You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@struts.apache.org by "Gary Gaggiani (JIRA)" <ji...@apache.org> on 2007/08/31 23:27:34 UTC
[jira] Created: (WW-2152) Need better example for using the
strtus2-struts1 plugin
Need better example for using the strtus2-struts1 plugin
--------------------------------------------------------
Key: WW-2152
URL: https://issues.apache.org/struts/browse/WW-2152
Project: Struts 2
Issue Type: Improvement
Components: Examples, Integration
Affects Versions: 2.0.9
Environment: Eclipse, Java 1.6, JRUN 4.0.6A, struts 1.2.9 application
Reporter: Gary Gaggiani
We were getting ready to go to UAT with an appliction developed using struts 1.2.9. Because of the reported potential vulnerability of earlier struts, the corporate infrastructure has disallowed them and now only sanctions 2.0.9. Since the deadlines are looming, we do not want to go through the actual conversion yet. We are trying to get the struts1-struts2 plugin to work for two weeks, but have so far been unsuccessful. Using Ted Husted's xml example (the only one there is) gets us tantilizingly close in some respects, but it does not go far enough. We (Citigroup) would be willing to pay for help with this issue, and I suspect that we are not the only ones struggling with this.
Gary Gaggiani, Director IS Travel Payment Services, Citi
gary.j.gaggiani@citi.com
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (WW-2152) Need better example for using the
strtus2-struts1 plugin
Posted by "James Holmes (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/struts/browse/WW-2152?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James Holmes updated WW-2152:
-----------------------------
Fix Version/s: 2.0.11
> Need better example for using the strtus2-struts1 plugin
> --------------------------------------------------------
>
> Key: WW-2152
> URL: https://issues.apache.org/struts/browse/WW-2152
> Project: Struts 2
> Issue Type: Improvement
> Components: Examples, Integration
> Affects Versions: 2.0.9
> Environment: Eclipse, Java 1.6, JRUN 4.0.6A, struts 1.2.9 application
> Reporter: Gary Gaggiani
> Fix For: 2.0.11
>
>
> We were getting ready to go to UAT with an appliction developed using struts 1.2.9. Because of the reported potential vulnerability of earlier struts, the corporate infrastructure has disallowed them and now only sanctions 2.0.9. Since the deadlines are looming, we do not want to go through the actual conversion yet. We are trying to get the struts1-struts2 plugin to work for two weeks, but have so far been unsuccessful. Using Ted Husted's xml example (the only one there is) gets us tantilizingly close in some respects, but it does not go far enough. We (Citigroup) would be willing to pay for help with this issue, and I suspect that we are not the only ones struggling with this.
> Gary Gaggiani, Director IS Travel Payment Services, Citi
> gary.j.gaggiani@citi.com
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (WW-2152) Need better example for using the
strtus2-struts1 plugin
Posted by "James Holmes (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/struts/browse/WW-2152?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James Holmes resolved WW-2152.
------------------------------
Resolution: Fixed
Fix Version/s: (was: 2.0.11)
2.0.10
I have updated the Struts 1 plugin documentation at:
http://cwiki.apache.org/confluence/display/WW/Struts+1+Plugin
The section titled "Struts 1 Action with a session-scoped ActionForm" had invalid XML and I fixed that. I also added a warning about the plugin not supporting the use of Struts 1 tag libraries in a Struts 2 application.
> Need better example for using the strtus2-struts1 plugin
> --------------------------------------------------------
>
> Key: WW-2152
> URL: https://issues.apache.org/struts/browse/WW-2152
> Project: Struts 2
> Issue Type: Improvement
> Components: Examples, Integration
> Affects Versions: 2.0.9
> Environment: Eclipse, Java 1.6, JRUN 4.0.6A, struts 1.2.9 application
> Reporter: Gary Gaggiani
> Assignee: James Holmes
> Fix For: 2.0.10
>
>
> We were getting ready to go to UAT with an appliction developed using struts 1.2.9. Because of the reported potential vulnerability of earlier struts, the corporate infrastructure has disallowed them and now only sanctions 2.0.9. Since the deadlines are looming, we do not want to go through the actual conversion yet. We are trying to get the struts1-struts2 plugin to work for two weeks, but have so far been unsuccessful. Using Ted Husted's xml example (the only one there is) gets us tantilizingly close in some respects, but it does not go far enough. We (Citigroup) would be willing to pay for help with this issue, and I suspect that we are not the only ones struggling with this.
> Gary Gaggiani, Director IS Travel Payment Services, Citi
> gary.j.gaggiani@citi.com
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (WW-2152) Need better example for using the
strtus2-struts1 plugin
Posted by "Gary Gaggiani (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/struts/browse/WW-2152?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_42146 ]
Gary Gaggiani commented on WW-2152:
-----------------------------------
Thanks for the reply.
The comment on the Apache Struts site
"Apache Struts 2.0.9 includes an important security fix regarding a
remote code exploit. ALL DEVELOPERS ARE STRONGLY ADVISED TO UPDATE TO
STRUTS 2.0.9 IMMEDIATELY!
also appears on our corporate development tool list for the struts
releases. Struts 1.2.x releases are listed as "PROHIBITED" as their
status, while struts 2.0.9 is the only allowed version.
So that I can go back to my corporate infrastructure, please verify that
releases 1.2.7 and 1.2.9 have no known significant security
vulnerabilities.
Thanks,
Gary
> Need better example for using the strtus2-struts1 plugin
> --------------------------------------------------------
>
> Key: WW-2152
> URL: https://issues.apache.org/struts/browse/WW-2152
> Project: Struts 2
> Issue Type: Improvement
> Components: Examples, Integration
> Affects Versions: 2.0.9
> Environment: Eclipse, Java 1.6, JRUN 4.0.6A, struts 1.2.9 application
> Reporter: Gary Gaggiani
> Assignee: James Holmes
> Fix For: 2.0.10
>
>
> We were getting ready to go to UAT with an appliction developed using struts 1.2.9. Because of the reported potential vulnerability of earlier struts, the corporate infrastructure has disallowed them and now only sanctions 2.0.9. Since the deadlines are looming, we do not want to go through the actual conversion yet. We are trying to get the struts1-struts2 plugin to work for two weeks, but have so far been unsuccessful. Using Ted Husted's xml example (the only one there is) gets us tantilizingly close in some respects, but it does not go far enough. We (Citigroup) would be willing to pay for help with this issue, and I suspect that we are not the only ones struggling with this.
> Gary Gaggiani, Director IS Travel Payment Services, Citi
> gary.j.gaggiani@citi.com
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (WW-2152) Need better example for using the
strtus2-struts1 plugin
Posted by "Ted Husted (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/struts/browse/WW-2152?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_42145 ]
Ted Husted commented on WW-2152:
--------------------------------
There might be a misunderstanding as to the security alerts.
STRUTS 1.X IS NOT AFFECTED BY SECURITY ALERTS RAISED AGAINST STRUTS 2.X
The versions use entirely different codebases. When we say to immediately upgrade to Struts 2.0.9, we don't mean people must upgrade from Struts 1.2.9. I'll update the home page to clarify.
> Need better example for using the strtus2-struts1 plugin
> --------------------------------------------------------
>
> Key: WW-2152
> URL: https://issues.apache.org/struts/browse/WW-2152
> Project: Struts 2
> Issue Type: Improvement
> Components: Examples, Integration
> Affects Versions: 2.0.9
> Environment: Eclipse, Java 1.6, JRUN 4.0.6A, struts 1.2.9 application
> Reporter: Gary Gaggiani
> Assignee: James Holmes
> Fix For: 2.0.10
>
>
> We were getting ready to go to UAT with an appliction developed using struts 1.2.9. Because of the reported potential vulnerability of earlier struts, the corporate infrastructure has disallowed them and now only sanctions 2.0.9. Since the deadlines are looming, we do not want to go through the actual conversion yet. We are trying to get the struts1-struts2 plugin to work for two weeks, but have so far been unsuccessful. Using Ted Husted's xml example (the only one there is) gets us tantilizingly close in some respects, but it does not go far enough. We (Citigroup) would be willing to pay for help with this issue, and I suspect that we are not the only ones struggling with this.
> Gary Gaggiani, Director IS Travel Payment Services, Citi
> gary.j.gaggiani@citi.com
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (WW-2152) Need better example for using the
strtus2-struts1 plugin
Posted by "James Holmes (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/struts/browse/WW-2152?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James Holmes reassigned WW-2152:
--------------------------------
Assignee: James Holmes
> Need better example for using the strtus2-struts1 plugin
> --------------------------------------------------------
>
> Key: WW-2152
> URL: https://issues.apache.org/struts/browse/WW-2152
> Project: Struts 2
> Issue Type: Improvement
> Components: Examples, Integration
> Affects Versions: 2.0.9
> Environment: Eclipse, Java 1.6, JRUN 4.0.6A, struts 1.2.9 application
> Reporter: Gary Gaggiani
> Assignee: James Holmes
> Fix For: 2.0.11
>
>
> We were getting ready to go to UAT with an appliction developed using struts 1.2.9. Because of the reported potential vulnerability of earlier struts, the corporate infrastructure has disallowed them and now only sanctions 2.0.9. Since the deadlines are looming, we do not want to go through the actual conversion yet. We are trying to get the struts1-struts2 plugin to work for two weeks, but have so far been unsuccessful. Using Ted Husted's xml example (the only one there is) gets us tantilizingly close in some respects, but it does not go far enough. We (Citigroup) would be willing to pay for help with this issue, and I suspect that we are not the only ones struggling with this.
> Gary Gaggiani, Director IS Travel Payment Services, Citi
> gary.j.gaggiani@citi.com
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.