You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@commons.apache.org by "Michael Smith (JIRA)" <ji...@apache.org> on 2016/10/10 12:11:20 UTC

[jira] [Created] (OGNL-256) OGNL 3.0.19 (and many previous) do not work with SecurityManager Enabled

Michael Smith created OGNL-256:
----------------------------------

             Summary: OGNL 3.0.19 (and many previous) do not work with SecurityManager Enabled
                 Key: OGNL-256
                 URL: https://issues.apache.org/jira/browse/OGNL-256
             Project: Commons OGNL
          Issue Type: Bug
          Components: Core Runtime
    Affects Versions: 3.0.13
            Reporter: Michael Smith


When using SecurityManager, we get the following error.

java.lang.IllegalAccessException: Method [public java.lang.String com.opensymphony.xwork2.ActionSupport.execute() throws java.lang.Exception] cannot be accessed.

We used profilingSecurityManager to generate our policy file.. (but there could be issues)..

Do you have a suitable example policy file for ognl that could be used.. we dont want to have to set the OgnlRunTime.securityManger(null) hack.





--
This message was sent by Atlassian JIRA
(v6.3.4#6332)