You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@struts.apache.org by "Musachy Barroso (JIRA)" <ji...@apache.org> on 2008/12/09 18:13:37 UTC

[jira] Commented: (WW-2857) SecurityException accessing theme.properites

    [ https://issues.apache.org/struts/browse/WW-2857?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=45200#action_45200 ] 

Musachy Barroso commented on WW-2857:
-------------------------------------

Why would we want to catch the exception in this case? If the props are pointing to a location, which is forbidden, the exception is valid, as there is a configuration problem.

> SecurityException accessing theme.properites
> --------------------------------------------
>
>                 Key: WW-2857
>                 URL: https://issues.apache.org/struts/browse/WW-2857
>             Project: Struts 2
>          Issue Type: Bug
>            Reporter: Eddy Chan
>             Fix For: 2.1.3
>
>
> With WW-1368 (https://issues.apache.org/struts/browse/WW-1368), a bug is introduced when security is enabled as the file system path for the theme.properties file may not be within the webapp and thus, requires a FilePermission to access the invalid path.  Therefore, there needs to be a catch for a SecurityException.  The method of the call is in org.apache.struts2.components.template.BaseTemplateEngine.getThemeProps(Template) and the call is propFile.exists().

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.