commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lukasz Lenart (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (OGNL-255) Reflection issue with google app engine and OGNL 3.1.2
Date Mon, 18 Apr 2016 05:09:25 GMT

    [ https://issues.apache.org/jira/browse/OGNL-255?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15245146#comment-15245146
] 

Lukasz Lenart commented on OGNL-255:
------------------------------------

I think setting {{OgnlRuntime.setSecurityManager(null)}} is the only proper solution, read
this https://struts.apache.org/docs/google-app-engine-gae.html

> Reflection issue with google app engine and OGNL 3.1.2
> ------------------------------------------------------
>
>                 Key: OGNL-255
>                 URL: https://issues.apache.org/jira/browse/OGNL-255
>             Project: Commons OGNL
>          Issue Type: Bug
>    Affects Versions: 3.1.2
>         Environment: Google App Engine (or Google App Engine Dev Server)
>            Reporter: Cornelius Mund
>
> When accessing a function directly from a thymeleaf template via ognl a IllegalAccessException
is thrown even though the function is public.
> I've put together a sample application so you can reproduce the error:
> https://github.com/cornim/TLBugExample.git
> Please also note the following:
> If the function is accessed via the property (i.e. ${item.name} instead of ${item.getName()})
no exception is thrown.
> Also, if one sets OgnlRuntime.setSecurityManager(null); (see CtxListener.java) direct
function access via ognl starts working, but that doesn't seem to be a sensible solution.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message