GAE/J(Google App Engine for Java)는 매우 높은 보안 환경을 제공하고 있어서 struts2를 사용할 때 OgnlRuntime security manager를 변경해줘야 한다.
아래는 보안관리자때문에 속성을 설정하려고 할때 메소드에 접근할 수 없다는 예외가 발생한 결과를 보여주고 있다.
이것을 해결하기 위해서는 security manager를 null로 설정한 listener를 추가해줘야한다.
그런다음 web.xml에 아래와 같이 추가한다.
참고 :
http://programmingpanda.blogspot.com/2009/07/struts-2-ongl-issue-on-google-app.html
아래는 보안관리자때문에 속성을 설정하려고 할때 메소드에 접근할 수 없다는 예외가 발생한 결과를 보여주고 있다.
ognl.MethodFailedException: Method "setNameCardId" failed for object kr.nextree.ncbcrm.action.NameCardController@14e40da [java.lang.IllegalAccessException: Method [public void kr.nextree.ncbcrm.action.NameCardController.setNameCardId(long)]
cannot be accessed.]
at ognl.OgnlRuntime.callAppropriateMethod(OgnlRuntime.java:823)
at ognl.OgnlRuntime.callAppropriateMethod(OgnlRuntime.java:823)
at ognl.OgnlRuntime.setMethodValue(OgnlRuntime.java:964)
at ognl.ObjectPropertyAccessor.setPossibleProperty(ObjectPropertyAccessor.java:75)
at ognl.ObjectPropertyAccessor.setProperty(ObjectPropertyAccessor.java:131)
at com.opensymphony.xwork2.ognl.accessor.ObjectAccessor.setProperty(ObjectAccessor.java:28)
at ognl.OgnlRuntime.setProperty(OgnlRuntime.java:1656)
at com.opensymphony.xwork2.ognl.accessor.CompoundRootAccessor.setProperty(CompoundRootAccessor.java:50)
at ognl.OgnlRuntime.setProperty(OgnlRuntime.java:1656)
at ognl.ASTProperty.setValueBody(ASTProperty.java:101)
at ognl.SimpleNode.evaluateSetValueBody(SimpleNode.java:177)
at ognl.SimpleNode.setValue(SimpleNode.java:246)
at ognl.Ognl.setValue(Ognl.java:476)
cannot be accessed.]
at ognl.OgnlRuntime.callAppropriateMethod(OgnlRuntime.java:823)
at ognl.OgnlRuntime.callAppropriateMethod(OgnlRuntime.java:823)
at ognl.OgnlRuntime.setMethodValue(OgnlRuntime.java:964)
at ognl.ObjectPropertyAccessor.setPossibleProperty(ObjectPropertyAccessor.java:75)
at ognl.ObjectPropertyAccessor.setProperty(ObjectPropertyAccessor.java:131)
at com.opensymphony.xwork2.ognl.accessor.ObjectAccessor.setProperty(ObjectAccessor.java:28)
at ognl.OgnlRuntime.setProperty(OgnlRuntime.java:1656)
at com.opensymphony.xwork2.ognl.accessor.CompoundRootAccessor.setProperty(CompoundRootAccessor.java:50)
at ognl.OgnlRuntime.setProperty(OgnlRuntime.java:1656)
at ognl.ASTProperty.setValueBody(ASTProperty.java:101)
at ognl.SimpleNode.evaluateSetValueBody(SimpleNode.java:177)
at ognl.SimpleNode.setValue(SimpleNode.java:246)
at ognl.Ognl.setValue(Ognl.java:476)
이것을 해결하기 위해서는 security manager를 null로 설정한 listener를 추가해줘야한다.
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import javax.servlet.http.HttpSessionAttributeListener;
import javax.servlet.http.HttpSessionBindingEvent;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;
import ognl.OgnlRuntime;
/**
* OgnlRuntime 보안관리자를 널로 설정하는 Servlet 리스너
* @author <a href="mailto:byleem@nextree.co.kr">임병인</a>
* @since 2009. 9. 17.
*/
public class ONGLFixListener implements ServletContextListener, HttpSessionListener, HttpSessionAttributeListener {
/** UID */
private static final long serialVersionUID = 6090732506717974395L;
/**
* 기본생성자
*/
public ONGLFixListener() {
// nothing to do.
}
/* (non-Javadoc)
* @see javax.servlet.ServletContextListener#contextDestroyed(javax.servlet.ServletContextEvent)
*/
public void contextDestroyed(ServletContextEvent sce) {
}
/* (non-Javadoc)
* @see javax.servlet.ServletContextListener#contextInitialized(javax.servlet.ServletContextEvent)
*/
public void contextInitialized(ServletContextEvent sce) {
OgnlRuntime.setSecurityManager(null);
}
...
import javax.servlet.ServletContextListener;
import javax.servlet.http.HttpSessionAttributeListener;
import javax.servlet.http.HttpSessionBindingEvent;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;
import ognl.OgnlRuntime;
/**
* OgnlRuntime 보안관리자를 널로 설정하는 Servlet 리스너
* @author <a href="mailto:byleem@nextree.co.kr">임병인</a>
* @since 2009. 9. 17.
*/
public class ONGLFixListener implements ServletContextListener, HttpSessionListener, HttpSessionAttributeListener {
/** UID */
private static final long serialVersionUID = 6090732506717974395L;
/**
* 기본생성자
*/
public ONGLFixListener() {
// nothing to do.
}
/* (non-Javadoc)
* @see javax.servlet.ServletContextListener#contextDestroyed(javax.servlet.ServletContextEvent)
*/
public void contextDestroyed(ServletContextEvent sce) {
}
/* (non-Javadoc)
* @see javax.servlet.ServletContextListener#contextInitialized(javax.servlet.ServletContextEvent)
*/
public void contextInitialized(ServletContextEvent sce) {
OgnlRuntime.setSecurityManager(null);
}
...
그런다음 web.xml에 아래와 같이 추가한다.
<listener>
<description>To change the OgnlRuntime security manager</description>
<listener-class>kr.nextree.ncbcrm.util.ONGLFixListener</listener-class>
</listener>
<description>To change the OgnlRuntime security manager</description>
<listener-class>kr.nextree.ncbcrm.util.ONGLFixListener</listener-class>
</listener>
참고 :
http://programmingpanda.blogspot.com/2009/07/struts-2-ongl-issue-on-google-app.html