My project was using older versions of Struts2 (2.0.x)
Now we are planning to upgrade Struts2 version which has some improvements and bug fixes.
I updated the pom.xml as per that. However I found out that in my old strtus2-core lib, there's
org.apache.struts2.views.util.TextUtil
But in latest version it's not there and I am facing compilation errors.
Any idea why it's missing or how do i get it?
Indeed org.apache.struts2.views.util.TextUtil was removed from Struts 2 after 2.1.6. You have a few options.
First, as Jaiwo99 indicated, Struts 2 is licensed under the Apache License v2, so you can just take a copy of the source for TextUtil from Struts 2.1.6 and put it in your application. The class has no dependencies on other code, so it should work fine.
Second, you could look at using StringEscapeUtils from Apache Commons Lang 3, which is now used by Struts2 for escaping HTML and JavaScript. Specifically, look at StringEscapeUtils.escapeHtml4() method.
Could it be this one?
com.opensymphony.xwork2.util.TextParserUtil
Related
I have a Maven jersey-quickstart-webapp Project I am developing in Eclipse. The project is a JERSEY REST backend with angularjs javascript frontend.
I would like to know how to check what version of EclipseLink my project is using.
Where can I find this property? I've searched high and low but I can't find it - I know that I did stumble across it before, so it definitely exists....
This question is trying to get to the bottom of the following question I posed months ago about a problem with eclipselink and Jersey REST, that still hasn't been fixed: Class not found when using JAX-RS with Eclipse and Glassfish
This should be fixed with jersey 2.22.1 and eclipselink 2.6.1, but I think somewhere in my setup, eclipselink 2.6.0 is still hanging around and screwing the whole thing up. Highly frustrating!
I know that eclipselink is being used in this project, because the following code returns 2.6.1 when the project is running. However, previously I saw that even though this was saying 2.6.1, that the eclipselink configuration somewhere(I can't remember where - doh!) was still saying version 2.6.0.
//This helps us tell what version of eclipse link we are using
Class<?> myClass = Class.forName("org.eclipse.persistence.Version");
Method myMethod = myClass.getMethod("getVersion");
String version = myMethod.invoke(null).toString();
System.out.println("version = " + version);
Here is what the Maven dependency hierarchy looks like - as you can see it has no eclipselink stuff in there:
All help highly appreciated...
The eclipselink you're running is provided by the Glassfish server. Look in the glassfish/modules directory and find the org.eclipse.persistence.core.jar file. Inside it will be a readme.html. Open that and the version of eclipselink that is installed in Glassfish will be there.
Mine says, for glassfish 4 (somewhat old) is:
<B>EclipseLink 2.5 Read Me</B>
Duplicated! Refer this
There is a static class and static method to get this information.
Example: How to print in java code
AbstractSessionLog.getLog().log(SessionLog.INFO, DatabaseLogin.getVersion());
I've updated tiles version from 2.2.2 to 3.0.1 and i currently have a workaround to show portlet content based on solution described in http://forum.springsource.org/showthread.php?98961-Webflow-with-JSP-Tiles-Portlet-has-no-content/page2. Applying:
ServletUtil.setForceInclude(request, true);
resolved the JSP blank problem in this case. Is there any kind of similar solution for tiles3? In tiles3 i am facing the same situation and i can't find the ServletUtil class or any alternative to help me solve this problem.
With Tiles3, you can do request.setAttribute(AbstractRequest.FORCE_INCLUDE_ATTRIBUTE_NAME, true)
A new TilesViewResolver#alwaysInclude property will be available in Spring Framework 4.1.2 to set this easily, more details available in the comment of this related JIRA issue at https://jira.spring.io/browse/SPR-12374.
We have projects using Struts 2.0 and 2.1.
We're using web-hosting with Tomcat and both projects are working fine on remote servers. Recently, we got warning message from the webhosting provider, like:
This notice is inform you that recently numerous vulnerabilities have been discovered related to Struts and Struts2 frameworks and other frameworks which use OGNL classes.
Since your application is using Struts or Struts2 framework, we HIGHLY recommend that you URGENTLY update it to the most recent version: Struts v2.3.16.1
After research, we found there're consistent upgrades:
http://struts.apache.org/announce.html
Therefore, we tried to upgrade our Struts2 to 2.3.16.3 (latest version at present). However, we found it's not a trivial task to upgrade Struts2, since everything doesn't work, including AJAX tags, AJX form submit, auto-complete, etc. In this sense, Struts 2 is not well designed for scalability.
One example is that whenever we submit our AJAX form, the result will be in a new page instead of in the targets field defined in the sx:submit or sj:submit tag. We don't want to re-write all the codes just because of the upgrade.
We want to know if we don't upgrade Struts2 to the latest version, what kind of vulnerabilities our web application will face. Could anyone give us more details or any hint for solutions based on our situation? Thanks so much.
You are probably looking for Security Bulletins. Each documents describe the summary, problem, and solution to resolve the problem. At the end of each document you can find hotfixes if they are available.
One example is that whenever we submit our ajax form, the result will
be in a new page instead of in the targets field defined in the
sx:submit or sj:submit tag.
It seems you are using struts2 and struts 2 jquery plugin, so try to update to struts 2 jquery 3.7.0 too.
I recommend to accept some reworks and upgrade as some security issues are high.
There are some key parts which has changed and may need to be considered during upgrade like acceptableParameterName. Also review your param interceptor stack and list of exclude parameters.
I moved a JSF application from Galssfish 3.1.2 to Glassfish 4.0 and I thought the new server release was completely back compatible.
I found out it is not.
I used an outdated library, Primefaces 2.X, and some components stopped working properly, at least <p:tabview>. Common sense suggests to pass to a newer library such as Primafaces 3.5, but that way I have to modify my xhtml pages. Cannot find a compatibility matrix anywhere, nor a migration tutorial. Can you help ?
There is at least another weird problem outside those related to the Primefaces library.
I have a quite complex page and till now I couldn't isolate the problem to a simpler scenario.
In this page I have an <ui:repeat> tag and then a form with a button.
The button is configured to send Ajax request and update (render) only a single ui component.
At the 3rd Ajax request it stops working and I get an error saying there is a duplicate ID corresponding to the <ui:repeat> tag.
Any idea ?
Is there a migration guide from Glassfish 3.1.2 to Glassfish 4.0 which gives hints on what has changed and how to modify existing applications ?
Update
I found the following post which deals about the last problem I'm talkin about
Component ID xxx has already been found in the view.
Unfortunately I cannot understand how to solve it despite it has an accepted answer !
This is one of the many bugs that were released with GF4.
I would suggest either waiting for the next release of GF (if you need a released version) or update GF to the latest JSF release (Currently 2.2.8 I think).
JSF implementation jars
JEE7 APIs
JSF current and older bugs
I'm using a Content Repository (Adobe CQ5) that has Apache Sling underneath. I'd like to render web pages using FreeMarker instead of JSP.
For that to work should I upload the OSGi Freemarker extension to Sling, which is to be found in the contribution part of Sling source code, or should I upload an OSGi version of Freemarker instead? Both jars implement the interface javax.script.ScriptEngineFactory so I don't know which one to use, or to upload both.
I managed to get Freemarker working on CQ5.3 by doing the following:
get the source from svn checkout http://svn.apache.org/repos/asf/sling/trunk sling
go to the contrib/scripting/freemarker and remove all the logging and slf4j references from FreemarkerScriptEngine.java - it throws a 500 error due to NoClassDefFoundException - I think there is a conflict between CQ5 and a version of slf4j included in Freemarker (I didn't dig to find out what was wrong)
build it and install, it should appear in the Sling console under bundles and in the 'script engines' page, and let you use .ftl scripts now.
I did it slightly differently by creating the bundle inside CQ5, importing the code and adding a stock freemarker.jar into the bundle but this should work too as it's basically the same thing.
The problem I had was that the script engine does get listed but the logging prevents it from running, that's why you need to remove the log & slf4j from the engine.
I don't know about the OSGi version of Freemarker; we created our own bundling of Freemarker specially for Sling. If you have success using the OSGi version of Freemarker let us know ;-)
Testing is easy: Just install the bundle through the Web Console and check for the supported Script Engines in the Web Console Configuration Status. If you see the Freemarker Engine listed there, it should work.