I have an application which is using Struts 220.127.116.11.The application is flagged as vulnerable due to the old version of struts.I am facing issues while upgrading the struts to version 18.104.22.168(this is the latest allowed version in our organization). After a lot of research on google i understood that the Dojo classes are deprecated in the new struts version. However our project uses a lot of dojo tags. I am aware of the alternative plugins such as Struts Jquery. But use of alternative plugins will involve a lot of code change and testing which is not feasible in the current time frame we have got. Is there some way out to use the dojo tags with the struts to version 22.214.171.124?. Can we somehow incorporate the struts2-dojo-plugin with the Struts version 126.96.36.199?.
i tried it myself but am getting stuck(details mentioned below)
What i tried:
1) I replaced the Struts core jar with struts2-core-188.8.131.52 jar.
2) Updated all the dependency jars as mentioned in the Maven repository.
3) Added struts2-dojo-plugin-184.108.40.206
4) Included in JSP-s
<%@ taglib prefix="sx" uri="/struts-dojo-tags"%>
The issue i am facing:
When i hit the JSP below is the error i get. Any help is highly appreciated.Let me know if you need any more details or information from my side.
Please let us know if you post the same question elsewhere. We don't want do duplicate effort if the other forum has already solved the issue.
Naveen Naik wrote: i understood that the Dojo classes are deprecated in the new struts version.
The Dojo plugin has been deprecated since version 2.1 (around January, 2009).
I see you posted on the other site that you were using JAR files from different versions of Struts at one time. Have a look at this FAQ entry for advice on how to manage dependencies (though if you're using Maven, that should be taken care of for you) Can you detail all the JAR files you are using?
Thanks for your reply. yes i have posted the question on the other forum as well.Apologies if this is not expected. i have very less time frame and i didn't know that both the forums have same volunteers answering the questions.
However i have still not got the answer to my question i.e is there a way or a workaround to use Dojo tags with struts version 220.127.116.11?
Also as requested below is the list of jars present in my webinf /lib.
Naveen Naik wrote: i have posted the question on the other forum as well.Apologies if this is not expected. i have very less time frame and i didn't know that both the forums have same volunteers answering the questions.
No worries. We just don't want to duplicate effort.
I looked at the dependencies and I don't see any obvious conflicts. It looks like you are missing the log4j-api and log4j-core libraries, but I don't think that would cause the issue you are seeing. The classes in the servlet-api JAR are probably provided by your server at runtime so you probably don't need to package that (you may need it to compile).
Poking around the Struts issue tracker, it looks like Dojo may be broken in IE 11. You may want to experiment with different browsers.
Unfortunately, I don't have any experience with Dojo. We have always used JQuery. If I were in your position, I would start with a fresh Struts projects and create some simple demos of Dojo functionality to verify that it works at all. Once verifying that, I would build it up to duplicate the parts of the application you are having a problem with. If the Dojo plugin still works, you should be able to isolate the issue you posted above and resolve or work around it. If the Dojo plugin does not work, you can ask your management to weigh the cost of a having a vulnerable application with the cost of changing it out with JQuery (or whatever other technology you choose).
One other factor to consider is the fact that the Dojo plugin is no longer distributed with Struts, going forward with version 2.5. If your organization plans to keep current with security updates, they will eventually have to migrate from Dojo.
var freeFormWidget=dojo.widget.byId("viewMsgTab"); and