Uploaded image for project: 'Commons OGNL (Dormant)'
  1. Commons OGNL (Dormant)
  2. OGNL-256

OGNL 3.0.19 (and many previous) do not work with SecurityManager Enabled

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 3.0.13
    • None
    • Core Runtime
    • None

    Description

      When using SecurityManager, we get the following error.

      java.lang.IllegalAccessException: Method [public java.lang.String com.opensymphony.xwork2.ActionSupport.execute() throws java.lang.Exception] cannot be accessed.

      We used profilingSecurityManager to generate our policy file.. (but there could be issues)..

      Do you have a suitable example policy file for ognl that could be used.. we dont want to have to set the OgnlRunTime.securityManger(null) hack.

      Attachments

        Activity

          People

            Unassigned Unassigned
            warlock_za Michael Smith
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: