, one to get values from Struts and >> another to >>> save the original selection and clear the first array list. Down side >> is I need to >>> populate the list linked to the form when user navigates back to that >> page. >>> Neither of them seem elegant. Is there a way to make struts set the >> ArrayList to >>> empty when user doesn't select any check box? >>> >>> Using Struts 2.3.35 >>> >>> Thanks, >>> Prasanth >> - >> To unsubscribe, e-m
RE: Struts2 Checkboxlist
Hi Yasser, When none of the checkboxes is selected the setFoo is not getting called. Thanks Prasanth On February 2, 2019 8:02:07 AM CST, Yasser Zamani wrote: >Hi Prasanth, > >AFAIK this tag is like this: > > > >It calls getBar method of your action or finds bar in value stack to >find out what to display. Same for baz to find out which to be >selected. Then it calls yourAction.setFoo to post selected items. i.e. >it is up to you what you do with it in setFoo method. Normally you >should clear baz and fill it with them again to update selected items. > >Thanks for using Struts! > >Kind Regards. > >>-Original Message- >>From: Prasanth >>Sent: Saturday, February 2, 2019 1:08 AM >>To: user@struts.apache.org >>Subject: Struts2 Checkboxlist >> >>Hi, >> >>I am using a checkboxlist on a jsp page which corresponds to a >ArrayList in the >>form class, which is used to store form data from a multi page wizard. >I am using >>scope interceptor to store the form class in session so that the data >persists as >>the user navigates the wizard. When the user selects some check boxes >it is >>correctly populated in the form class but if the user navigates back >in the wizard >>and unchecks the check box (non of the check boxes selected) struts >doesn't set >>the ArrayList to empty. It will still contain the old selection. What >is the best way >>to solve this issue? >> >>My Options: >>1. Should I use Preparable and set this ArrayList to empty? Since this >is a wizard >>(multiple pages submitting to the same action) have to make sure it is >done only >>when submitting the page that have these checkboxes. >>2. Create two separate ArrayLists, one to get values from Struts and >another to >>save the original selection and clear the first array list. Down side >is I need to >>populate the list linked to the form when user navigates back to that >page. >> >>Neither of them seem elegant. Is there a way to make struts set the >ArrayList to >>empty when user doesn't select any check box? >> >>Using Struts 2.3.35 >> >>Thanks, >>Prasanth > >- >To unsubscribe, e-m -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Re: Struts2 Checkboxlist
The data class holding the array is in session, done using the scope interceptor. Thanks Prasanth On February 1, 2019 9:30:30 PM CST, Arjuna Bandara wrote: >Hi, > >As I understand, you need to modify previous Array before saving. > >Have you tried Session variable ? > >Regards > >Arjuna > >On Sat, 2 Feb 2019 3:18 am Prasanth, wrote: > >> Hi, >> >> I am using a checkboxlist on a jsp page which corresponds to a >ArrayList >> in the form class, which is used to store form data from a multi page >> wizard. I am using scope interceptor to store the form >> class in session so that the data persists as the user navigates the >> wizard. When the user selects some check boxes it is correctly >populated in >> the form class but if the user navigates back in the >> wizard and unchecks the check box (non of the check boxes selected) >struts >> doesn't set the ArrayList to empty. It will still contain the old >> selection. What is the best way to solve this issue? >> >> My Options: >> 1. Should I use Preparable and set this ArrayList to empty? Since >this is >> a wizard (multiple pages submitting to the same action) have to make >sure >> it is done only when submitting the page that have >> these checkboxes. >> 2. Create two separate ArrayLists, one to get values from Struts and >> another to save the original selection and clear the first array >list. Down >> side is I need to populate the list linked to the form >> when user navigates back to that page. >> >> Neither of them seem elegant. Is there a way to make struts set the >> ArrayList to empty when user doesn't select any check box? >> >> Using Struts 2.3.35 >> >> Thanks, >> Prasanth >>
Struts2 Checkboxlist
Hi, I am using a checkboxlist on a jsp page which corresponds to a ArrayList in the form class, which is used to store form data from a multi page wizard. I am using scope interceptor to store the form class in session so that the data persists as the user navigates the wizard. When the user selects some check boxes it is correctly populated in the form class but if the user navigates back in the wizard and unchecks the check box (non of the check boxes selected) struts doesn't set the ArrayList to empty. It will still contain the old selection. What is the best way to solve this issue? My Options: 1. Should I use Preparable and set this ArrayList to empty? Since this is a wizard (multiple pages submitting to the same action) have to make sure it is done only when submitting the page that have these checkboxes. 2. Create two separate ArrayLists, one to get values from Struts and another to save the original selection and clear the first array list. Down side is I need to populate the list linked to the form when user navigates back to that page. Neither of them seem elegant. Is there a way to make struts set the ArrayList to empty when user doesn't select any check box? Using Struts 2.3.35 Thanks, Prasanth
Re: A book of Struts
Would be good to include a chapter on how to implement a multi form wizard. Thanks, Prasanth On 10/17/18 9:11 PM, sharmila thota wrote: > Probably Problems and solutions section > > Thanks > Sharmila > > Sent from my iPhone > >> On Oct 17, 2018, at 3:38 AM, Lukasz Lenart wrote: >> >> Hi everyone, >> >> I would like to (finally ;-) write a book about the latest version of >> the Apache Struts, probably targeting Struts 2.6. I wonder what kind >> of book this should be: >> - an introduction from zero to a full blown app >> - a 101 good practices/examples >> - any other idea >> >> I hope you will give me some positive feedback to start working on this task >> :) >> >> >> Kind regards >> -- >> Łukasz >> + 48 606 323 122 http://www.lenart.org.pl/ >> >> - >> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org >> For additional commands, e-mail: user-h...@struts.apache.org >> > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org > >
Re: Struts2 login action class seems to be reused
The forward happens only to LoginAction. In some cases a PostBack will work but in cases where we have given the end user a choice of applications PostBack will not work as browser has to post back the 1st request information rather than the second request information. Agree I guess we have to make sure we don't have any get methods in the second application LoginAction to avoid similar issues. We have removed the getUsername, getPassword, getAction methods which has stopped the issue of having login credentials in the LoginAction when those are not submitted by user. Now I have removed the setRequest method (not getRequest) and that seems to solve the session invalid exception. May be I can remove the getRequest also as this is not really needed. We have one more get method getMessage this is used to display error messages on login page, which we probably need to keep but should not cause any issues as this data does not change site behavior but I might set this to empty at the start of execute (effectively clearing, if this is set from old action). Thanks, Prasanth On 05/17/2018 06:11 AM, Yasser Zamani wrote: > > On 5/16/2018 11:51 PM, Prasanth wrote: >> Would struts2 call this setRequest method even if the class is implementing >> just ServletRequestAware? > No. Additionally Struts RequestAware method signature is > setRequest(Map<String,Object> request); i.e. it's parameter is Map not > ServletRequest. > >> Any insights as to why this additional setRequest method causes the problem? > Yes. It's same as your issue with username/password copy from previous > action. Your previous action is in value stack (I don't know why! see > [1]) ChainingInterceptor thinks it's a chain result, so, calls > getRequest on previous action and then calls setRequest on your current > action with returned value (i.e. copies this value from previous action > and overrides your private request field inside your action). > > You can fix this also by removing getRequest method which disables > ChainingInterceptor to copies this. > > But you may encounter several same issues when you have both setX and > getX methods on your actions. > > [1] So, as I mentioned before, could you please rewrite all of your > FORWARDs with Struts ServletRedirect or PostBack results (also revert > back all removed getter methods)? this shows us if FORWARDs are root > cause of these issues or not. Then we can investigate more on other > possible causes. > > Regards. > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
Re: Struts2 login action class seems to be reused
Another update, the LoginAction in Context2 had the below methods, two methods
to set the request. May be I have done RequestAware and then realized it should
be ServletRequestAware and did not
delete the setRequest method. I think having the setRequest is the culprit for
the invalid session exception. I have went back and forth and when I have this
method I can reproduce the error and when
I remove this method I don't get the error.
While implementing the SessionAware I removed this additional method also, so
it worked but I was thinking that SessionAware implementation solved the issue.
Any insights as to why this additional setRequest method causes the problem?
Would struts2 call this setRequest method even if the class is implementing
just ServletRequestAware?
@Override
public void *setServletRequest*(HttpServletRequest request) {
this.request = request;
}
/**
* @return the request
*/
public HttpServletRequest getRequest() {
return this.request;
}
/**
* @param aRequest the request to set
*/
public void *setRequest*(HttpServletRequest aRequest) {
this.request = aRequest;
}
Thanks,
Prasanth
On 05/16/2018 12:44 PM, Prasanth wrote:
> We use the path as / for the cookie path that allows the session to be shared
> between context1 and context2. The JSESSIONID also remains the same when the
> request is forwarded.
>
> Martin asked me if the action is session aware. It was not implementing
> SessionAware interface even though session was accessed (using
> request.getSession()). Artifact of code from struts1, that
> part of the code did not change when we moved the action to struts2. So
> decided to change it and use the session map provided by struts2. Once I have
> added SessionAware I am not able to reproduce
> the session invalid exception, did not have a problem reproducing the issue
> before. Is this expected?
>
> Thanks,
> Prasanth
>
> On 05/16/2018 10:40 AM, Yasser Zamani wrote:
>> On 5/16/2018 7:23 PM, Prasanth wrote:
>>> Exception: java.lang.IllegalStateException: UT10: Session is invalid
>>> r4yb7BtBx7fwmGbzMhgeyhvSFb3sAp6FhW6m-5Op
>>> at
>>> io.undertow.server.session.InMemorySessionManager$SessionImpl.getAttribute(InMemorySessionManager.java:481
>>> at
>>> io.undertow.servlet.spec.HttpSessionImpl.getAttribute(HttpSessionImpl.java:122
>>> at com.xx.xx.LoginAction.execute(LoginAction.java:76
>> Could you see if "Best Practices: Cross-Context Dispatching and Session
>> Handling" [1] fixes your issue? However, it's about Servlets not Struts.
>>
>> Regards.
>>
>> [1] http://satworks.blogspot.com/2011/07/best-practices-cross-context.html
>>
>> -
>> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
>> For additional commands, e-mail: user-h...@struts.apache.org
>>
>
Re: Struts2 login action class seems to be reused
We use the path as / for the cookie path that allows the session to be shared between context1 and context2. The JSESSIONID also remains the same when the request is forwarded. Martin asked me if we the action is session aware. It was not implementing SessionAware interface even though session was accessed (using request.getSession()). Artifact of code from struts1, that part of the code did not change when we move the action to struts2. So decided to change it and use the session map provided by struts2. Once I have added SessionAware I am not able to reproduce the session invalid exception, did not have a problem reproducing the issue before. Is this expected? Thanks, Prasanth On 05/16/2018 10:40 AM, Yasser Zamani wrote: > > On 5/16/2018 7:23 PM, Prasanth wrote: >> Exception: java.lang.IllegalStateException: UT10: Session is invalid >> r4yb7BtBx7fwmGbzMhgeyhvSFb3sAp6FhW6m-5Op >> at >> io.undertow.server.session.InMemorySessionManager$SessionImpl.getAttribute(InMemorySessionManager.java:481 >> at >> io.undertow.servlet.spec.HttpSessionImpl.getAttribute(HttpSessionImpl.java:122 >> at com.xx.xx.LoginAction.execute(LoginAction.java:76 > Could you see if "Best Practices: Cross-Context Dispatching and Session > Handling" [1] fixes your issue? However, it's about Servlets not Struts. > > Regards. > > [1] http://satworks.blogspot.com/2011/07/best-practices-cross-context.html > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
Re: Struts2 login action class seems to be reused
Martin, We have the cookie config in the application. 20 / true true Thanks, Prasanth On 05/15/2018 04:03 PM, Martin Gainty wrote: > > 8443 indicates secure connection so perhaps a misconfig with wildfly > standalone.xml (see below) > > > > > > > > https://docs.jboss.org/author/display/WFLY10/Admin+Guide#AdminGuide-SessionCookieConfiguration > Admin Guide - WildFly 10 - Project Documentation Editor > <https://docs.jboss.org/author/display/WFLY10/Admin+Guide#AdminGuide-SessionCookieConfiguration> > docs.jboss.org > Target audience. This document is a guide to the setup, administration, and > configuration of WildFly. Prerequisites. Before continuing, you should know > how to download, install and run WildFly. > > ? > > can you ping wildfly userlist ? > https://developer.jboss.org/en/wildfly > Space: WildFly |JBoss Developer <https://developer.jboss.org/en/wildfly> > developer.jboss.org > Log in to follow, share, and participate in this community. Not a member? > Join Now! > > > jaikiran is a good resource that i met on a different userlist..i would > definitely ping him > stay in touch/let me know if setting session-cookie in standalone.xml works > > M- > NB: I once contracted to the company that bought wildfly..we had to figure > configuration by ourselves > > > *From:* Prasanth Pasala <ppas...@pangburngroup.com> > *Sent:* Tuesday, May 15, 2018 11:42 AM > *To:* user@struts.apache.org > *Subject:* Re: Struts2 login action class seems to be reused > > See below the header information when the exception occurred. Strange thing > is JMeter is saying it did not send any cookie (which is want I would except > in this case as it is just requesting the login > page) > > Cookie: JSESSIONID=ZclUN41sWwTsPGRw7Cf255OHu7jnQtgt4rEZ2QDZ. > (xx - is the machine name on which wildfly is running) > Connection: keep-alive > User-Agent: Apache-HttpClient/4.5.5 (Java/1.8.0_151) > Host: dev.secure.xxx.com:8443 > Content-Length: 46 > Content-Type: application/x-www-form-urlencoded > > 10:09:09,150 ERROR > [org.apache.struts2.dispatcher.DefaultDispatcherErrorHandler] (default > task-20) Exception occurred during processing request: UT10: Session is > invalid > ZclUN41sWwTsPGRw7Cf255OHu7jnQtgt4rEZ2QDZ: java.lang.IllegalStateException: > UT10: Session is invalid ZclUN41sWwTsPGRw7Cf255OHu7jnQtgt4rEZ2QDZ > > From JMeter--- > GET https://dev.secure.pangburngroup.com:8443/participant/ > > GET data: > > > [no cookies] > > Request Headers: > Connection: keep-alive > Host: dev.secure.xxx.com:8443 > User-Agent: Apache-HttpClient/4.5.5 (Java/1.8.0_151) > -- > > Thanks, > Prasanth > > On 05/15/2018 07:44 AM, Martin Gainty wrote: > > Hi Norbert/Prasanth > > > > Struts2 login action problem has morphed to "Invalid Session State"with > > Wildfly's implementation of TC 5.5 > > > > https://en.wikipedia.org/wiki/WildFly > > <https://en.wikipedia.org/wiki/WildFly> > > > > [https://upload.wikimedia.org/wikipedia/commons/thumb/a/a3/Wildfly_logo.png/200px-Wildfly_logo.png]<https://en.wikipedia.org/wiki/WildFly > <https://upload.wikimedia.org/wikipedia/commons/thumb/a/a3/Wildfly_logo.png/200px-Wildfly_logo.png]%3Chttps://en.wikipedia.org/wiki/WildFly>> > > > > WildFly - Wikipedia<https://en.wikipedia.org/wiki/WildFly> > > en.wikipedia.org > > WildFly, formerly known as JBoss AS, or simply JBoss, is an application > > server authored by JBoss, now developed by Red Hat.WildFly is written in > > Java and implements the Java Platform, Enterprise > Edition (Java EE) specification. > > > > > > MG>as a debugging exercise I would dump HTTP Header attributes with > > > > http://livehttpheaders.mozdev.org/ <http://livehttpheaders.mozdev.org/> > > > > mozdev.org - livehttpheaders: index<http://livehttpheaders.mozdev.org/> > > livehttpheaders.mozdev.org > > Welcome to the livehttpheaders project.. The goal of this project is to > > adds information about the HTTP headers in two ways: First by adding a > > 'Headers' tab in 'View Page Info' of a web page. > > > > > > MG>then
Re: Struts2 login action class seems to be reused
(SSLInformationAssociationHandler.java:131 at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57 at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43 at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53 at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46 at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64 at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59 at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60 at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77 at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50 at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43 at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43 at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61 at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43 at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68 at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43 at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292 at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81 at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138 at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135 at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48 at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43 at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105 at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508 at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508 at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508 at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508 at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272 at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81 at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104 at io.undertow.server.Connectors.executeRootHandler(Connectors.java:326 at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:812 at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149 at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624 On 05/16/2018 12:44 AM, Yasser Zamani wrote: > > On 5/16/2018 6:59 AM, Prasanth Pasala wrote: >> We have two applications (websites) to make it easier for users we have a >> third site that acts as a common login place. Once the user enters the >> username and password it determines the right site to use and does a forward >> to that context (applications hosted in the same host). >> >> When using struts1 everything was fine. When we moved to struts2 we started >> getting crossed logins. When a user gets to login page the action would get >> populated with a username and password used by some other user. This happens >> only if a request with this information is forwarded from one context to >> another. >> >> With some help from struts mailing list it was determined that some how old >> actions are in the stack and if we remove get methods struts2 would not be >> able to pull that data and put in the current value stack. So we did it and >> when we started testing we are getting session invalid
Re: Struts2 login action class seems to be reused
We have two applications (websites) to make it easier for users we have a third site that acts as a common login place. Once the user enters the username and password it determines the right site to use and does a forward to that context (applications hosted in the same host). When using struts1 everything was fine. When we moved to struts2 we started getting crossed logins. When a user gets to login page the action would get populated with a username and password used by some other user. This happens only if a request with this information is forwarded from one context to another. With some help from struts mailing list it was determined that some how old actions are in the stack and if we remove get methods struts2 would not be able to pull that data and put in the current value stack. So we did it and when we started testing we are getting session invalid exceptions. Again this happens only if there are users logging in context1 and that request is forwarded to context2. If the login activity is done directly in context2 the issue does not arise. Thanks Prasanth On May 15, 2018 8:45:25 PM CDT, Jaikiran Pai <jai.forums2...@gmail.com> wrote: >I don't have enough context of this discussion, but looking briefly at >this, it looks like you are using Apache HTTP client (probably with >pooled connections) and it seems like a connection reuse for a >subsequent login request is sending a Cookie with the request (when it >shouldn't?). > > >If that's the case, then it looks like the Apache HTTP client's auto >Cookie management is coming into picture where it "auto attaches" the >Cookie, obtained from a previous response on that connection, to the >new >request on that reused connection. Apache HTTP client allows you to >configure this behaviour by setting a cookie policy management. I guess > >you probably want to use the "ignoreCookies" policy in your case, since > >you want to manage setting the Cookie to the requests yourself. The >Apache HTTP client documentation[1] has more information. Something >like: > > > final HttpClientBuilder httpClientBuilder = > final RequestConfig.Builder requestConfigBuilder = >RequestConfig.custom(); > ... >requestConfigBuilder.setCookieSpec(org.apache.http.client.config.CookieSpecs.IGNORE_COOKIES); > ... >httpClientBuilder.setDefaultRequestConfig(requestConfigBuilder.build()); > > >[1] For 3.x version (I couldn't find one for 4.x which you seem to be >using) https://hc.apache.org/httpclient-3.x/cookies.html > >[2] >https://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/client/config/CookieSpecs.html > > >-Jaikiran > > >On 16/05/18 2:33 AM, Martin Gainty wrote: >> >> 8443 indicates secure connection so perhaps a misconfig with >> wildfly standalone.xml (see below) >> >> >> >> >> >> >> >> >https://docs.jboss.org/author/display/WFLY10/Admin+Guide#AdminGuide-SessionCookieConfiguration > >> >> Admin Guide - WildFly 10 - Project Documentation Editor >> ><https://docs.jboss.org/author/display/WFLY10/Admin+Guide#AdminGuide-SessionCookieConfiguration> >> docs.jboss.org >> Target audience. This document is a guide to the setup, >> administration, and configuration of WildFly. Prerequisites. Before >> continuing, you should know how to download, install and run WildFly. >> >> ? >> >> can you ping wildfly userlist ? >> https://developer.jboss.org/en/wildfly >> Space: WildFly |JBoss Developer ><https://developer.jboss.org/en/wildfly> >> developer.jboss.org >> Log in to follow, share, and participate in this community. Not a >> member? Join Now! >> >> >> jaikiran is a good resource that i met on a different userlist..i >> would definitely ping him >> stay in touch/let me know if setting session-cookie in >standalone.xml >> works >> >> M- >> NB: I once contracted to the company that bought wildfly..we had to >> figure configuration by ourselves >> >> > >> *From:* Prasanth Pasala <ppas...@pangburngroup.com> >> *Sent:* Tuesday, May 15, 2018 11:42 AM >> *To:* user@struts.apache.org >> *Subject:* Re: Struts2 login action class seems to be reused >> See below the header information when the exception occurred. Strange > >> thing is JMeter is saying it did not send any cookie (which is want I > >> would except in this case as it is just requesting the login >> page) >> >> Cookie: JSESSIONID=ZclUN41sWwTsPGRw
Re: Struts2 login action class seems to be reused
See below the header information when the exception occurred. Strange thing is JMeter is saying it did not send any cookie (which is want I would except in this case as it is just requesting the login page) Cookie: JSESSIONID=ZclUN41sWwTsPGRw7Cf255OHu7jnQtgt4rEZ2QDZ. (xx - is the machine name on which wildfly is running) Connection: keep-alive User-Agent: Apache-HttpClient/4.5.5 (Java/1.8.0_151) Host: dev.secure.xxx.com:8443 Content-Length: 46 Content-Type: application/x-www-form-urlencoded 10:09:09,150 ERROR [org.apache.struts2.dispatcher.DefaultDispatcherErrorHandler] (default task-20) Exception occurred during processing request: UT10: Session is invalid ZclUN41sWwTsPGRw7Cf255OHu7jnQtgt4rEZ2QDZ: java.lang.IllegalStateException: UT10: Session is invalid ZclUN41sWwTsPGRw7Cf255OHu7jnQtgt4rEZ2QDZ From JMeter--- GET https://dev.secure.pangburngroup.com:8443/participant/ GET data: [no cookies] Request Headers: Connection: keep-alive Host: dev.secure.xxx.com:8443 User-Agent: Apache-HttpClient/4.5.5 (Java/1.8.0_151) -- Thanks, Prasanth On 05/15/2018 07:44 AM, Martin Gainty wrote: > Hi Norbert/Prasanth > > Struts2 login action problem has morphed to "Invalid Session State"with > Wildfly's implementation of TC 5.5 > > https://en.wikipedia.org/wiki/WildFly > > [https://upload.wikimedia.org/wikipedia/commons/thumb/a/a3/Wildfly_logo.png/200px-Wildfly_logo.png]<https://en.wikipedia.org/wiki/WildFly> > > WildFly - Wikipedia<https://en.wikipedia.org/wiki/WildFly> > en.wikipedia.org > WildFly, formerly known as JBoss AS, or simply JBoss, is an application > server authored by JBoss, now developed by Red Hat.WildFly is written in Java > and implements the Java Platform, Enterprise Edition (Java EE) specification. > > > MG>as a debugging exercise I would dump HTTP Header attributes with > > http://livehttpheaders.mozdev.org/ > > mozdev.org - livehttpheaders: index<http://livehttpheaders.mozdev.org/> > livehttpheaders.mozdev.org > Welcome to the livehttpheaders project.. The goal of this project is to adds > information about the HTTP headers in two ways: First by adding a 'Headers' > tab in 'View Page Info' of a web page. > > > MG>then check JSESSIONID > > MG>a fellow named "Thomas" had a similar problem with incorrect JSESSIONID > MG>and corrected with his own StandardManager findSession method > https://www.thecodingforums.com/threads/session-problem-jsessionid-cookie-comes-back-with-double-quotes.140442/ > > Yes, there is! I found it and implemented this solution: A class > extending org.apache.catalina.session.StandardManager and overriding > the method public Session findSession(String id) throws IOException - > simply removing quotation marks, if any! Seems to work fine. > Thanks for putting me on the right trail! > > MG>assuming your TC has incorrect StandardManager can you update wildfly with > a more updated version? > MG>here are versions > https://developer.jboss.org/wiki/VersionOfTomcatInJBossAS?_sscc=t > true<https://developer.jboss.org/wiki/VersionOfTomcatInJBossAS?_sscc=t> > developer.jboss.org > What version of Apache Tomcat ships with JBoss Application Server JBossAS > version Ships with Tomcat Servlet Spec JSP Spec 3.2.3 4.1.29 2.3 > > > MG>personally i wouldnt muck with TC i would suggest upgrading wildfly and > getting jboss-web container > > hth > martin > ______ > > > > > > From: Norbert Hirneisen <no...@s2you.de> > Sent: Friday, March 2, 2018 6:55 PM > To: user@struts.apache.org > Subject: Fwd: Re: Struts2 login action class seems to be reused > > Hi Prasanth, > > are you sure all your struts1 code is thread safe ? I had some similiar > problems in a struts1 application. After removing all action class > properties the problem was solved. Struts2 should be thread safe. But > your problems looks to me like a problem with thread safety. > > Best regards, > > Norbert > > science + communication & HaNo Systems > > Bonn/Ho-Chi-Minh > > > Am 02.03.2018 um 22:07 schrieb Prasanth Pasala: >> I was able to replicate the issue today. Asked few users to keep logging in >> and ran jmeter to access login page, with out putting any username or >> password. Out of the 100 attempts 2 attempts were >> successful in getting in with out username/password. I am seeing database >> login entries for these two. Which would happen only if a valid session is >> not present and user has provided username/
Re: Struts2 login action class seems to be reused
Hi Martin, Thanks for the response. We are using Wildfly 11.0.0 Final. I will try to get the HTTP header dump. Thanks, Prasanth On 05/15/2018 07:44 AM, Martin Gainty wrote: > Hi Norbert/Prasanth > > Struts2 login action problem has morphed to "Invalid Session State"with > Wildfly's implementation of TC 5.5 > > https://en.wikipedia.org/wiki/WildFly > > [https://upload.wikimedia.org/wikipedia/commons/thumb/a/a3/Wildfly_logo.png/200px-Wildfly_logo.png]<https://en.wikipedia.org/wiki/WildFly> > > WildFly - Wikipedia<https://en.wikipedia.org/wiki/WildFly> > en.wikipedia.org > WildFly, formerly known as JBoss AS, or simply JBoss, is an application > server authored by JBoss, now developed by Red Hat.WildFly is written in Java > and implements the Java Platform, Enterprise Edition (Java EE) specification. > > > MG>as a debugging exercise I would dump HTTP Header attributes with > > http://livehttpheaders.mozdev.org/ > > mozdev.org - livehttpheaders: index<http://livehttpheaders.mozdev.org/> > livehttpheaders.mozdev.org > Welcome to the livehttpheaders project.. The goal of this project is to adds > information about the HTTP headers in two ways: First by adding a 'Headers' > tab in 'View Page Info' of a web page. > > > MG>then check JSESSIONID > > MG>a fellow named "Thomas" had a similar problem with incorrect JSESSIONID > MG>and corrected with his own StandardManager findSession method > https://www.thecodingforums.com/threads/session-problem-jsessionid-cookie-comes-back-with-double-quotes.140442/ > > Yes, there is! I found it and implemented this solution: A class > extending org.apache.catalina.session.StandardManager and overriding > the method public Session findSession(String id) throws IOException - > simply removing quotation marks, if any! Seems to work fine. > Thanks for putting me on the right trail! > > MG>assuming your TC has incorrect StandardManager can you update wildfly with > a more updated version? > MG>here are versions > https://developer.jboss.org/wiki/VersionOfTomcatInJBossAS?_sscc=t > true<https://developer.jboss.org/wiki/VersionOfTomcatInJBossAS?_sscc=t> > developer.jboss.org > What version of Apache Tomcat ships with JBoss Application Server JBossAS > version Ships with Tomcat Servlet Spec JSP Spec 3.2.3 4.1.29 2.3 > > > MG>personally i wouldnt muck with TC i would suggest upgrading wildfly and > getting jboss-web container > > hth > martin > ______ > > > > > > From: Norbert Hirneisen <no...@s2you.de> > Sent: Friday, March 2, 2018 6:55 PM > To: user@struts.apache.org > Subject: Fwd: Re: Struts2 login action class seems to be reused > > Hi Prasanth, > > are you sure all your struts1 code is thread safe ? I had some similiar > problems in a struts1 application. After removing all action class > properties the problem was solved. Struts2 should be thread safe. But > your problems looks to me like a problem with thread safety. > > Best regards, > > Norbert > > science + communication & HaNo Systems > > Bonn/Ho-Chi-Minh > > > Am 02.03.2018 um 22:07 schrieb Prasanth Pasala: >> I was able to replicate the issue today. Asked few users to keep logging in >> and ran jmeter to access login page, with out putting any username or >> password. Out of the 100 attempts 2 attempts were >> successful in getting in with out username/password. I am seeing database >> login entries for these two. Which would happen only if a valid session is >> not present and user has provided username/password. >> >> Thanks, >> Prasanth >> >> On 03/01/2018 02:27 PM, Prasanth wrote: >>> Hi, >>> >>> I have an application which uses both struts1 & struts2. The login action >>> was recently moved to struts2. Immediately after the deployment we were >>> notified that one user is seeing a different user >>> information, so we had to move to older war files. I am not able to >>> replicate it. But after investigating the logs it seems like couple users >>> were logged in as soon as they requested the login page. >>> For the database entry to happen it has to verify the username and password >>> in the action class, but the fact that there is no POST entry at that time >>> from that IP in my access log makes me believe >>> that the action class some how already had that information from a prior >>> user. >>> >>> I do have a login filter to check if users are logged in when accessing >>> other pages. In this
Re: Struts2 login action class seems to be reused
A different issue is coming up now after the get methods are removed. Getting the below exception some times when you request the login page, at which point the browser doesn't have the session id yet, the session id mentioned would be a session id from a previous request (from another thread, in JMeter testing). Wonder if, some how this data (session id) is also moved by struts2 when copying data from the other LoginAction that is lingering from old requests. Thanks, Prasanth Exception: java.lang.IllegalStateException: UT10: Session is invalid JVoo5BkMlzTpOavsEe7_NjS0MzTXDlhYtlSviiGR On 04/24/2018 09:00 AM, Prasanth Pasala wrote: > I have removed the get methods from the LoginAction of /Context2 and that > seems to solve the problem. So seems like the LoginAction objects created > because of FORWARD some how are in the stack while a > LoginAction is created due to a REQUEST. Wondering if this can be replicated > without having two contexts. If there is a FORWARD within the context and the > same action can also be initiated by direct > REQUEST wonder if the same issue will crop up. > > Thanks, > Prasanth > > On 04/24/2018 01:52 AM, Yasser Zamani wrote: >> On 4/23/2018 11:50 PM, Prasanth Pasala wrote: >>> Get rid of the get methods in LoginAction, is this in /Context2 >>> (application where the issue is occurring) or /Context1 (which forwards the >>> requests to /Context2)? >>> >> That contexts who forwards request (Context1 I think) but you may do for >> all to be sure. However, I still prefer rewriting FORWARD with REDIRECT >> or POSTBACK to prevent future possible issues. >> >>> Yes exactly. The new log shows, your previous contexts actions >>> (LoginAction@7f716c46 and LoginAction@35224c2f) are also present in >>> current context because you forward same request which includes previous >>> context data, then, Struts ChainInterceptor copies data from previous to >>> current action :S . As currently Struts cannot handle forwarded requests >>> well, could you please try REDIRECT instead? sendRedirect asks user >>> browser to continue with a new request. >>> >>> Still not sure about the above comment. So the ChainInterceptor is getting >>> data from an action that occurred before and is not part of current request? >> Struts has a stack. ChainResult push current action to stack for next >> action. In next action, ChainInterceptor pops it and copies values. Now >> you have two actions in stack (I don't know how but seems it's because >> of forward same request which has previous context1 stack) and >> ChainInterceptor thinks ChainResult has pushed that and then pops and >> copies them into current action. >> >> Regards. >> >> - >> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org >> For additional commands, e-mail: user-h...@struts.apache.org >> >
Re: Request parameter value different from instance variable value
I think I might have found the reason. The page it is forwarded to have
page=ChangePassword as a query string. So I think struts is getting data from
the query string and the post data and combining
them to form the ChangePassword, ChangePassword as the value for the page
variable.
I have fixed the logic in ChangePasswordFilter to not forward if the request is
going to ChangePassword action.
Thanks,
Prasanth
On 05/08/2018 01:39 AM, Yasser Zamani wrote:
>
> On 5/7/2018 8:35 PM, Prasanth wrote:
>> When I get the value from request object (request.getParameter("page");) it
>> returns "ChangePassword".
> What does 'String[] pages = request.getParameterValues("page");' return
> (it's length and values)?
>
> Regards.
>
> -
> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
> For additional commands, e-mail: user-h...@struts.apache.org
>
Re: Request parameter value different from instance variable value
This seems to be happening only when the PasswordChangedFilter forwards the
request to this action. If the action is accessed directly it works fine.
Thanks,
Prasanth
On 05/07/2018 11:05 AM, Prasanth wrote:
> Hi,
>
> I am using struts 2.3.34 and have an form with few text fields and a hidden
> field. All the values are set correctly in the action class except for the
> hidden field value.
>
> Below is the html code in the form
> id="ChangePassword_page"/>
>
> In the action the value set to page variable is "ChangePassword,
> ChangePassword". When I get the value from request object
> (request.getParameter("page");) it returns "ChangePassword".
>
> Any idea why my action instance variable is set with a different value than
> what is in the request parameter?
>
> Below is the stack trace from the setPage function.
>
> (java.lang.StackTraceElement[])
> [java.lang.Thread.getStackTrace(Thread.java:1559)
> com.xx.webaccess.ContactInfoAction.setPage(ContactInfoAction.java:162)
> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> java.lang.reflect.Method.invoke(Method.java:498)
> ognl.OgnlRuntime.invokeMethod(OgnlRuntime.java:897)
> ognl.OgnlRuntime.callAppropriateMethod(OgnlRuntime.java:1299)
> ognl.OgnlRuntime.setMethodValue(OgnlRuntime.java:1508)
>
> ognl.ObjectPropertyAccessor.setPossibleProperty(ObjectPropertyAccessor.java:85)
> ognl.ObjectPropertyAccessor.setProperty(ObjectPropertyAccessor.java:162)
>
> com.opensymphony.xwork2.ognl.accessor.ObjectAccessor.setProperty(ObjectAccessor.java:27)
> ognl.OgnlRuntime.setProperty(OgnlRuntime.java:2437)
>
> com.opensymphony.xwork2.ognl.accessor.CompoundRootAccessor.setProperty(CompoundRootAccessor.java:81)
> ognl.OgnlRuntime.setProperty(OgnlRuntime.java:2437)
> ognl.ASTProperty.setValueBody(ASTProperty.java:127)
> ognl.SimpleNode.evaluateSetValueBody(SimpleNode.java:220)
> ognl.SimpleNode.setValue(SimpleNode.java:301)
> ognl.Ognl.setValue(Ognl.java:713)
> com.opensymphony.xwork2.ognl.OgnlUtil$1.execute(OgnlUtil.java:306)
> com.opensymphony.xwork2.ognl.OgnlUtil$1.execute(OgnlUtil.java:298)
> com.opensymphony.xwork2.ognl.OgnlUtil.compileAndExecute(OgnlUtil.java:393)
> com.opensymphony.xwork2.ognl.OgnlUtil.setValue(OgnlUtil.java:298)
>
> com.opensymphony.xwork2.ognl.OgnlValueStack.trySetValue(OgnlValueStack.java:184)
> com.opensymphony.xwork2.ognl.OgnlValueStack.setValue(OgnlValueStack.java:171)
>
> com.opensymphony.xwork2.ognl.OgnlValueStack.setParameter(OgnlValueStack.java:153)
>
> com.opensymphony.xwork2.interceptor.ParametersInterceptor.setParameters(ParametersInterceptor.java:303)
>
> com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:221)
>
> com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98)
>
> com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245)
>
> com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:229)
>
> com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98)
>
> com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245)
>
> com.opensymphony.xwork2.interceptor.StaticParametersInterceptor.intercept(StaticParametersInterceptor.java:191)
>
> com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245)
>
> org.apache.struts2.interceptor.MultiselectInterceptor.intercept(MultiselectInterceptor.java:73)
>
> com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245)
>
> org.apache.struts2.interceptor.DateTextFieldInterceptor.intercept(DateTextFieldInterceptor.java:125)
>
> com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245)
>
> org.apache.struts2.interceptor.CheckboxInterceptor.intercept(CheckboxInterceptor.java:91)
>
> com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245)
>
> org.apache.struts2.interceptor.FileUploadInterceptor.intercept(FileUploadInterceptor.java:253)
>
> com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245)
>
> com.opensymphony.xwork2.interceptor.ModelDrivenInterceptor.intercept(ModelDrivenInterceptor.java:100)
>
> com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245)
>
> com.opensymphony.xwork2.
Request parameter value different from instance variable value
quest(PredicateHandler.java:43) org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) io.undertow.servlet.handlers.ServletInitialHandl... Thanks, Prasanth
Re: Struts2 login action class seems to be reused
I have removed the get methods from the LoginAction of /Context2 and that seems to solve the problem. So seems like the LoginAction objects created because of FORWARD some how are in the stack while a LoginAction is created due to a REQUEST. Wondering if this can be replicated without having two contexts. If there is a FORWARD within the context and the same action can also be initiated by direct REQUEST wonder if the same issue will crop up. Thanks, Prasanth On 04/24/2018 01:52 AM, Yasser Zamani wrote: > > On 4/23/2018 11:50 PM, Prasanth Pasala wrote: >> Get rid of the get methods in LoginAction, is this in /Context2 (application >> where the issue is occurring) or /Context1 (which forwards the requests to >> /Context2)? >> > That contexts who forwards request (Context1 I think) but you may do for > all to be sure. However, I still prefer rewriting FORWARD with REDIRECT > or POSTBACK to prevent future possible issues. > >> Yes exactly. The new log shows, your previous contexts actions >> (LoginAction@7f716c46 and LoginAction@35224c2f) are also present in >> current context because you forward same request which includes previous >> context data, then, Struts ChainInterceptor copies data from previous to >> current action :S . As currently Struts cannot handle forwarded requests >> well, could you please try REDIRECT instead? sendRedirect asks user >> browser to continue with a new request. >> >> Still not sure about the above comment. So the ChainInterceptor is getting >> data from an action that occurred before and is not part of current request? > Struts has a stack. ChainResult push current action to stack for next > action. In next action, ChainInterceptor pops it and copies values. Now > you have two actions in stack (I don't know how but seems it's because > of forward same request which has previous context1 stack) and > ChainInterceptor thinks ChainResult has pushed that and then pops and > copies them into current action. > > Regards. > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
Re: Struts2 login action class seems to be reused
Get rid of the get methods in LoginAction, is this in /Context2 (application where the issue is occurring) or /Context1 (which forwards the requests to /Context2)? Yes exactly. The new log shows, your previous contexts actions (LoginAction@7f716c46 and LoginAction@35224c2f) are also present in current context because you forward same request which includes previous context data, then, Struts ChainInterceptor copies data from previous to current action :S . As currently Struts cannot handle forwarded requests well, could you please try REDIRECT instead? sendRedirect asks user browser to continue with a new request. Still not sure about the above comment. So the ChainInterceptor is getting data from an action that occurred before and is not part of current request? Thanks, Prasanth On 04/23/2018 01:27 PM, Yasser Zamani wrote: > > On 4/23/2018 10:12 PM, Prasanth Pasala wrote: >> The user is inputting username and password in /Context1, if I send a >> redirect they would have to enter username/password again in /Context2. >> > No, you already have them. I think you can use Struts PostbackResult [1] > in /Context1/LoginAction like below: > > /Context2/LoginAction > >> May be for LoginAction in /Context2 I can remove instance variables (so that >> struts doesn't set any values) I will directly access the request object to >> get username and password to validate. > The simpler solution is deleting getUsername and getPassword methods > from LoginAction which disables ChainInterceptor to copies them and > solves this issue! But I'm worry about other issues caused by FORWARD, > so please try replacing all of them as I mentioned above. > > [1] https://struts.apache.org/core-developers/postback-result.html > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
Re: Struts2 login action class seems to be reused
The two LoginAction classes below are from the same context (/Context2). Context1 LoginAction would have a different package name. The issue occurs when a user is requesting /Context2 directly rather than when the request is forwarded, if the request is forwarded from /Context1 it would have the username and password in the request and those seems to be working fine. The issue is when there are requests forwarded from /Context1 with username and password and later on there is a GET request to /Context2 LoginAction (no username/password in request, so should display login page). Now some how struts is using data from the old forwarded requests (sent from Context1) for a request made directly to Context2. The user is inputting username and password in /Context1, if I send a redirect they would have to enter username/password again in /Context2. May be for LoginAction in /Context2 I can remove instance variables (so that struts doesn't set any values) I will directly access the request object to get username and password to validate. Thanks, Prasanth On 04/23/2018 12:31 PM, Yasser Zamani wrote: > > On 4/23/2018 8:04 PM, Prasanth Pasala wrote: >> Found this one also but for almost all, the root size was 3. Below one was >> anomaly. >> Root Size: 4 >> Result: null >> Object: com.opensymphony.xwork2.DefaultTextProvider@4d36d73d >> Object: com.nqadmin.webaccess.LoginAction@7f716c46 >> Object: com.nqadmin.webaccess.LoginAction@35224c2f >> >> Also found that the issue doesn't come up if I am logging in only to the >> second website (/context2). The issue only comes up if there are users >> logging in via context1, whose login request is >> forwarded to context2. > Yes exactly. The new log shows, your previous contexts actions > (LoginAction@7f716c46 and LoginAction@35224c2f) are also present in > current context because you forward same request which includes previous > context data, then, Struts ChainInterceptor copies data from previous to > current action :S . As currently Struts cannot handle forwarded requests > well, could you please try REDIRECT instead? sendRedirect asks user > browser to continue with a new request. > > Regards. > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
Re: Struts2 login action class seems to be reused
Found this one also but for almost all, the root size was 3. Below one was
anomaly.
Root Size: 4
Result: null
Object: com.opensymphony.xwork2.DefaultTextProvider@4d36d73d
Object: com.nqadmin.webaccess.LoginAction@7f716c46
Object: com.nqadmin.webaccess.LoginAction@35224c2f
Also found that the issue doesn't come up if I am logging in only to the second
website (/context2). The issue only comes up if there are users logging in via
context1, whose login request is
forwarded to context2.
Since it have been a while including the details of how our setup works.
Context 2 & Context 3 are two websites and depending on user type they have to
login to one or the other. To make it easy for the user we have Context1 where
we allow users to login this site checks
the database and determines which site they need to be logging into and
forwards the login request to Context2 or Context3. We have users who would
login to the right context and some who utilize
Context1 to login.
Thanks,
Prasanth
On 04/23/2018 09:42 AM, Prasanth Pasala wrote:
> Below is the result of the new logging.
>
> Root Size: 3
> Result: null
> Object: com.opensymphony.xwork2.DefaultTextProvider@4d36d73d
> Object: com.xx.webaccess.LoginAction@40c80ce8
>
> Thanks,
> Prasanth
>
> On 04/21/2018 05:09 AM, Yasser Zamani wrote:
>> On 4/19/2018 4:39 PM, Prasanth Pasala wrote:
>>> There is a index.jsp which is defined as default page in web.xml it just
>>> forwards the request to Login.action. There is no chaining of actions in
>>> struts itself. We do have a LoginFilter which verifies
>>> if a user is logged in.
>>>
>> So maybe there is a bug with chain interceptor! Could you please use
>> following code in your action setUsername method (save it's log in a
>> private string field in your action). Then print it when your action
>> data are not consistent with request params.
>>
>> String log = "";
>> ActionInvocation invocation= ActionContext.getActionInvocation();
>> ValueStack stack = invocation.getStack();
>> CompoundRoot root = stack.getRoot();
>> log += "Root Size: " + root.size();
>> Result result = invocation.getResult();
>> log += "\r\nResult: " + result;
>> List list = new ArrayList(root);
>> list.remove(0);
>> Collections.reverse(list);
>> for (Object object : list) {
>> log += "\r\nObject: " + object;
>> }
>> this.log = log; //saves for possible future use
>>
>> Thanks!
>>
>> -
>> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
>> For additional commands, e-mail: user-h...@struts.apache.org
>>
-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org
Re: Struts2 login action class seems to be reused
Below is the result of the new logging.
Root Size: 3
Result: null
Object: com.opensymphony.xwork2.DefaultTextProvider@4d36d73d
Object: com.xx.webaccess.LoginAction@40c80ce8
Thanks,
Prasanth
On 04/21/2018 05:09 AM, Yasser Zamani wrote:
>
> On 4/19/2018 4:39 PM, Prasanth Pasala wrote:
>> There is a index.jsp which is defined as default page in web.xml it just
>> forwards the request to Login.action. There is no chaining of actions in
>> struts itself. We do have a LoginFilter which verifies
>> if a user is logged in.
>>
> So maybe there is a bug with chain interceptor! Could you please use
> following code in your action setUsername method (save it's log in a
> private string field in your action). Then print it when your action
> data are not consistent with request params.
>
> String log = "";
> ActionInvocation invocation= ActionContext.getActionInvocation();
> ValueStack stack = invocation.getStack();
> CompoundRoot root = stack.getRoot();
> log += "Root Size: " + root.size();
> Result result = invocation.getResult();
> log += "\r\nResult: " + result;
> List list = new ArrayList(root);
> list.remove(0);
> Collections.reverse(list);
> for (Object object : list) {
> log += "\r\nObject: " + object;
> }
> this.log = log; //saves for possible future use
>
> Thanks!
>
> -
> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
> For additional commands, e-mail: user-h...@struts.apache.org
>
-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org
Re: Struts2 login action class seems to be reused
There is a index.jsp which is defined as default page in web.xml it just forwards the request to Login.action. There is no chaining of actions in struts itself. We do have a LoginFilter which verifies if a user is logged in. Thanks, Prasanth On 04/19/2018 03:26 AM, Yasser Zamani wrote: > > On 4/19/2018 7:21 AM, Prasanth Pasala wrote: >> >> com.opensymphony.xwork2.interceptor.ChainingInterceptor.copyStack(ChainingInterceptor.java:153) >> >> com.opensymphony.xwork2.interceptor.ChainingInterceptor.intercept(ChainingInterceptor.java:143) > Thanks! These lines show Struts doesn't set username from a request > parameter, but it seems that you have a chain result to login action > which sets username from it's previous action's getUsername! Could you > verify these via reviewing your struts.xml finding an action that has a > chain result to login action? > > Thanks in advance! > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
Re: Struts2 login action class seems to be reused
(index_jsp.java:107) org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) javax.servlet.http.HttpServlet.service(HttpServlet.java:790) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:433) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:403) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:347) javax.servlet.http.HttpServlet.service(HttpServlet.java:790) io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) io.undertow.jsp.JspFileHandler.handleRequest(JspFileHandler.java:32) io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53) io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59) io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1508) io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) io.undertow.server.Connectors.executeRootHandler(Connectors.java:326) io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:812) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) java.lang.Thread.run(Thread.java:748) Thanks, Prasanth On 04/17/2018 10:28 AM, Yasser Zamani wrote: > > On 4/16/2018 7:19 PM, Pr
Re: Struts2 login action class seems to be reused
Finally we redeployed the code with an added check to make sure the instance variables populated by struts match the request parameters. With in few hours of deployments we got emails indicating that the values populated into the instance variables don't match those in request parameters. Below you can see the difference between the instance variable and the values in the request object. The code is also updated to store the hash code of Login action for each login, so that we can see if the object is reused. Surprisingly the hash code doesn't match with any of the hash codes stored for successful logins. When the emails are triggered there is only a GET request for the Login action (which should display the login page, on the user enters the username & password it is submitted via POST). So I am wondering where did these values come from into the instance variables? - Struts data doesn't match that in request object. Struts Data: Username: jsmith Action: Login Request Data: Username: null Action: null Object Hash: 1573857416 - Thanks, Prasanth On 03/16/2018 02:30 PM, Prasanth Pasala wrote: > There is only one reference to Util.authenticate in the project and that is > in LoginAction. > > On 03/16/2018 02:13 PM, Yasser Zamani wrote: >> And you confirm that those log record insertions are only possible via >> LoginAction.execute method? Right? Or util.authenticate are called elsewhere >> also? >> On Mar 16, 2018, at 9:45PM, Prasanth Pasala >> <ppas...@pangburngroup.com<mailto:ppas...@pangburngroup.com>> wrote: >> >> We have a pretty standard struts.xml just declaration of action and the >> class along with the results (tiles results). Nothing other than that. >> >> On 03/16/2018 11:55 AM, Yasser Zamani wrote: >> >> On 3/16/2018 1:49 AM, Prasanth Pasala wrote: >> We do have login time, using that and the IP to correlate that with the >> access logs. Not all login entries have corresponding POST entries in access >> log, so those would be our problems occurrences. >> They actual correspond to a GET entry from a user. >> >> IP of the GET request of User1 matches with the login record in the >> database (login would be for User2 id and IP from User1 GET). So it looks as >> if the same user logged in from two different IPs >> around the same time, which shouldn't be the case. >> I'm almost sure Struts always asks object factory to create the action >> on each request. This is belong to object factory if create a new one >> object of that action, or no, reuse a previous one object of an action. >> So have you set any specific object factory via struts.xml? >> >> >> >> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org >> For additional commands, e-mail: user-h...@struts.apache.org >> >> >
Re: Struts2 login action class seems to be reused
There is only one reference to Util.authenticate in the project and that is in LoginAction. On 03/16/2018 02:13 PM, Yasser Zamani wrote: > And you confirm that those log record insertions are only possible via > LoginAction.execute method? Right? Or util.authenticate are called elsewhere > also? > On Mar 16, 2018, at 9:45PM, Prasanth Pasala > <ppas...@pangburngroup.com<mailto:ppas...@pangburngroup.com>> wrote: > > We have a pretty standard struts.xml just declaration of action and the class > along with the results (tiles results). Nothing other than that. > > On 03/16/2018 11:55 AM, Yasser Zamani wrote: > > On 3/16/2018 1:49 AM, Prasanth Pasala wrote: > We do have login time, using that and the IP to correlate that with the > access logs. Not all login entries have corresponding POST entries in access > log, so those would be our problems occurrences. > They actual correspond to a GET entry from a user. > > IP of the GET request of User1 matches with the login record in the database > (login would be for User2 id and IP from User1 GET). So it looks as if the > same user logged in from two different IPs > around the same time, which shouldn't be the case. > I'm almost sure Struts always asks object factory to create the action > on each request. This is belong to object factory if create a new one > object of that action, or no, reuse a previous one object of an action. > So have you set any specific object factory via struts.xml? > > > > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org > >
Re: Struts2 login action class seems to be reused
We have a pretty standard struts.xml just declaration of action and the class along with the results (tiles results). Nothing other than that. On 03/16/2018 11:55 AM, Yasser Zamani wrote: > > On 3/16/2018 1:49 AM, Prasanth Pasala wrote: >> We do have login time, using that and the IP to correlate that with the >> access logs. Not all login entries have corresponding POST entries in access >> log, so those would be our problems occurrences. >> They actual correspond to a GET entry from a user. >> >> IP of the GET request of User1 matches with the login record in the database >> (login would be for User2 id and IP from User1 GET). So it looks as if the >> same user logged in from two different IPs >> around the same time, which shouldn't be the case. > I'm almost sure Struts always asks object factory to create the action > on each request. This is belong to object factory if create a new one > object of that action, or no, reuse a previous one object of an action. > So have you set any specific object factory via struts.xml? > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
Re: Struts2 login action class seems to be reused
We do have login time, using that and the IP to correlate that with the access logs. Not all login entries have corresponding POST entries in access log, so those would be our problems occurrences. They actual correspond to a GET entry from a user. IP of the GET request of User1 matches with the login record in the database (login would be for User2 id and IP from User1 GET). So it looks as if the same user logged in from two different IPs around the same time, which shouldn't be the case. Thanks, Prasanth On 03/15/2018 10:28 AM, Yasser Zamani wrote: > > On 3/15/2018 5:21 PM, Prasanth Pasala wrote: >> User2 would have logged in some time before that, some times with in a >> minute before that. I haven't seen any requests from User2 exactly at the >> time of GET request from User1. > It's strange :) > > Are login log records have same field values for both User1 and User2? > Do you also have login time in there? If so, are they same and are they > consistent with access log times? Are their IP same (while they > shouldn't, right?)? Is the IP of the GET request of User1 (that is > logged in access log by container) same as the IP field value of your > login log records? > > Thanks! > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
Re: Struts2 login action class seems to be reused
User2 would have logged in some time before that, some times with in a minute before that. I haven't seen any requests from User2 exactly at the time of GET request from User1. Thanks, Prasanth On 03/15/2018 04:45 AM, Yasser Zamani wrote: > > On 3/14/2018 5:43 PM, Prasanth Pasala wrote: >> We had a user report it soon after the deployment. After that we started >> looking into the specific user who reported (User1) and the user (whose >> information was seen by the reporting user) say User2. >> We realized there are login entries from same IP for both of these users. > As you get IP address from request (rather than Struts action), then it > seems that request (which contains username/password and that same IP > address) is being reused. > >> In the access log of the server there was a POST request for User1 but at >> the time of login entry for User2 there was only a >> GET request. In the time line GET request is first, User1 sees User2's >> information logs out and then login again with their credentials. > At that time when there is a GET request for User1 and this issue > happens, what are logs for User2 at same time? > > Thanks in advance! > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
Re: Struts2 login action class seems to be reused
We had a user report it soon after the deployment. After that we started looking into the specific user who reported (User1) and the user (whose information was seen by the reporting user) say User2. We realized there are login entries from same IP for both of these users. In the access log of the server there was a POST request for User1 but at the time of login entry for User2 there was only a GET request. In the time line GET request is first, User1 sees User2's information logs out and then login again with their credentials. Thanks, Prasanth On 03/13/2018 11:41 PM, Yasser Zamani wrote: > > On 3/10/2018 1:22 AM, Prasanth Pasala wrote: >> Ran tests with 1000 users logging in in 60sec while simultaneously 1000 >> users just requesting login page in 60 sec to see if any of them would get >> in with out username/password. No luck. System seems >> to be working properly. Also tried increasing it to 2000 it still worked as >> it should with out the issue coming up. >> >> Would hot deployments cause any issue? > Without reproducing it, it's hard to say why this issue happens rarely > :( How did you discover it firstly? Was incorrectly loged in user able > to continue to other pages also as an authenticated user? > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
Re: Struts2 login action class seems to be reused
Ran tests with 1000 users logging in in 60sec while simultaneously 1000 users just requesting login page in 60 sec to see if any of them would get in with out username/password. No luck. System seems to be working properly. Also tried increasing it to 2000 it still worked as it should with out the issue coming up. Would hot deployments cause any issue? Thanks, Prasanth On 03/08/2018 11:53 AM, Yasser Zamani wrote: > > On 3/8/2018 6:42 PM, Prasanth Pasala wrote: >> Wish I was able to consistently reproduce it. I have two thread groups in >> JMeter one thread group requests login page then logs in. Another thread >> group just requests login page. I have tried this >> with 100 users, 250 users in each thread group. I have varied the ramp up >> times from 60sec to 300sec. > I think this is not heavy enough to force race condition on your web > server. Use only ones user which logs in and logs out in a loop. Then, > in another side, Increase users (threads) and decrease the ramp up time > as more as your system does not hang. I remember I was able to ramp up > 300 users (threads) in 15 seconds at my system. > > Regards. > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
Re: Struts2 login action class seems to be reused
Wish I was able to consistently reproduce it. I have two thread groups in JMeter one thread group requests login page then logs in. Another thread group just requests login page. I have tried this with 100 users, 250 users in each thread group. I have varied the ramp up times from 60sec to 300sec. I have been trying this for the last 10 days. I was successful in reproducing it only during one run, which had 100 users and two of the requests for login page (no username/password) made login entries and got home page. I will keep trying. If I can't reproduce it more often, one solution I am thinking of is comparing the username/password in the action class with the values in the request object itself. If they are different I can send an email with the information and not login the user. Thanks, Prasanth On 03/08/2018 03:13 AM, Yasser Zamani wrote: > > On 3/7/2018 11:23 PM, Prasanth Pasala wrote: >> If it is a session crossover we would display another user information >> without making a login entry. In the cases where we had issue the code >> recognized that there is no active session and went to the >> authentication part, authenticated the user and made a database entry for >> successful login. The authentication is based on the form variables >> populated by struts into the action class. > Ahaa... so, currently the only thing I can imagine is maybe this issue > raises up when you have two simultaneous requests: one with > username/password parameters, the other without (and both without any > active session). Could you please verify this with a lot of such pair > simultaneous requests using JMeter? i.e. create two simultaneous > requests, one of them contains username/password, the other one does > not. Add an assertion to the other one which checks if issue occurs. > Then tell JMeter to run this pair a lot of times, concurrently. > > I hope you'll be able to reproduce the issue which is the half of the > resolution :) > > Regards. > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
Re: Struts2 login action class seems to be reused
Thanks for looking into this Yasser. In the current setup we have, we don't have a cluster, it is the only server handling all requests. If it is a session crossover we would display another user information without making a login entry. In the cases where we had issue the code recognized that there is no active session and went to the authentication part, authenticated the user and made a database entry for successful login. The authentication is based on the form variables populated by struts into the action class. Thanks, Prasanth On 03/07/2018 01:22 PM, Yasser Zamani wrote: > > On 3/7/2018 7:34 PM, Prasanth wrote: >> I can't say that 2 percent of users were able to get in without >> username/password. As I have ran the JMeter tests a lot of times (each run >> with 100 users). Only during one of those runs of JMeter I >> had 2 requests get users home page when Login.action was requested (with out >> username/password). >> >> Below is the Login.action code. Removed the code that fetches the data for >> home page. > Thanks! I see you use session also. > > Looks like a bug with Undertow web server [1]. I'm not familiar with it > so you may open an issue there and copy paste this thread there. They > may have some idea as it seems they have similar issues with session > which I linked below. > > Good luck. > > [1] > https://issues.jboss.org/browse/JBEAP-6683?focusedCommentId=13340535=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-13340535 > > - > To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > For additional commands, e-mail: user-h...@struts.apache.org >
Re: Struts2 login action class seems to be reused
/context1 is used just for directing users to the right application (or
context). Session is really maintained by /context2. Users can login directly
in /context2 or they can input username and
password in /context1 and they will be forwarded to the right context on of
which is /context2. So the login information could come to
/context2/Login.action via a direct POST to this action or via a
forwarded request from /context1.
The testing I have done is completely on /context2. Have some users login at
/context2/Login.action while JMeter tries to access /context2/Login.action and
another action /context2/PlanList.action
(requests to any action other than Login.action will get forwarded to
Login.action if the user is not yet logged in). So a direct request to
/context/PlanList.action will end up at /context2/Login.action.
I can't say that 2 percent of users were able to get in without
username/password. As I have ran the JMeter tests a lot of times (each run with
100 users). Only during one of those runs of JMeter I
had 2 requests get users home page when Login.action was requested (with out
username/password).
Below is the Login.action code. Removed the code that fetches the data for home
page.
Thanks,
Prasanth
public class LoginAction implements ServletRequestAware{
Logger log = Logger.getLogger(this.getClass());
private HttpServletRequest request;
private String message = "";
private String username = "";
private String password = "";
private String action = "";
public String execute() throws Exception {
String result = null;
boolean displaySuccessPage = false;
// SEE IF THE USER SESSION IS ALREADY THERE, IN WHICH CASE NO NEED TO
DISPLAY LOGIN PAGE
// MOVE TO SUCCESS PAGE
Long censusID = null;
HttpSession session = request.getSession(false);
if(session != null) {
if(session.getAttribute("username") != null &&
session.getAttribute("CensusID") != null) {
// GET THE CENSUS ID AND DISPLAY SUCCESS PAGE
censusID = (Long) session.getAttribute("CensusID");
if(censusID != null & censusID > 0) {
// JUST MADE SURE THAT WE HAVE A VALID CENSUS ID
displaySuccessPage = true;
}
}
}
// IF ACTION IS LOGOUT THEN LOGOUT THE USER
// OR IF THE USER DECLINES DISCLAIMER
if( ("Logout".equals(action) || "Decline".equals(action)) ||
(request.getParameter("Submit") != null &&
request.getParameter("Submit").trim().equals("Logout"))){
// INVALIDATE THE SESSION
request.getSession().invalidate();
message = "You have been successfully logged out";
username = "";
password = "";
displaySuccessPage = false;
result = "secure";
}
// IF THE PARTICIPANT HAS ACCEPTED THE DISCLAIMER UPDATE THE DATABASE
else if("Accept".equals(action)) {
censusID = (Long) request.getSession().getAttribute("_CensusID");
if(censusID != null) {
Utils.updateDisclaimerCode(censusID);
// SET THE USERNAME & CENSUSID. REMOVE THE TEMPORARY VARIABLES
request.getSession().setAttribute("username",
request.getSession().getAttribute("_username"));
request.getSession().setAttribute("CensusID",
request.getSession().getAttribute("_CensusID"));
request.getSession().removeAttribute("_username");
request.getSession().removeAttribute("_CensusID");
request.getSession().setAttribute("dispContactInfo",
Plans.getDisplayContactInfoCode(censusID));
displaySuccessPage = true;
}
}
// IF USER IS NOT ALREADY AUTHENTICATED
else if(!displaySuccessPage){
// IF USERNAME IS NOT PROVIDED DISPLAY LOGIN PAGE
if(username.equals("")){
request.getSession().setAttribute("maintenanceMessage",
Utils.getMaintenanceMessage()[0]);
request.getSession().setAttribute("suppressLogin",
Boolean.parseBoolean(Utils.getMaintenanceMessage()[1]));
result = "login";
}
else{
// USER NAME SPECIFIED SO TRY TO AUTHENTICATE
//GET THE IPADDRESS OF THE CLIENT
String remoteHost = request.getHeader("X-FORWARDED-FOR");
if(remoteHost == null || "".equals(remoteHost.trim())
Re: Struts2 login action class seems to be reused
I am not defining any default action.
I would get the below exception if I set the ActionMapping to null. For some
reason the object doesn't go away, if I set it to null. After setting it to
null using
request.setAttribute("struts.actionMapping", null); I can get it using
getAttribute. The object remains even if I do removeAttribute.
11:57:27,509 ERROR [stderr] (default task-32) Caused by:
java.lang.ClassCastException:
org.apache.struts2.dispatcher.mapper.ActionMapping cannot be cast to
org.apache.struts2.dispatcher.mapper.ActionMapping
11:57:27,509 ERROR [stderr] (default task-32) at
org.apache.struts2.dispatcher.ng.PrepareOperations.findActionMapping(PrepareOperations.java:163)
11:57:27,509 ERROR [stderr] (default task-32) at
org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:92)
11:57:27,509 ERROR [stderr] (default task-32) at
io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
11:57:27,509 ERROR [stderr] (default task-32) at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
11:57:27,509 ERROR [stderr] (default task-32) at
com.x.xx.LoginFilter.doFilter(LoginFilter.java:52)
11:57:27,509 ERROR [stderr] (default task-32) at
io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
11:57:27,510 ERROR [stderr] (default task-32) at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
11:57:27,510 ERROR [stderr] (default task-32) at
io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
11:57:27,510 ERROR [stderr] (default task-32) at
io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
11:57:27,510 ERROR [stderr] (default task-32) at
io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
11:57:27,510 ERROR [stderr] (default task-32) at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
11:57:27,510 ERROR [stderr] (default task-32) at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
11:57:27,510 ERROR [stderr] (default task-32) at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
11:57:27,510 ERROR [stderr] (default task-32) at
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:274)
11:57:27,510 ERROR [stderr] (default task-32) at
io.undertow.servlet.handlers.ServletInitialHandler.dispatchToPath(ServletInitialHandler.java:209)
11:57:27,510 ERROR [stderr] (default task-32) at
io.undertow.servlet.spec.RequestDispatcherImpl.forwardImpl(RequestDispatcherImpl.java:221)
11:57:27,510 ERROR [stderr] (default task-32) ... 128 more
Below is what I see by displaying the
request.getAttribute("struts.actionMapping") after removeAttribute or after
setting it to null.
ActionMapping{name='Login', namespace='/', method='null', extension='action',
params={}, result=null}
In StrutsPrepareAndExecuteFilter below is the line that gets the action
mapping, since the forceLookup is set to true the PrepareOperations class might
be creating it again.
ActionMapping mapping = prepare.findActionMapping(request, response, true);
---PrepareOperations---
public ActionMapping findActionMapping(HttpServletRequest request,
HttpServletResponse response, boolean forceLookup) {
ActionMapping mapping = (ActionMapping)
request.getAttribute(STRUTS_ACTION_MAPPING_KEY);
if (mapping == null || forceLookup) {
try {
mapping =
dispatcher.getContainer().getInstance(ActionMapper.class).getMapping(request,
dispatcher.getConfigurationManager());
if (mapping != null) {
request.setAttribute(STRUTS_ACTION_MAPPING_KEY, mapping);
}
} catch (Exception ex) {
if (dispatcher.isHandleException() || dispatcher.isDevMode()) {
dispatcher.sendError(request, response,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, ex);
}
}
}
return mapping;
}
--
Thanks,
Prasanth
On 03/05/2018 11:49 AM, Yasser Zamani wrote:
>
> On 3/5/2018 7:48 PM, Prasanth wrote:
>> But the Login filter had the below lines to make sure forwarded requests
>> from /context1
>> would work.
>>
>> request.setAttribute("struts.actionMapping", new ActionMapping());
> Please let me discuss this line first of all. I'm still surprised how
> context2 app works with this line! I expect you always get
> ConfigurationException or get the result of the default action. Have you
> set this filter
Re: Struts2 login action class seems to be reused
I am not using Spring. Using Struts1, Struts 2 (2.3.34), tiles 2.0.4
On 03/05/2018 11:57 AM, Adam Brin wrote:
> What are the annotations on the class? Is it possible that you're using
> Spring, and not declaring "prototype" scope. eg:
>
> @Scope("prototype")
>
> On Mon, Mar 5, 2018 at 10:49 AM, Yasser Zamani <yasserzam...@apache.org>
> wrote:
>
>>
>> On 3/5/2018 7:48 PM, Prasanth wrote:
>>> But the Login filter had the below lines to make sure forwarded requests
>> from /context1
>>> would work.
>>>
>>> request.setAttribute("struts.actionMapping", new ActionMapping());
>> Please let me discuss this line first of all. I'm still surprised how
>> context2 app works with this line! I expect you always get
>> ConfigurationException or get the result of the default action. Have you
>> set this filter pattern to being applied only on /Login.action? If so,
>> still you should get ConfigurationException or get the result of the
>> default action (is /Login.action default?). Or maybe you have put these
>> two lines in an if statement like if(request has these attributes){...}?
>> If not, then do this please; an if statement for each line.
>>
>> Could you please try `request.setAttribute("struts.actionMapping",
>> null)`? then post back the exception if any (I don't expect any). You
>> should set to null or remove the attribute. Any other code is wrong.
>>
>> Regards.
>>
>>
>
Re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
The filter is just for struts2. Struts1 is handled by servlet mapping. action *.do On 03/05/2018 11:52 PM, Lukasz Lenart wrote: > 2018-03-05 16:19 GMT+01:00 Prasanth Pasala <ppas...@pangburngroup.com>: >> Yeah, my url pattern is *.action as I do have some struts1 actions. > Does it mean you use the same filter to handle Struts 1 and Strut 2? > > > Regards
Re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
Yeah, my url pattern is *.action as I do have some struts1 actions.
struts2
*.action
REQUEST
FORWARD
On 03/05/2018 12:27 AM, Lukasz Lenart wrote:
> 2018-03-02 17:33 GMT+01:00 Prasanth <dbad...@pangburngroup.com>:
>> https://issues.apache.org/jira/projects/WW/issues/WW-4904
>>
>> Forwarded using request dispatcher.
>>
>> ServletContext sContext = context.getContext("/context2");
>> RequestDispatcher rd = sContext.getRequestDispatcher(resource);
>> rd.forward(request, response);
> Did you add FORWARD as below when configuring the Struts filter?
>
>
> struts
> /*
> REQUEST
> FORWARD
>
>
>
> Regards
Re: Struts2 login action class seems to be reused
Yes, login page is accessible always. Direct jsp access is not allowed, it has
to go through the actions. When a user requests /Login.action login jsp page is
displayed. When the user submits username
and password (Post to Login.action) the user is authenticated and home page is
displayed by Login.action. Since the same action handles both displaying login
page and validating, if the values are
already present (username, password, value of the button clicked) the action
will authenticate the user and display home page as it does this it will make a
database entry saying xyz user has logged in.
Actual Setup:
Application 1: /context1 --- User can login here and they will be forwarded
to context2. This application uses struts 2.5.14
Application 2: /context2 --- User can login directly in /context 2 (in which
case no forwarding). This application uses struts 2.3.34 for login and other
actions. There are few actions in struts1 also.
For replicating the issue I was directly accessing /context2/Login.action. So
/context1 was not used in testing. But the Login filter had the below lines to
make sure forwarded requests from /context1
would work.
request.setAttribute("struts.actionMapping", new ActionMapping());
request.setAttribute("struts.valueStack", null);
The request object type is io.undertow.servlet.spec.HttpServletRequestImpl
Thanks,
Prasanth
On 03/03/2018 04:14 AM, Yasser Zamani wrote:
> On 3/3/2018 12:37 AM, Prasanth Pasala wrote:
>> I was able to replicate the issue today. Asked few users to keep logging in
>> and ran jmeter to access login page, with out putting any username or
>> password. Out of the 100 attempts 2 attempts were
>> successful in getting in with out username/password. I am seeing database
>> login entries for these two. Which would happen only if a valid session is
>> not present and user has provided username/password.
> Shouldn't login page being accessible always? How do you try access
> login page, calling directly to jsp? Or action? How do you authenticate
> that access try, via session values? Via request parameters and querying
> database?
>
>> Not sure if the behavior is a side effect of having the below lines.
>>
>> request.setAttribute("struts.actionMapping", new
>> ActionMapping());
>> request.setAttribute("struts.valueStack", null);
> Not these lines but I guess you may also remove more things from
> forwarded request (e.g. session). Could you please print
> request.toString before these lines to see what type is it? Could you
> serialize request to a xml to see all values stored in that request?
> Anyway, like you, I also think this issue is because of forwarding the
> request from Struts1 to Struts2.
>
> Regards.
>
>
> -
> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
> For additional commands, e-mail: user-h...@struts.apache.org
>
Re: Fwd: Re: Struts2 login action class seems to be reused
Hi Norbert,
Struts1 actions are thread safe (no instance variables). The login
action has been moved to Struts2 with instance variables for username,
password and the issue is coming up with this new struts2 action. Which
is used for both displaying login page and also taking username/password
when the form is submitted.
Thanks,
Prasanth
On 3/2/2018 5:55 PM, Norbert Hirneisen wrote:
Hi Prasanth,
are you sure all your struts1 code is thread safe ? I had some similiar
problems in a struts1 application. After removing all action class
properties the problem was solved. Struts2 should be thread safe. But
your problems looks to me like a problem with thread safety.
Best regards,
Norbert
science + communication & HaNo Systems
Bonn/Ho-Chi-Minh
Am 02.03.2018 um 22:07 schrieb Prasanth Pasala:
I was able to replicate the issue today. Asked few users to keep
logging in and ran jmeter to access login page, with out putting any
username or password. Out of the 100 attempts 2 attempts were
successful in getting in with out username/password. I am seeing
database login entries for these two. Which would happen only if a
valid session is not present and user has provided username/password.
Thanks,
Prasanth
On 03/01/2018 02:27 PM, Prasanth wrote:
Hi,
I have an application which uses both struts1 & struts2. The login
action was recently moved to struts2. Immediately after the
deployment we were notified that one user is seeing a different user
information, so we had to move to older war files. I am not able to
replicate it. But after investigating the logs it seems like couple
users were logged in as soon as they requested the login page.
For the database entry to happen it has to verify the username and
password in the action class, but the fact that there is no POST
entry at that time from that IP in my access log makes me believe
that the action class some how already had that information from a
prior user.
I do have a login filter to check if users are logged in when
accessing other pages. In this filter I have the below two lines, we
had to do this as we will have requests forwarded from one
application to another and when that happens we are getting class
cast exception for ActionMapping class and valueStack. Not sure if
the behavior is a side effect of having the below lines.
request.setAttribute("struts.actionMapping", new
ActionMapping());
request.setAttribute("struts.valueStack", null);
We are using Struts 2.3.34 and Wildfly.
Appreciate any insights you might have.
Thanks,
Prasanth
-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org
-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org
Re: Struts2 login action class seems to be reused
I was able to replicate the issue today. Asked few users to keep logging in and
ran jmeter to access login page, with out putting any username or password. Out
of the 100 attempts 2 attempts were
successful in getting in with out username/password. I am seeing database login
entries for these two. Which would happen only if a valid session is not
present and user has provided username/password.
Thanks,
Prasanth
On 03/01/2018 02:27 PM, Prasanth wrote:
> Hi,
>
> I have an application which uses both struts1 & struts2. The login action was
> recently moved to struts2. Immediately after the deployment we were notified
> that one user is seeing a different user
> information, so we had to move to older war files. I am not able to replicate
> it. But after investigating the logs it seems like couple users were logged
> in as soon as they requested the login page.
> For the database entry to happen it has to verify the username and password
> in the action class, but the fact that there is no POST entry at that time
> from that IP in my access log makes me believe
> that the action class some how already had that information from a prior user.
>
> I do have a login filter to check if users are logged in when accessing other
> pages. In this filter I have the below two lines, we had to do this as we
> will have requests forwarded from one
> application to another and when that happens we are getting class cast
> exception for ActionMapping class and valueStack. Not sure if the behavior is
> a side effect of having the below lines.
>
> request.setAttribute("struts.actionMapping", new
> ActionMapping());
> request.setAttribute("struts.valueStack", null);
>
> We are using Struts 2.3.34 and Wildfly.
>
> Appreciate any insights you might have.
>
> Thanks,
> Prasanth
>
>
Re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
https://issues.apache.org/jira/projects/WW/issues/WW-4904
Forwarded using request dispatcher.
ServletContext sContext = context.getContext("/context2");
RequestDispatcher rd = sContext.getRequestDispatcher(resource);
rd.forward(request, response);
Thanks,
Prasanth
On 03/02/2018 09:31 AM, Lukasz Lenart wrote:
> 2018-03-02 15:16 GMT+01:00 Prasanth <dbad...@pangburngroup.com>:
>> There are two applications on different contexts. Each have their own struts
>> jars. The exception happens when a request to one context is forwarded to
>> another context.
> What do you mean by "forwarded"?
>
>
> Regards
Re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
There are two applications on different contexts. Each have their own struts jars. The exception happens when a request to one context is forwarded to another context. Thanks, Prasanth On 03/02/2018 01:13 AM, Lukasz Lenart wrote: > 2018-03-01 20:20 GMT+01:00 Prasanth <dbad...@pangburngroup.com>: >> 13:17:52,070 ERROR [stderr] (default task-59) Caused by: >> java.lang.ClassCastException: com.opensymphony.xwork2.ognl.OgnlValueStack >> cannot be cast to com.opensymphony.xwork2.util.ValueStack > You have two the same JARs on a class path but in different versions > (probably xwork-core-*.jar) or JARs were loaded by different > classloaders which means some framework's JARs were included inside > Wildfly > > > Regards
Struts2 login action class seems to be reused
Hi,
I have an application which uses both struts1 & struts2. The login action was
recently moved to struts2. Immediately after the deployment we were notified
that one user is seeing a different user
information, so we had to move to older war files. I am not able to replicate
it. But after investigating the logs it seems like couple users were logged in
as soon as they requested the login page.
For the database entry to happen it has to verify the username and password in
the action class, but the fact that there is no POST entry at that time from
that IP in my access log makes me believe
that the action class some how already had that information from a prior user.
I do have a login filter to check if users are logged in when accessing other
pages. In this filter I have the below two lines, we had to do this as we will
have requests forwarded from one
application to another and when that happens we are getting class cast
exception for ActionMapping class and valueStack. Not sure if the behavior is a
side effect of having the below lines.
request.setAttribute("struts.actionMapping", new ActionMapping());
request.setAttribute("struts.valueStack", null);
We are using Struts 2.3.34 and Wildfly.
Appreciate any insights you might have.
Thanks,
Prasanth
Re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
Below is the exception you would get if the valueStack is not set to null.
Thanks,
Prasanth
13:17:52,070 ERROR [stderr] (default task-59) Caused by:
java.lang.ClassCastException: com.opensymphony.xwork2.ognl.OgnlValueStack
cannot be cast to com.opensymphony.xwork2.util.ValueStack
13:17:52,070 ERROR [stderr] (default task-59) at
org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:546)
13:17:52,070 ERROR [stderr] (default task-59) at
org.apache.struts2.dispatcher.ng.ExecuteOperations.executeAction(ExecuteOperations.java:81)
13:17:52,070 ERROR [stderr] (default task-59) at
org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:99)
13:17:52,070 ERROR [stderr] (default task-59) at
io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
13:17:52,071 ERROR [stderr] (default task-59) at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
13:17:52,071 ERROR [stderr] (default task-59) at
com.xxx.xx.LoginFilter.doFilter(LoginFilter.java:46)
13:17:52,071 ERROR [stderr] (default task-59) at
io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
13:17:52,071 ERROR [stderr] (default task-59) at
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
13:17:52,071 ERROR [stderr] (default task-59) at
io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
13:17:52,071 ERROR [stderr] (default task-59) at
io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
13:17:52,071 ERROR [stderr] (default task-59) at
io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
13:17:52,071 ERROR [stderr] (default task-59) at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
13:17:52,071 ERROR [stderr] (default task-59) at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
13:17:52,071 ERROR [stderr] (default task-59) at
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
13:17:52,071 ERROR [stderr] (default task-59) at
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:274)
13:17:52,071 ERROR [stderr] (default task-59) at
io.undertow.servlet.handlers.ServletInitialHandler.dispatchToPath(ServletInitialHandler.java:209)
13:17:52,071 ERROR [stderr] (default task-59) at
io.undertow.servlet.spec.RequestDispatcherImpl.forwardImpl(RequestDispatcherImpl.java:221)
13:17:52,071 ERROR [stderr] (default task-59) ... 128 more
On 03/01/2018 12:42 PM, Prasanth wrote:
> Sorry didn't check the website, I am not getting the emails to my inbox, will
> try to subscribe again. I will get back to you with the exception I was
> getting if you don't set the valueStack to
> null. Thanks, Prasanth
> -- [show/hide
> original text]
>
> Thank you very much for your time and report!
> [show/hide original text]
>
> Hmm... so how and why `request.setAttribute("struts.valueStack", null)`
> works.
>
> That's weird and so very important to me :)
>
> Could you please see what is the type of request when you receive it in
> your second context filter? e.g. println(request.getType()) before those
> your two lines (I could see myself but maybe it will be different from
> your one!)
>
> Thanks in advance!
>
>
> On 12/18/2017 11:03 AM, Prasanth Pasala wrote:
>> Added it to Struts JIRA (WW-4904) If I set the struts.actionMapping
>> attribute to null it still causes the class cast exception. What I have seen
>> is that after setting it to null if you call
>> getAttribute you would still get the old ActionMapping object, not sure how
>> that is possible. Thanks, Prasanth
>> ---
>> [show/hide
>> original text]
>> No it's not a Struts issue. You don't see this in Struts1 because maybe
>> it doesn't use any object bounded to dispatched request. But Struts2
>> wants to
>>
>> ActionMapping mapping =
>> (ActionMapping)request.getAttribute("struts.actionMapping");
>>
>> A workaround would be removing object with key "struts.actionMapping"
>> from request before dispatching.
>>
>> I hope this helps.
>>
>>
>> On 12/15/2017 04:54 PM, Prasanth Pasala wrote:
>>> Added the below two lines to my filter (before the struts2 filter) in
>>> context2 app. That seems to do the trick. Thought it might create a problem
>>> as I am settin
Re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
Sorry didn't check the website, I am not getting the emails to my inbox, will
try to subscribe again. I will get back to you with the exception I was
getting if you don't set the valueStack to null.
Thanks, Prasanth
-- [show/hide
original text]
Thank you very much for your time and report!
[show/hide original text]
Hmm... so how and why `request.setAttribute("struts.valueStack", null)`
works.
That's weird and so very important to me :)
Could you please see what is the type of request when you receive it in
your second context filter? e.g. println(request.getType()) before those
your two lines (I could see myself but maybe it will be different from
your one!)
Thanks in advance!
On 12/18/2017 11:03 AM, Prasanth Pasala wrote:
> Added it to Struts JIRA (WW-4904) If I set the struts.actionMapping attribute
> to null it still causes the class cast exception. What I have seen is that
> after setting it to null if you call
> getAttribute you would still get the old ActionMapping object, not sure how
> that is possible. Thanks, Prasanth
> ---
> [show/hide
> original text]
> No it's not a Struts issue. You don't see this in Struts1 because maybe
> it doesn't use any object bounded to dispatched request. But Struts2
> wants to
>
> ActionMapping mapping =
> (ActionMapping)request.getAttribute("struts.actionMapping");
>
> A workaround would be removing object with key "struts.actionMapping"
> from request before dispatching.
>
> I hope this helps.
>
>
> On 12/15/2017 04:54 PM, Prasanth Pasala wrote:
>> Added the below two lines to my filter (before the struts2 filter) in
>> context2 app. That seems to do the trick. Thought it might create a problem
>> as I am setting a new ActionMapping in the request,
>> but seems to work fine. Do you see any side effects of this?
>>
>> request.setAttribute("struts.actionMapping", new ActionMapping());
>> request.setAttribute("struts.valueStack", null);
>>
>> Thanks,
>> Prasanth
>>
>> On 12/15/2017 04:10 PM, Prasanth Pasala wrote:
>>> It seems like removeAttribute or setAttribute is not getting rid of the
>>> attribute from request. See below. If I set the value to a random string
>>> then I get a String can't be cast to ActionMapping
>>> exception.
>>>
>>> Enumeration attrs = request.getAttributeNames();
>>> while(attrs.hasMoreElements()) {
>>> System.out.println(attrs.nextElement());
>>> }
>>> System.out.println(request.getAttribute("struts.actionMapping"));
>>> request.setAttribute("struts.actionMapping", null);
>>> System.out.println(request.getAttribute("struts.actionMapping"));
>>>
>>> Output:
>>> 16:05:05,300 INFO [stdout] (default task-13)
>>> javax.servlet.forward.context_path
>>> 16:05:05,302 INFO [stdout] (default task-13)
>>> javax.servlet.forward.servlet_path
>>> 16:05:05,303 INFO [stdout] (default task-13)
>>> javax.servlet.forward.request_uri
>>> 16:05:05,303 INFO [stdout] (default task-13)
>>> javax.servlet.forward.path_info
>>> 16:05:05,303 INFO [stdout] (default task-13)
>>> javax.servlet.forward.query_string
>>> 16:05:05,303 INFO [stdout] (default task-13) javax.servlet.request.key_size
>>> 16:05:05,303 INFO [stdout] (default task-13) __cleanup_recursion_counter
>>> 16:05:05,303 INFO [stdout] (default task-13)
>>> javax.servlet.request.cipher_suite
>>> 16:05:05,304 INFO [stdout] (default task-13) struts.valueStack
>>> 16:05:05,308 INFO [stdout] (default task-13)
>>> javax.servlet.request.ssl_session_id
>>> 16:05:09,121 INFO [stdout] (default task-13) ActionMapping{name='Login',
>>> namespace='/', method='null', extension='action', params=null, result=null}
>>> 16:05:10,960 INFO [stdout] (default task-13) ActionMapping{name='Login',
>>> namespace='/', method='null', extension='action', params=null, result=null}
>>>
>>>
>>> On 12/15/2017 02:28 PM, Prasanth Pasala wrote:
>>>> Thanks for the prompt response. Tried removing the attribute from the
>>>> request, but still getting the class cast exception. Is it possible it is
>>>> being set after I have called the forward?
>>>> request.removeAttribute("struts.actionMapping"); // FORWARD THE
>>>> REQUEST
Re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
Added it to Struts JIRA (WW-4904) If I set the struts.actionMapping attribute
to null it still causes the class cast exception. What I have seen is that
after setting it to null if you call
getAttribute you would still get the old ActionMapping object, not sure how
that is possible. Thanks, Prasanth
---
[show/hide
original text]
No it's not a Struts issue. You don't see this in Struts1 because maybe
it doesn't use any object bounded to dispatched request. But Struts2
wants to
ActionMapping mapping =
(ActionMapping)request.getAttribute("struts.actionMapping");
A workaround would be removing object with key "struts.actionMapping"
from request before dispatching.
I hope this helps.
On 12/15/2017 04:54 PM, Prasanth Pasala wrote:
> Added the below two lines to my filter (before the struts2 filter) in
> context2 app. That seems to do the trick. Thought it might create a problem
> as I am setting a new ActionMapping in the request,
> but seems to work fine. Do you see any side effects of this?
>
> request.setAttribute("struts.actionMapping", new ActionMapping());
> request.setAttribute("struts.valueStack", null);
>
> Thanks,
> Prasanth
>
> On 12/15/2017 04:10 PM, Prasanth Pasala wrote:
>> It seems like removeAttribute or setAttribute is not getting rid of the
>> attribute from request. See below. If I set the value to a random string
>> then I get a String can't be cast to ActionMapping
>> exception.
>>
>> Enumeration attrs = request.getAttributeNames();
>> while(attrs.hasMoreElements()) {
>> System.out.println(attrs.nextElement());
>> }
>> System.out.println(request.getAttribute("struts.actionMapping"));
>> request.setAttribute("struts.actionMapping", null);
>> System.out.println(request.getAttribute("struts.actionMapping"));
>>
>> Output:
>> 16:05:05,300 INFO [stdout] (default task-13)
>> javax.servlet.forward.context_path
>> 16:05:05,302 INFO [stdout] (default task-13)
>> javax.servlet.forward.servlet_path
>> 16:05:05,303 INFO [stdout] (default task-13)
>> javax.servlet.forward.request_uri
>> 16:05:05,303 INFO [stdout] (default task-13) javax.servlet.forward.path_info
>> 16:05:05,303 INFO [stdout] (default task-13)
>> javax.servlet.forward.query_string
>> 16:05:05,303 INFO [stdout] (default task-13) javax.servlet.request.key_size
>> 16:05:05,303 INFO [stdout] (default task-13) __cleanup_recursion_counter
>> 16:05:05,303 INFO [stdout] (default task-13)
>> javax.servlet.request.cipher_suite
>> 16:05:05,304 INFO [stdout] (default task-13) struts.valueStack
>> 16:05:05,308 INFO [stdout] (default task-13)
>> javax.servlet.request.ssl_session_id
>> 16:05:09,121 INFO [stdout] (default task-13) ActionMapping{name='Login',
>> namespace='/', method='null', extension='action', params=null, result=null}
>> 16:05:10,960 INFO [stdout] (default task-13) ActionMapping{name='Login',
>> namespace='/', method='null', extension='action', params=null, result=null}
>>
>>
>> On 12/15/2017 02:28 PM, Prasanth Pasala wrote:
>>> Thanks for the prompt response. Tried removing the attribute from the
>>> request, but still getting the class cast exception. Is it possible it is
>>> being set after I have called the forward?
>>> request.removeAttribute("struts.actionMapping"); // FORWARD THE REQUEST
>>> ServletContext sContext = context.getContext("/context2");
>>> RequestDispatcher rd =
>>> sContext.getRequestDispatcher("/Login.action"); rd.forward(request,
>>> response); [show/hide original text]
>>> No it's not a Struts issue. You don't see this in Struts1 because maybe
>>> it doesn't use any object bounded to dispatched request. But Struts2
>>> wants to
>>>
>>> ActionMapping mapping =
>>> (ActionMapping)request.getAttribute("struts.actionMapping");
>>>
>>> A workaround would be removing object with key "struts.actionMapping"
>>> from request before dispatching.
>>>
>>> I hope this helps.
>>>
>>> -
>>> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
>>> For additional commands, e-mail: user-h...@struts.apache.org
>>
>
Re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
Added the below two lines to my filter (before the struts2 filter) in context2
app. That seems to do the trick. Thought it might create a problem as I am
setting a new ActionMapping in the request,
but seems to work fine. Do you see any side effects of this?
request.setAttribute("struts.actionMapping", new ActionMapping());
request.setAttribute("struts.valueStack", null);
Thanks,
Prasanth
On 12/15/2017 04:10 PM, Prasanth Pasala wrote:
> It seems like removeAttribute or setAttribute is not getting rid of the
> attribute from request. See below. If I set the value to a random string then
> I get a String can't be cast to ActionMapping
> exception.
>
> Enumeration attrs = request.getAttributeNames();
> while(attrs.hasMoreElements()) {
> System.out.println(attrs.nextElement());
> }
> System.out.println(request.getAttribute("struts.actionMapping"));
> request.setAttribute("struts.actionMapping", null);
> System.out.println(request.getAttribute("struts.actionMapping"));
>
> Output:
> 16:05:05,300 INFO [stdout] (default task-13)
> javax.servlet.forward.context_path
> 16:05:05,302 INFO [stdout] (default task-13)
> javax.servlet.forward.servlet_path
> 16:05:05,303 INFO [stdout] (default task-13)
> javax.servlet.forward.request_uri
> 16:05:05,303 INFO [stdout] (default task-13) javax.servlet.forward.path_info
> 16:05:05,303 INFO [stdout] (default task-13)
> javax.servlet.forward.query_string
> 16:05:05,303 INFO [stdout] (default task-13) javax.servlet.request.key_size
> 16:05:05,303 INFO [stdout] (default task-13) __cleanup_recursion_counter
> 16:05:05,303 INFO [stdout] (default task-13)
> javax.servlet.request.cipher_suite
> 16:05:05,304 INFO [stdout] (default task-13) struts.valueStack
> 16:05:05,308 INFO [stdout] (default task-13)
> javax.servlet.request.ssl_session_id
> 16:05:09,121 INFO [stdout] (default task-13) ActionMapping{name='Login',
> namespace='/', method='null', extension='action', params=null, result=null}
> 16:05:10,960 INFO [stdout] (default task-13) ActionMapping{name='Login',
> namespace='/', method='null', extension='action', params=null, result=null}
>
>
> On 12/15/2017 02:28 PM, Prasanth Pasala wrote:
>> Thanks for the prompt response. Tried removing the attribute from the
>> request, but still getting the class cast exception. Is it possible it is
>> being set after I have called the forward?
>> request.removeAttribute("struts.actionMapping"); // FORWARD THE REQUEST
>> ServletContext sContext = context.getContext("/context2");
>> RequestDispatcher rd =
>> sContext.getRequestDispatcher("/Login.action"); rd.forward(request,
>> response); [show/hide original text]
>> No it's not a Struts issue. You don't see this in Struts1 because maybe
>> it doesn't use any object bounded to dispatched request. But Struts2
>> wants to
>>
>> ActionMapping mapping =
>> (ActionMapping)request.getAttribute("struts.actionMapping");
>>
>> A workaround would be removing object with key "struts.actionMapping"
>> from request before dispatching.
>>
>> I hope this helps.
>>
>> -
>> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
>> For additional commands, e-mail: user-h...@struts.apache.org
>
Re: Re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
It seems like removeAttribute or setAttribute is not getting rid of the
attribute from request. See below. If I set the value to a random string then I
get a String can't be cast to ActionMapping
exception.
Enumeration attrs = request.getAttributeNames();
while(attrs.hasMoreElements()) {
System.out.println(attrs.nextElement());
}
System.out.println(request.getAttribute("struts.actionMapping"));
request.setAttribute("struts.actionMapping", null);
System.out.println(request.getAttribute("struts.actionMapping"));
Output:
16:05:05,300 INFO [stdout] (default task-13) javax.servlet.forward.context_path
16:05:05,302 INFO [stdout] (default task-13) javax.servlet.forward.servlet_path
16:05:05,303 INFO [stdout] (default task-13) javax.servlet.forward.request_uri
16:05:05,303 INFO [stdout] (default task-13) javax.servlet.forward.path_info
16:05:05,303 INFO [stdout] (default task-13) javax.servlet.forward.query_string
16:05:05,303 INFO [stdout] (default task-13) javax.servlet.request.key_size
16:05:05,303 INFO [stdout] (default task-13) __cleanup_recursion_counter
16:05:05,303 INFO [stdout] (default task-13) javax.servlet.request.cipher_suite
16:05:05,304 INFO [stdout] (default task-13) struts.valueStack
16:05:05,308 INFO [stdout] (default task-13)
javax.servlet.request.ssl_session_id
16:05:09,121 INFO [stdout] (default task-13) ActionMapping{name='Login',
namespace='/', method='null', extension='action', params=null, result=null}
16:05:10,960 INFO [stdout] (default task-13) ActionMapping{name='Login',
namespace='/', method='null', extension='action', params=null, result=null}
On 12/15/2017 02:28 PM, Prasanth Pasala wrote:
> Thanks for the prompt response. Tried removing the attribute from the
> request, but still getting the class cast exception. Is it possible it is
> being set after I have called the forward?
> request.removeAttribute("struts.actionMapping"); // FORWARD THE REQUEST
> ServletContext sContext = context.getContext("/context2");
> RequestDispatcher rd =
> sContext.getRequestDispatcher("/Login.action"); rd.forward(request,
> response); [show/hide original text]
> No it's not a Struts issue. You don't see this in Struts1 because maybe
> it doesn't use any object bounded to dispatched request. But Struts2
> wants to
>
> ActionMapping mapping =
> (ActionMapping)request.getAttribute("struts.actionMapping");
>
> A workaround would be removing object with key "struts.actionMapping"
> from request before dispatching.
>
> I hope this helps.
>
> -
> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
> For additional commands, e-mail: user-h...@struts.apache.org
Re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
Thanks for the prompt response. Tried removing the attribute from the request,
but still getting the class cast exception. Is it possible it is being set
after I have called the forward?
request.removeAttribute("struts.actionMapping"); // FORWARD THE REQUEST
ServletContext sContext = context.getContext("/context2");
RequestDispatcher rd =
sContext.getRequestDispatcher("/Login.action"); rd.forward(request,
response); [show/hide original text]
No it's not a Struts issue. You don't see this in Struts1 because maybe
it doesn't use any object bounded to dispatched request. But Struts2
wants to
ActionMapping mapping =
(ActionMapping)request.getAttribute("struts.actionMapping");
A workaround would be removing object with key "struts.actionMapping"
from request before dispatching.
I hope this helps.
-
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org
re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
Yes, dispatching request to another struts application. I am using Wildfly which does use different class loaders. Is this issue just with Struts2, as it works with Struts1. Thanks, Prasanth -- ... do you try to dispatch request to another Struts application? I remember e.g. for Tomcat, it uses different classloaders for each app. I think you can ask and continue with your container (e.g. Tomcat, Jetty, WebSphere, etc) for a solution. Regards.
re: java.lang.ClassCastException:, org.apache.struts2.dispatcher.mapper.ActionMapping
We have the struts jars in the individual wars. I was actually thinking of putting it in server lib to see if that would solve the problem. Thanks, Prasanth * From: *<c...@bmw.de> *Subject: *re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping *Date: *2017-12-15 02:20 *List: *user@struts.apache.org <https://lists.apache.org/list.html?user@struts.apache.org> [show/hide original text] This usually happens when struts jar is included in application server's lib directory. Regards, Christoph
re: java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
Yes, dispatching request to another struts application. I am using Wildfly which does use different class loaders. Is this issue just with Struts2, as it works with Struts1. Thanks, Prasanth -- ... do you try to dispatch request to another Struts application? I remember e.g. for Tomcat, it uses different classloaders for each app. I think you can ask and continue with your container (e.g. Tomcat, Jetty, WebSphere, etc) for a solution. Regards.
java.lang.ClassCastException: org.apache.struts2.dispatcher.mapper.ActionMapping
Hi,
I am trying to forward the request to another action that is present in a
different context. It works in struts1 but when trying in struts 2.3.34 I am
getting a class cast exception. Both the projects
(contexts) have the same version of struts2.
ServletContext sContext = context.getContext("/context2");
RequestDispatcher rd = sContext.getRequestDispatcher(resource);
rd.forward(request, response);
Thanks,
Prasanth
Exception: java.lang.RuntimeException: java.lang.RuntimeException:
java.lang.ClassCastException:
org.apache.struts2.dispatcher.mapper.ActionMapping cannot be cast to
org.apache.struts2.dispatcher.mapper.ActionMapping
at
io.undertow.servlet.spec.ServletContextImpl.invokeAction(ServletContextImpl.java:888
at
io.undertow.servlet.spec.RequestDispatcherImpl.forwardImplSetup(RequestDispatcherImpl.java:134
at
io.undertow.servlet.spec.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:111
at com.mypackage.LoginAction.execute(LoginAction.java:139
at
sun.reflect.NativeMethodAccessorImpl.invoke0(NativeMethodAccessorImpl.java:-2
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43
at java.lang.reflect.Method.invoke(Method.java:498
at ognl.OgnlRuntime.invokeMethod(OgnlRuntime.java:897
at ognl.OgnlRuntime.callAppropriateMethod(OgnlRuntime.java:1299
at ognl.ObjectMethodAccessor.callMethod(ObjectMethodAccessor.java:68
at
com.opensymphony.xwork2.ognl.accessor.XWorkMethodAccessor.callMethodWithDebugInfo(XWorkMethodAccessor.java:117
at
com.opensymphony.xwork2.ognl.accessor.XWorkMethodAccessor.callMethod(XWorkMethodAccessor.java:108
at ognl.OgnlRuntime.callMethod(OgnlRuntime.java:1375
at ognl.ASTMethod.getValueBody(ASTMethod.java:91
at ognl.SimpleNode.evaluateGetValueBody(SimpleNode.java:212
at ognl.SimpleNode.getValue(SimpleNode.java:258
at ognl.Ognl.getValue(Ognl.java:470
at ognl.Ognl.getValue(Ognl.java:434
at com.opensymphony.xwork2.ognl.OgnlUtil$3.execute(OgnlUtil.java:362
at
com.opensymphony.xwork2.ognl.OgnlUtil.compileAndExecuteMethod(OgnlUtil.java:414
at com.opensymphony.xwork2.ognl.OgnlUtil.callMethod(OgnlUtil.java:360
at
com.opensymphony.xwork2.DefaultActionInvocation.invokeAction(DefaultActionInvocation.java:430
at
com.opensymphony.xwork2.DefaultActionInvocation.invokeActionOnly(DefaultActionInvocation.java:290
at
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:251
at
org.apache.struts2.interceptor.DeprecationInterceptor.intercept(DeprecationInterceptor.java:41
at
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245
at
org.apache.struts2.interceptor.debugging.DebuggingInterceptor.intercept(DebuggingInterceptor.java:256
at
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245
at
com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor.doIntercept(DefaultWorkflowInterceptor.java:168
at
com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98
at
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245
at
com.opensymphony.xwork2.validator.ValidationInterceptor.doIntercept(ValidationInterceptor.java:265
at
org.apache.struts2.interceptor.validation.AnnotationValidationInterceptor.doIntercept(AnnotationValidationInterceptor.java:76
at
com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98
at
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245
at
com.opensymphony.xwork2.interceptor.ConversionErrorInterceptor.intercept(ConversionErrorInterceptor.java:138
at
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245
at
com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:229
at
com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98
at
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245
at
com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:229
at
com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98
at
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245
at
com.opensymphony.xwork2.interceptor.StaticParametersInterceptor.intercept(StaticParametersInterceptor.java:191
at
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:245
at
org.apache.struts2.interceptor.MultiselectInterceptor.intercept(MultiselectInterceptor.java:73
at
com.opensymphony.xwork2.DefaultActionInvocat
logic:iterate not populating the values on submit
Hi, I need a urgent help. Could someone respond to http://saloon.javaranch.com/cgi-bin/ubb/ultimatebb.cgi?ubb=get_topicf=58t=015067 regards Prasanth
