struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lukasz Lenart <lukaszlen...@apache.org>
Subject Re: OGNL Exception after upgrading from 2.3.4 to 2.3.14
Date Thu, 16 May 2013 13:29:08 GMT
And the same here, JIRA issue related to this problem

https://issues.apache.org/jira/browse/WW-4066


Regards
-- 
Łukasz
+ 48 606 323 122 http://www.lenart.org.pl/



2013/5/10 CRANFORD, CHRIS <Chris.Cranford@setech.com>:
> We tried each release since 2.3.4 and all of them behave precisely the same way regarding
these forms.
>
> The only way we could get 2.3.14 (which is what we are testing) to work was disable devmode
and all functionality worked without ognl exceptions and LocalizedTextUtil class exceptions
and -1 out of bounds errors.
> Sent from my Verizon Wireless BlackBerry
>
> -----Original Message-----
> From: Lukasz Lenart <lukaszlenart@apache.org>
> Date: Fri, 10 May 2013 06:51:52
> To: Struts Users Mailing List<user@struts.apache.org>
> Reply-To: Struts Users Mailing List <user@struts.apache.org>
> Subject: Re: OGNL Exception after upgrading from 2.3.4 to 2.3.14
>
> Thanks Chris!
>
> There was a security release between - 2.3.4.1 - have you tried it?
>
>
> Regards
> --
> Łukasz
> + 48 606 323 122 http://www.lenart.org.pl/
>
> 2013/5/8 CRANFORD, CHRIS <Chris.Cranford@setech.com>:
>> After some final digging, this appears to only surface in devMode=true on builds
2.3.12 and 2.3.14 regarding ParametersInterceptor.java:329.  If this was related to the security
fix for parameter names, wouldn't the exception/problem occur in both devMode and non-devMode?
 I'm confused as to what is the culprit here.
>>
>> -----Original Message-----
>> From: CRANFORD, CHRIS [mailto:Chris.Cranford@setech.com]
>> Sent: Wednesday, May 08, 2013 9:25 AM
>> To: Struts Users Mailing List
>> Subject: OGNL Exception after upgrading from 2.3.4 to 2.3.14
>>
>> We have several forms in our Struts2 application that pass values to the action like
the following:
>>
>>   <s:textfield name="items[0]" size="30" maxlength="100" />
>>   <s:textfield name="items[1]" size="30" maxlength="100" />
>>   <s:textfield name="items[2]" size='30" maxlength="100" />
>>
>> This worked beautifully prior to the upgrade but now I get the following OGNL exception:
>>
>> Unexpected Exception caught setting 'items[0]' on 'class com.setech.dw.inventory.web.ItemSearchAction:
Error setting expression 'items[0]' with value '[Ljava.lang.String;@738b650c'
>> File: OgnlRuntime.java
>> Method: setProperty
>> Line: 2326 - ognl/OgnlRuntime.java:2326:-1
>>        at com.opensymphony.xwork2.ognl.OgnlValueStack.handleOgnlException(OgnlValueStack.java:215)
>>        at com.opensymphony.xwork2.ognl.OgnlValueStack.setValue(OgnlValueStack.java:176)
>>        at com.opensymphony.xwork2.ognl.OgnlValueStack.setParameter(OgnlValueStack.java:152)
>>        at com.opensymphony.xwork2.interceptor.ParametersInterceptor.setParameters(ParametersInterceptor.java:329)
>>        at com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:241)
>>        at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98)
>>        at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:246)
>>        at org.apache.struts2.interceptor.MultiselectInterceptor.intercept(MultiselectInterceptor.java:73)
>>        at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:246)
>>        at org.apache.struts2.interceptor.CheckboxInterceptor.intercept(CheckboxInterceptor.java:91)
>>        at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:246)
>>        at com.opensymphony.xwork2.interceptor.I18nInterceptor.intercept(I18nInterceptor.java:176)
>>        at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:246)
>>        at com.opensymphony.xwork2.interceptor.AliasInterceptor.intercept(AliasInterceptor.java:193)
>>        at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:246)
>>        at com.opensymphony.xwork2.interceptor.ExceptionMappingInterceptor.intercept(ExceptionMappingInterceptor.java:187)
>>        at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:246)
>>        at com.setech.dw.common.web.interceptors.LocaleContextInterceptor.intercept(LocaleContextInterceptor.java:43)
>>        at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:246)
>>        at com.opensymphony.xwork2.interceptor.I18nInterceptor.intercept(I18nInterceptor.java:176)
>>        at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:246)
>>        at com.setech.dw.common.web.interceptors.MenuInterceptor.intercept(MenuInterceptor.java:58)
>>        at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:246)
>>        at com.setech.dw.common.web.interceptors.AuditInterceptor.intercept(AuditInterceptor.java:81)
>>        at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:246)
>>        at com.setech.dw.common.web.interceptors.TimerInterceptor.intercept(TimerInterceptor.java:141)
>>        at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:246)
>>        at com.setech.dw.common.web.interceptors.SiteOverrideInterceptor.intercept(SiteOverrideInterceptor.java:63)
>>        at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:246)
>>        at com.setech.dw.common.web.interceptors.LoggingInterceptor.intercept(LoggingInterceptor.java:88)
>>        at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:246)
>>        at com.setech.dw.common.web.interceptors.SeekExceptionInterceptor.intercept(SeekExceptionInterceptor.java:48)
>>        at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:246)
>>        at org.apache.struts2.impl.StrutsActionProxy.execute(StrutsActionProxy.java:54)
>>        at org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:546)
>>        at org.apache.struts2.dispatcher.ng.ExecuteOperations.executeAction(ExecuteOperations.java:77)
>>        at org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:91)
>>        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
>>        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
>>        at org.displaytag.filter.ResponseOverrideFilter.doFilter(ResponseOverrideFilter.java:125)
>>        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
>>        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
>>        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>>        at com.setech.dw.security.filter.ChangePasswordFilter.doFilterInternal(ChangePasswordFilter.java:105)
>>        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>>        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>        at org.springframework.security.web.authentication.switchuser.SwitchUserFilter.doFilter(SwitchUserFilter.java:181)
>>        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>        at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118)
>>        at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
>>        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>        at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
>>        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>        at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
>>        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
>>        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>        at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
>>        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>        at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
>>        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>        at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:183)
>>        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>        at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
>>        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>        at org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:125)
>>        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>        at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
>>        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
>>        at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
>>        at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
>>        at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
>>        at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
>>        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
>>        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
>>        at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
>>        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>>        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
>>        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
>>        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
>>        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
>>        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
>>        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
>>        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
>>        at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
>>        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
>>        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
>>        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
>>        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
>>        at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:1822)
>>        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
>>        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
>>        at java.lang.Thread.run(Thread.java:722)
>> Caused by: ognl.OgnlException: target is null for setProperty(null, "0", [Ljava.lang.String;@738b650c)
>>        at ognl.OgnlRuntime.setProperty(OgnlRuntime.java:2326)
>>        at ognl.ASTProperty.setValueBody(ASTProperty.java:127)
>>        at ognl.SimpleNode.evaluateSetValueBody(SimpleNode.java:220)
>>        at ognl.SimpleNode.setValue(SimpleNode.java:301)
>>        at ognl.ASTChain.setValueBody(ASTChain.java:227)
>>        at ognl.SimpleNode.evaluateSetValueBody(SimpleNode.java:220)
>>        at ognl.SimpleNode.setValue(SimpleNode.java:301)
>>        at ognl.Ognl.setValue(Ognl.java:737)
>>        at com.opensymphony.xwork2.ognl.OgnlUtil.setValue(OgnlUtil.java:224)
>>        at com.opensymphony.xwork2.ognl.OgnlValueStack.trySetValue(OgnlValueStack.java:187)
>>        at com.opensymphony.xwork2.ognl.OgnlValueStack.setValue(OgnlValueStack.java:174)
>>        ... 91 more
>>
>> The action doesn't allocate memory for the List<String> property and never
has.
>> Is there something I may have missed that I need to change from upgrading from 2.3.4
to 2.3.14?
>>
>> Thanks,
>> Chris
>>
>>
>> Email secured by Check Point
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>> For additional commands, e-mail: user-help@struts.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
>
> Email secured by Check Point

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message