Win a copy of Learning OpenStack Networking: Build a solid foundation in virtual networking technologies for OpenStack-based clouds this week in the Cloud/Virtualization forum!

Joe Ess

+ Follow
since Oct 29, 2001
Joe likes ...
Linux Mac OS X Windows
Forum Moderator
Joe Ess currently moderates these forums:
Cows and Likes
Total received
In last 30 days
Total given
Total received
Received in last 30 days
Total given
Given in last 30 days
Forums and Threads
Scavenger Hunt
expand Rancher Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Joe Ess

What are you trying to do with this bean?  If you just need to display a drop-down list on a form, you should be able to do that with the select tag.
3 days ago
Struts 1.x is past end of life and is unsupported.  If it is at all possible, upgrade to the latest version of Struts 2 or another framework.
If you want to persist a collection to a JSP and recover it later, you have to use indexed properties.  If you aren't displaying the properties on the page, it may be easier to put the value in the session.
1 week ago
By CSP, do you mean Content Security Policy?  I have used Tomcat's httpHeaderSecurity to add protection against malicious requests. 
You should be aware that Struts 1.2.7 has known vulnerabilities to cross site scripting (among other known attacks) and I don't know that a filter at the server layer would protect against that.
If you are concerned about security (including XSS), the solution is to upgrade Struts or move to another framework.
1 week ago
I agree with Tim.
That said, I'm not aware of any BaseDispatchAction class in Struts 1.  There is a DispatchAction, which is an abstract class intended to be extended by the developer and used to create a class with several related execute methods (For example, all the CRUD methods for a particular piece of data).
2 weeks ago
Does the popup window have an address bar?  If not, turn it on and see what the URL is.
Look at the source code of the page in the browser.  The generated "a" tag is probably different from the html:link tag.
2 weeks ago
I'm thinking the action attribute was added in a later version. I'm looking at the Struts 1.3 documentation and it does have the action attribute.
You could try upgrading Struts to a later version but that may have other side effects.
Another option is to use Java code in a scriptlet to construct your link, but that is considered "bad practice"
2 weeks ago
Struts 1 is past end of life and is not supported. 
That said, the error JSPG0218E is usually caused when a custom JSP tag references a property that the corresponding tag class does not have a setter for.  Looking at the documentation for LinkTag, it does, in fact, have an "action" property. 
What version of Struts 1 are you using?
2 weeks ago
I think I've gotten to the bottom of this.  It turns out that secure cookies are not sent to the server with an HTTP request see here and here
I tried the demo with HTTPS and it works fine with secure cookies. 
I had tried experimenting with the various security options available in Tomcat last month, so I figured something was configured wrong.  I installed Tomcat fresh and the demo app works fine with full constraints. 
I went back to my security notes and the first step is to change session-config setting in the $TOMCAT_HOME/conf/web.xml  file to the following:

With the cookie-config set up this way, the app does not work.  I commented out the "secure" tag and the app works fine.  ¯\_(ツ)_/¯
Since this application is an internal network app, I can safely leave these options out. 

I have an application deployed on Tomcat 9.0.8 that displays several pages with select fields that contain a large number of items.  To expedite displaying these pages, I load the select boxes via an AJAX call.  In my latest build, the AJAX call is not working.  It appears that the logged-in user's session is not being carried over in the AJAX call.  If I debug the script, the result of the call doesn't contain the expected XML, it contains the login page.  If I exempt the XML source from the security constraints, the XML loads as expected.  Am I missing something on how AJAX and authentication are supposed to work?
I tried to simplify the code as much as possible:


The security section of web.xml:

Note that if the data web resource is commented out, the data loads fine.  If it is uncommented, the data does not load.
Note that for testing purposes, I'm using the built-in Tomcat user database.  You should have an entry for the role and a user in $TOMCAT_HOME/conf/tomcat-users.xml like the following:

The Struts textfield field is connected to the Struts framework.  If you had a textfield declared as such:

Struts will expect the Action that preceded the JSP page to have a field with the same name (and a method "getFirstName").  That way, the Action can retrieve values to set on the JSP should you be editing a known value.  Struts also adds some functionality to form tags.  For example, by default it wraps a field in table tags, which is useful in typical use cases.
See the Tag Syntax  and the Tag Developer's Guide for more information.
You can use regular HTML tags with Struts but I believe you have to jump through some hoops to get the framework to recognize the field when it is submitted.
3 weeks ago
Thanks for confirming my suspicions, Tim.
3 weeks ago
I am updating an application to the newest version of Struts.  I deploy the application to Tomat 9.0.8 by copying the WAR file into the $TOMCAT_HOME/webapps directory.  When the application redeploys, Tomcat displays an error:

The weird thing is, the 1-physician directory is the temp directory for the old version of the application. If I look in that directory, most of the application files have been deleted except web/WEB-INF/lib, which contains all the dependency JAR files except for that one.  There will be a new temp directory, in this case, 3-physician, created for the new deployment with all the application files.
After this, the application throws a bunch of exceptions if I try to access pages:

I have to restart Tomcat to get the application to run again.  Deploying the application in this way was never an issue before.  Any ideas as to why now?
4 weeks ago
Better than some things I imagine...
4 weeks ago

Henry Wong wrote:

Joe Ess wrote:Still trying to justify your hobby to us, Henry?  

Hee hee... 

My boys and I made a second pass at playing it about a year ago.  It was fun for a little bit, but then I came to the conclusion that I really don't like the grind of keeping my phone on everywhere we walk and having to defeat the same gyms (often the same people's pokemon's) and spin flippin pokestops every day.  
But you do you!
1 month ago