Return-Path: X-Original-To: apmail-commons-issues-archive@minotaur.apache.org Delivered-To: apmail-commons-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B530B9B1F for ; Tue, 31 Jan 2012 16:47:35 +0000 (UTC) Received: (qmail 70708 invoked by uid 500); 31 Jan 2012 16:47:33 -0000 Delivered-To: apmail-commons-issues-archive@commons.apache.org Received: (qmail 70491 invoked by uid 500); 31 Jan 2012 16:47:32 -0000 Mailing-List: contact issues-help@commons.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: issues@commons.apache.org Delivered-To: mailing list issues@commons.apache.org Received: (qmail 70476 invoked by uid 99); 31 Jan 2012 16:47:32 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 31 Jan 2012 16:47:32 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED,T_RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.116] (HELO hel.zones.apache.org) (140.211.11.116) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 31 Jan 2012 16:47:30 +0000 Received: from hel.zones.apache.org (hel.zones.apache.org [140.211.11.116]) by hel.zones.apache.org (Postfix) with ESMTP id 59BED181DE0 for ; Tue, 31 Jan 2012 16:47:10 +0000 (UTC) Date: Tue, 31 Jan 2012 16:47:10 +0000 (UTC) From: "Maurizio Cucchiara (Commented) (JIRA)" To: issues@commons.apache.org Message-ID: <1649034648.12004.1328028430369.JavaMail.tomcat@hel.zones.apache.org> In-Reply-To: <487448068.72565.1327427680437.JavaMail.tomcat@hel.zones.apache.org> Subject: [jira] [Commented] (OGNL-47) Unable to use Struts 2.3.1.2 application with OGNL 3.0.4 by enabling security manager MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/OGNL-47?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13197010#comment-13197010 ] Maurizio Cucchiara commented on OGNL-47: ---------------------------------------- Be aware that the 3.0.4 version of OGNL is not Commons OGNL. The old OGNL version is deprecated and will be replaced with the commons one ASAP. So, again, the question is: is there a way to reproduce the issue, such that I can test if it affects the Commons version of OGNL? > Unable to use Struts 2.3.1.2 application with OGNL 3.0.4 by enabling security manager > -------------------------------------------------------------------------------------- > > Key: OGNL-47 > URL: https://issues.apache.org/jira/browse/OGNL-47 > Project: Commons OGNL > Issue Type: Bug > Reporter: kesava > Priority: Blocker > > Unable to use Struts 2.3.1.2 application with OGNL 3.0.4 by enabling security manager > Steps to reproduce > 1.Enable security manager > 2.Load the app > {noformat} > Caught an Ognl exception while getting property serviceProviders - Class: ognl.ObjectPropertyAccessor > File: ObjectPropertyAccessor.java > Method: getPossibleProperty > Line: 69 - ognl/ObjectPropertyAccessor.java:69:-1 > at com.opensymphony.xwork2.ognl.accessor.CompoundRootAccessor.getProperty(CompoundRootAccessor.java:142) > at ognl.OgnlRuntime.getProperty(OgnlRuntime.java:2303) > at ognl.ASTProperty.getValueBody(ASTProperty.java:114) > at ognl.SimpleNode.evaluateGetValueBody(SimpleNode.java:212) > at ognl.SimpleNode.getValue(SimpleNode.java:258) > at ognl.Ognl.getValue(Ognl.java:494) > at ognl.Ognl.getValue(Ognl.java:458) > at com.opensymphony.xwork2.ognl.OgnlUtil.getValue(OgnlUtil.java:213) > at com.opensymphony.xwork2.ognl.OgnlValueStack.getValueUsingOgnl(OgnlValueStack.java:277) > at com.opensymphony.xwork2.ognl.OgnlValueStack.tryFindValue(OgnlValueStack.java:260) > at com.opensymphony.xwork2.ognl.OgnlValueStack.tryFindValueWhenExpressionIsNotNull(OgnlValueStack.java:242) > at com.opensymphony.xwork2.ognl.OgnlValueStack.findValue(OgnlValueStack.java:222) > at com.opensymphony.xwork2.ognl.OgnlValueStack.findValue(OgnlValueStack.java:284) > at org.apache.struts2.views.velocity.StrutsVelocityContext.internalGet(StrutsVelocityContext.java:91) > at org.apache.velocity.context.AbstractContext.get(AbstractContext.java:193) > at org.apache.velocity.context.InternalContextAdapterImpl.get(InternalContextAdapterImpl.java:286) > at org.apache.velocity.runtime.parser.node.ASTReference.getVariableValue(ASTReference.java:843) > at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:222) > at org.apache.velocity.runtime.parser.node.ASTReference.value(ASTReference.java:507) > at org.apache.velocity.runtime.parser.node.ASTExpression.value(ASTExpression.java:71) > at org.apache.velocity.runtime.parser.node.ASTSetDirective.render(ASTSetDirective.java:142) > at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:336) > at org.apache.velocity.runtime.directive.Parse.render(Parse.java:263) > at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:175) > at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:336) > at org.apache.velocity.runtime.directive.Parse.render(Parse.java:263) > at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:175) > at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:336) > at org.apache.velocity.Template.merge(Template.java:328) > at org.apache.velocity.Template.merge(Template.java:235) > at org.apache.struts2.dispatcher.VelocityResult.doExecute(VelocityResult.java:156) > at org.apache.struts2.dispatcher.StrutsResultSupport.execute(StrutsResultSupport.java:186) > at com.opensymphony.xwork2.DefaultActionInvocation.executeResult(DefaultActionInvocation.java:374) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:278) > at com.sony.sce.producttool.web.CacheFlushFilterInterceptor$2.call(CacheFlushFilterInterceptor.java:69) > at com.sony.sce.producttool.web.CacheFlushFilterInterceptor$2.call(CacheFlushFilterInterceptor.java:1) > at com.sony.sce.producttool.web.CacheFlushFilterInterceptor.callWithHandling(CacheFlushFilterInterceptor.java:79) > at com.sony.sce.producttool.web.CacheFlushFilterInterceptor.intercept(CacheFlushFilterInterceptor.java:67) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at com.opensymphony.xwork2.interceptor.ChainingInterceptor.intercept(ChainingInterceptor.java:145) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor.doIntercept(DefaultWorkflowInterceptor.java:176) > at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at org.apache.struts2.interceptor.MessageStoreInterceptor.intercept(MessageStoreInterceptor.java:194) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at com.opensymphony.xwork2.validator.ValidationInterceptor.doIntercept(ValidationInterceptor.java:265) > at org.apache.struts2.interceptor.validation.AnnotationValidationInterceptor.doIntercept(AnnotationValidationInterceptor.java:68) > at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at com.opensymphony.xwork2.interceptor.ModelDrivenInterceptor.intercept(ModelDrivenInterceptor.java:100) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at com.sony.sce.producttool.web.interceptor.EntityActionInterceptor.intercept(EntityActionInterceptor.java:32) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at com.sony.sce.producttool.web.interceptor.RolesSecurityInterceptor.intercept(RolesSecurityInterceptor.java:118) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:211) > at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at com.opensymphony.xwork2.interceptor.PrepareInterceptor.doIntercept(PrepareInterceptor.java:171) > at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:211) > at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at com.opensymphony.xwork2.interceptor.StaticParametersInterceptor.intercept(StaticParametersInterceptor.java:190) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at com.sony.sce.producttool.exception.ExceptionWrapperInterceptor.intercept(ExceptionWrapperInterceptor.java:29) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at com.sony.sce.producttool.web.interceptor.HibernateValidationResponseInterceptor.intercept(HibernateValidationResponseInterceptor.java:64) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at org.apache.struts2.interceptor.FileUploadInterceptor.intercept(FileUploadInterceptor.java:243) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at org.apache.struts2.interceptor.ServletConfigInterceptor.intercept(ServletConfigInterceptor.java:164) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at org.apache.struts2.interceptor.CookieInterceptor.intercept(CookieInterceptor.java:240) > at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) > at org.apache.struts2.impl.StrutsActionProxy.execute(StrutsActionProxy.java:54) > at org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:510) > at org.apache.struts2.dispatcher.FilterDispatcher.doFilter(FilterDispatcher.java:434) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) > at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) > at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:218) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210) > at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:52) > at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:171) > at java.security.AccessController.doPrivileged(Native Method) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:167) > at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54) > at sun.reflect.GeneratedMethodAccessor69.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) > at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) > at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:218) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210) > at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:52) > at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:171) > at java.security.AccessController.doPrivileged(Native Method) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:167) > at com.opensymphony.sitemesh.webapp.SiteMeshFilter.obtainContent(SiteMeshFilter.java:129) > at com.opensymphony.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:77) > at sun.reflect.GeneratedMethodAccessor68.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) > at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) > at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:218) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210) > at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:52) > at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:171) > at java.security.AccessController.doPrivileged(Native Method) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:167) > at org.apache.struts2.dispatcher.ActionContextCleanUp.doFilter(ActionContextCleanUp.java:102) > at sun.reflect.GeneratedMethodAccessor67.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) > at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) > at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:218) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210) > at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:52) > at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:171) > at java.security.AccessController.doPrivileged(Native Method) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:167) > at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:369) > at com.sony.sce.producttool.web.Log4jMDCFilter.doFilter(Log4jMDCFilter.java:71) > at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381) > at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109) > at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83) > at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381) > at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97) > at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381) > at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187) > at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381) > at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105) > at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381) > at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79) > at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:381) > at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:168) > at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237) > at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) > at sun.reflect.GeneratedMethodAccessor64.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) > at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) > at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:218) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210) > at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:52) > at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:171) > at java.security.AccessController.doPrivileged(Native Method) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:167) > at com.sony.snei.common.security.SessionIpBindingFilter.doFilter(SessionIpBindingFilter.java:114) > at sun.reflect.GeneratedMethodAccessor63.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) > at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) > at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:218) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210) > at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:52) > at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:171) > at java.security.AccessController.doPrivileged(Native Method) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:167) > at com.sony.soe.platform.common.web.i18n.LocaleFilter.doFilter(LocaleFilter.java:96) > at sun.reflect.GeneratedMethodAccessor62.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) > at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) > at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:218) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210) > at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:52) > at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:171) > at java.security.AccessController.doPrivileged(Native Method) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:167) > at com.sony.sce.producttool.util.hibernate.BaseTransactionInViewFilter.doFilter(BaseTransactionInViewFilter.java:83) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) > at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) > at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:218) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210) > at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:52) > at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:171) > at java.security.AccessController.doPrivileged(Native Method) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:167) > at com.sony.sce.producttool.util.hibernate.OpenLocalSessionInViewFilter.doFilter(OpenLocalSessionInViewFilter.java:106) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) > at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) > at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:218) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210) > at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:52) > at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:171) > at java.security.AccessController.doPrivileged(Native Method) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:167) > at com.sony.sce.producttool.web.ResponseHeaderFilter.doFilter(ResponseHeaderFilter.java:50) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) > at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) > at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:218) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210) > at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:52) > at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:171) > at java.security.AccessController.doPrivileged(Native Method) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:167) > at com.sony.soe.platform.common.web.i18n.UTF8Filter.doFilter(UTF8Filter.java:22) > at sun.reflect.GeneratedMethodAccessor66.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAsPrivileged(Subject.java:517) > at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) > at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:218) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:210) > at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:52) > at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:171) > at java.security.AccessController.doPrivileged(Native Method) > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:167) > at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) > at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172) > at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:581) > at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) > at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117) > at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108) > at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174) > at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:879) > at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665) > at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528) > at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81) > at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689) > at java.lang.Thread.run(Thread.java:662) > Caused by: ognl.OgnlException: serviceProviders [java.lang.NullPointerException: permission can't be null] > at ognl.ObjectPropertyAccessor.getPossibleProperty(ObjectPropertyAccessor.java:69) > at ognl.ObjectPropertyAccessor.getProperty(ObjectPropertyAccessor.java:147) > at com.opensymphony.xwork2.ognl.accessor.ObjectAccessor.getProperty(ObjectAccessor.java:17) > at ognl.OgnlRuntime.getProperty(OgnlRuntime.java:2303) > at com.opensymphony.xwork2.ognl.accessor.CompoundRootAccessor.getProperty(CompoundRootAccessor.java:137) > ... 266 more > Caused by: java.lang.NullPointerException: permission can't be null > at java.security.AccessController.checkPermission(AccessController.java:517) > at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) > at ognl.OgnlRuntime.invokeMethod(OgnlRuntime.java:834) > at ognl.OgnlRuntime.getMethodValue(OgnlRuntime.java:1441) > at ognl.ObjectPropertyAccessor.getPossibleProperty(ObjectPropertyAccessor.java:60) > ... 270 more > {noformat} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira