You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@struts.apache.org by "Musachy Barroso (JIRA)" <ji...@apache.org> on 2008/12/09 18:13:37 UTC
[jira] Commented: (WW-2857) SecurityException accessing
theme.properites
[ https://issues.apache.org/struts/browse/WW-2857?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=45200#action_45200 ]
Musachy Barroso commented on WW-2857:
-------------------------------------
Why would we want to catch the exception in this case? If the props are pointing to a location, which is forbidden, the exception is valid, as there is a configuration problem.
> SecurityException accessing theme.properites
> --------------------------------------------
>
> Key: WW-2857
> URL: https://issues.apache.org/struts/browse/WW-2857
> Project: Struts 2
> Issue Type: Bug
> Reporter: Eddy Chan
> Fix For: 2.1.3
>
>
> With WW-1368 (https://issues.apache.org/struts/browse/WW-1368), a bug is introduced when security is enabled as the file system path for the theme.properties file may not be within the webapp and thus, requires a FilePermission to access the invalid path. Therefore, there needs to be a catch for a SecurityException. The method of the call is in org.apache.struts2.components.template.BaseTemplateEngine.getThemeProps(Template) and the call is propFile.exists().
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.