velocity-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robin Mannering" <robin_mannerin...@hotmail.com>
Subject Re: Velocity Config/Security Issue
Date Wed, 11 Oct 2006 22:17:20 GMT
Sorry, some more logging that might make it clearer.

My local machine uses request objects:
org.apache.coyote.tomcat5.CoyoteRequestFacade@1fd25ce
and
org.apache.catalina.core.ApplicationHttpRequest@1e389b8

Whereas the hosted server with the problem uses:
org.apache.catalina.connector.RequestFacade@121d818
and
org.apache.catalina.core.ApplicationHttpRequest@76f954



Log 1 - From action class running on hosted server
--------------------------------------------------
11-Oct 17:52:49.647 |DEBUG|                TestAction.executeLogic           
    | request = 'org.apache.catalina.connector.RequestFacade@121d818'
11-Oct 17:52:49.648 |DEBUG|                TestAction.executeLogic           
    | request.getContextPath() = ''
11-Oct 17:52:49.648 |DEBUG|                TestAction.executeLogic           
    | request.getMethod() = 'GET'
11-Oct 17:52:49.649 |DEBUG|                TestAction.executeLogic           
    | request.getSession().getId() = '28536F4542A222DC6F0E6DE23442DC6D'
11-Oct 17:52:49.650 |DEBUG|                TestAction.executeLogic           
    | request.getRequestURI() = '/test.htm'
11-Oct 17:52:49.650 |DEBUG|                TestAction.executeLogic           
    | request.getRequestURL() = 'http://www.chaletexplorer.com/test.htm'
11-Oct 17:52:49.651 |DEBUG|                TestAction.executeLogic           
    | request.getServletPath() = '/test.htm'


Log 2 - From VM Template/page running on hosted server
------------------------------------------------------
request = 'org.apache.catalina.core.ApplicationHttpRequest@76f954'
request.contextPath = '/'
request.method = 'GET'
request.session.id = '$request.session.id'
request.requestURI = '//test.vm'
request.requestURL = 'http://www.chaletexplorer.com//test.vm'
request.servletPath = '/test.vm'


Log 3 - From action class (running on my local machine)
-------------------------------------------------------

12-Oct 00:10:17.516 |DEBUG|                TestAction.executeLogic           
    | request = 'org.apache.coyote.tomcat5.CoyoteRequestFacade@1fd25ce'
12-Oct 00:10:17.516 |DEBUG|                TestAction.executeLogic           
    | request.getContextPath() = '/indy'
12-Oct 00:10:17.516 |DEBUG|                TestAction.executeLogic           
    | request.getMethod() = 'GET'
12-Oct 00:10:17.516 |DEBUG|                TestAction.executeLogic           
    | request.getSession().getId() = '79E50B9B3F25A2897BF420521952D51F'
12-Oct 00:10:17.516 |DEBUG|                TestAction.executeLogic           
    | request.getRequestURI() = '/indy/test.htm'
12-Oct 00:10:17.532 |DEBUG|                TestAction.executeLogic           
    | request.getRequestURL() = 'http://localhost:8080/indy/test.htm'
12-Oct 00:10:17.532 |DEBUG|                TestAction.executeLogic           
    | request.getServletPath() = '/test.htm'


Log 4 - From VM Template/page (running on my local machine)
-----------------------------------------------------------
request = 'org.apache.catalina.core.ApplicationHttpRequest@1e389b8'
request.contextPath = '/indy'
request.method = 'GET'
request.session.id = '79E50B9B3F25A2897BF420521952D51F'
request.requestURI = '/indy/test.vm'
request.requestURL = 'http://localhost:8080/indy/test.htm'
request.servletPath = '/test.vm'



--------------------------------------------------


>From: "Robin Mannering" <robin_mannering75@hotmail.com>
>Reply-To: "Velocity Users List" <velocity-user@jakarta.apache.org>
>To: velocity-user@jakarta.apache.org
>Subject: Re: Velocity Config/Security Issue
>Date: Wed, 11 Oct 2006 22:08:29 +0000
>
>Hi all,
>
>Can anyone shed some light? I have some more facts now....
>
>The original problem was Velocity required permission on a core package 
>within catalina. Is this because it couldn't find the 'correct' request 
>object.
>
>Here are some logs, the first is from a Struts action class,  the second is 
>output from the velocity template forwarded to immediately after the action 
>class.  They refer to different request objects that ultimately give 
>different values. Should the velocity template not also refer to 
>org.apache.catalina.connector.RequestFacade@121d818 ??
>
>Any help/clues would be greatly appreciated.
>
>Log 1 - From action class
>----------------------------------
>11-Oct 17:52:49.647 |DEBUG|                TestAction.executeLogic          
>     | request = 'org.apache.catalina.connector.RequestFacade@121d818'
>11-Oct 17:52:49.648 |DEBUG|                TestAction.executeLogic          
>     | request.getContextPath() = ''
>11-Oct 17:52:49.648 |DEBUG|                TestAction.executeLogic          
>     | request.getMethod() = 'GET'
>11-Oct 17:52:49.649 |DEBUG|                TestAction.executeLogic          
>     | request.getSession().getId() = '28536F4542A222DC6F0E6DE23442DC6D'
>11-Oct 17:52:49.650 |DEBUG|                TestAction.executeLogic          
>     | request.getRequestURI() = '/test.htm'
>11-Oct 17:52:49.650 |DEBUG|                TestAction.executeLogic          
>     | request.getRequestURL() = 'http://www.chaletexplorer.com/test.htm'
>11-Oct 17:52:49.651 |DEBUG|                TestAction.executeLogic          
>     | request.getServletPath() = '/test.htm'
>
>Log 2 - From VM Template/page
>-----------------------------
>request = 'org.apache.catalina.core.ApplicationHttpRequest@76f954'
>
>request.contextPath = '/'
>
>request.method = 'GET'
>
>request.session.id = '$request.session.id'
>
>request.requestURI = '//test.vm'
>
>request.requestURL = 'http://www.chaletexplorer.com//test.vm'
>
>request.servletPath = '/test.vm'
>
>
>
>
>
>
>
>>From: "Will Glass-Husain" <wglass@forio.com>
>>Reply-To: "Velocity Users List" <velocity-user@jakarta.apache.org>
>>To: "Velocity Users List" <velocity-user@jakarta.apache.org>
>>Subject: Re: Velocity Config/Security Issue
>>Date: Wed, 11 Oct 2006 06:25:35 -0700
>>
>>I don't think it's Velocity which requires that permission, I'm
>>guessing it's the request object which is ultimately provided by
>>Tomcat...
>>
>>WILL
>>
>>On 10/11/06, Robin Mannering <robin_mannering75@hotmail.com> wrote:
>>>Hi Will,
>>>
>>>Thanks for the links, I'll give them a thorough read.
>>>
>>>I've been working with the hosting company who set up the server config 
>>>and
>>>they have give the application permission to org.apache.catalina.core
>>>although they are troubled to do so.
>>>
>>>They seem very surprised that velocity requires this permission.
>>>
>>>Since they granted the permission, the problem has cleared up and
>>>$request.contextPath now has a value within a velocity template (although
>>>this has changed from an empty value to '/' so I need to make source
>>>amendments.  Not a problem, just worrying it takes on a new value in a
>>>different hosting environment.
>>>
>>>Thanks again for your help
>>>Robin
>>>
>>>
>>> >From: "Will Glass-Husain" <wglass@forio.com>
>>> >Reply-To: "Velocity Users List" <velocity-user@jakarta.apache.org>
>>> >To: "Velocity Users List" <velocity-user@jakarta.apache.org>
>>> >Subject: Re: Velocity Config/Security Issue
>>> >Date: Tue, 10 Oct 2006 15:04:32 -0700
>>> >
>>> >What app server are you using?  This is a server configuration issue.
>>> >If someone else set it up, you might also want to work with them.
>>> >
>>> >If you're using Tomcat, check out:
>>> >http://tomcat.apache.org/tomcat-5.5-doc/security-manager-howto.html
>>> >
>>> >And you should read the Sun docs at:
>>> >http://java.sun.com/j2se/1.5.0/docs/guide/security/permissions.html
>>> >
>>> >WILL
>>> >
>>> >On 10/10/06, Robin Mannering <robin_mannering75@hotmail.com> wrote:
>>> >>Hi Will,
>>> >>
>>> >>thanks for your help. Sorry. I'm new to permissions, could you explain

>>>a
>>> >>little more for me please.
>>> >>
>>> >>Thanks
>>> >>Robin
>>> >>
>>> >>
>>> >> >From: "Will Glass-Husain" <wglass@forio.com>
>>> >> >Reply-To: "Velocity Users List" <velocity-user@jakarta.apache.org>
>>> >> >To: "Velocity Users List" <velocity-user@jakarta.apache.org>
>>> >> >Subject: Re: Velocity Config/Security Issue
>>> >> >Date: Tue, 10 Oct 2006 08:24:57 -0700
>>> >> >
>>> >> >Looks like the security policy on your app server needs to be tuned.
>>> >> >Have you tried giving the permission java.lang.RuntimePermission
for
>>> >> >accessClassInPackage.org.apache.catalina.core?
>>> >> >
>>> >> >WILL
>>> >> >
>>> >> >On 10/10/06, Robin Mannering <robin_mannering75@hotmail.com>
wrote:
>>> >> >>Hi all,
>>> >> >>
>>> >> >>I'm new back on this list in a while, please excuse if the 
>>>following
>>> >> >>problem
>>> >> >>is obvious/has been posted before.
>>> >> >>
>>> >> >>I am transferring an existing site based on Struts/Velocity
to a 
>>>new
>>> >>web
>>> >> >>hosting provider.  The application runs smoothly on its current

>>>host.
>>> >> >>
>>> >> >>However, there seems to be one last stumbling block with the
new 
>>>server
>>> >>in
>>> >> >>that the Struts object; 'request' appears not to be in scope
within
>>> >> >>velocity
>>> >> >>pages (there may be others not in scope).
>>> >> >>
>>> >> >>I'm using the VelocityLayoutServlet if that helps.
>>> >> >>
>>> >> >>I've attached a snippet of the log file that points to the problem

>>>I
>>> >> >>mentioned, notable the 'java.security.AccessControlException'
and
>>> >> >>'$request.contextPath is not a valid reference'
>>> >> >>
>>> >> >>All other velocity directives appear to be functioning as normal.
>>> >> >>
>>> >> >>Has anyone seen this behaviour before? Any help would be greatly
>>> >> >>appreciated.
>>> >> >>
>>> >> >>Kind regards
>>> >> >>Robin
>>> >> >>
>>> >> >>10-Oct 02:45:21.752 |INFO |                       [/].log
>>> >> >>     |  Velocity   [info] ResourceManager : found
>>> >>/pages/frontend/home.vm
>>> >> >>with loader org.apache.velocity.tools.view.servlet.WebappLoader
>>> >> >>10-Oct 02:45:21.761 |INFO |                       [/].log
>>> >> >>     |  Velocity  [error] PROGRAMMER ERROR : PropertyExector()
:
>>> >> >>java.security.AccessControlException: access denied
>>> >> >>(java.lang.RuntimePermission
>>> >> >>accessClassInPackage.org.apache.catalina.core)
>>> >> >>10-Oct 02:45:21.763 |INFO |                       [/].log
>>> >> >>     |  Velocity  [error] ASTIdentifier.execute() : identifier
=
>>> >> >>contextPath
>>> >> >>: java.security.AccessControlException: access denied
>>> >> >>(java.lang.RuntimePermission
>>> >> >>accessClassInPackage.org.apache.catalina.core)
>>> >> >>10-Oct 02:45:21.764 |INFO |                       [/].log
>>> >> >>     |  Velocity  [error] RHS of #set statement is null. Context

>>>will
>>> >>not
>>> >> >>be
>>> >> >>modified. /pages/frontend/home.vm [line 9, column 1]
>>> >> >>10-Oct 02:45:21.772 |INFO |                       [/].log
>>> >> >>     |  Velocity  [error] PROGRAMMER ERROR : PropertyExector()
:
>>> >> >>java.security.AccessControlException: access denied
>>> >> >>(java.lang.RuntimePermission
>>> >> >>accessClassInPackage.org.apache.catalina.core)
>>> >> >>10-Oct 02:45:21.773 |INFO |                       [/].log
>>> >> >>     |  Velocity  [error] ASTIdentifier.execute() : identifier
=
>>> >> >>contextPath
>>> >> >>: java.security.AccessControlException: access denied
>>> >> >>(java.lang.RuntimePermission
>>> >> >>accessClassInPackage.org.apache.catalina.core)
>>> >> >>10-Oct 02:45:21.774 |INFO |                       [/].log
>>> >> >>     |  Velocity   [warn]
>>> >> >>org.apache.velocity.runtime.exception.ReferenceException: reference

>>>:
>>> >> >>template = /pages/frontend/home.vm [line 32,column 34] :
>>> >> >>$request.contextPath is not a valid reference.
>>> >> >>
>>> >> >>_________________________________________________________________
>>> >> >>Windows Live™ Messenger has arrived. Click here to download
it for
>>> >>free!
>>> >> >>http://imagine-msn.com/messenger/launch80/?locale=en-gb
>>> >> >>
>>> >> >>
>>> >> 
>>> >>---------------------------------------------------------------------
>>> >> >>To unsubscribe, e-mail: 
>>>velocity-user-unsubscribe@jakarta.apache.org
>>> >> >>For additional commands, e-mail: 
>>>velocity-user-help@jakarta.apache.org
>>> >> >>
>>> >> >>
>>> >> >
>>> >> >
>>> >> >--
>>> >> >Forio Business Simulations
>>> >> >
>>> >> >Will Glass-Husain
>>> >> >wglass@forio.com
>>> >> >www.forio.com
>>> >> >
>>> >> 
>>> >---------------------------------------------------------------------
>>> >> >To unsubscribe, e-mail: velocity-user-unsubscribe@jakarta.apache.org
>>> >> >For additional commands, e-mail: 
>>>velocity-user-help@jakarta.apache.org
>>> >> >
>>> >>
>>> >>_________________________________________________________________
>>> >>Be the first to hear what's new at MSN - sign up to our free 
>>>newsletters!
>>> >>http://www.msn.co.uk/newsletters
>>> >>
>>> >>
>>> >>---------------------------------------------------------------------
>>> >>To unsubscribe, e-mail: velocity-user-unsubscribe@jakarta.apache.org
>>> >>For additional commands, e-mail: velocity-user-help@jakarta.apache.org
>>> >>
>>> >>
>>> >
>>> >
>>> >--
>>> >Forio Business Simulations
>>> >
>>> >Will Glass-Husain
>>> >wglass@forio.com
>>> >www.forio.com
>>> >
>>> >---------------------------------------------------------------------
>>> >To unsubscribe, e-mail: velocity-user-unsubscribe@jakarta.apache.org
>>> >For additional commands, e-mail: velocity-user-help@jakarta.apache.org
>>> >
>>>
>>>_________________________________________________________________
>>>Download the new Windows Live Toolbar, including Desktop search!
>>>http://toolbar.live.com/?mkt=en-gb
>>>
>>>
>>>---------------------------------------------------------------------
>>>To unsubscribe, e-mail: velocity-user-unsubscribe@jakarta.apache.org
>>>For additional commands, e-mail: velocity-user-help@jakarta.apache.org
>>>
>>>
>>
>>
>>--
>>Forio Business Simulations
>>
>>Will Glass-Husain
>>wglass@forio.com
>>www.forio.com
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: velocity-user-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: velocity-user-help@jakarta.apache.org
>>
>
>_________________________________________________________________
>Windows Live™ Messenger has arrived. Click here to download it for free! 
>http://imagine-msn.com/messenger/launch80/?locale=en-gb
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: velocity-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: velocity-user-help@jakarta.apache.org
>

_________________________________________________________________
Be the first to hear what's new at MSN - sign up to our free newsletters! 
http://www.msn.co.uk/newsletters


---------------------------------------------------------------------
To unsubscribe, e-mail: velocity-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: velocity-user-help@jakarta.apache.org


Mime
View raw message