Home/ Questions/Q 7537039
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-30T06:44:22+00:00

I am using Spring security 3.0.6 . The following JSP snippet is the culprit

  • 0

I am using Spring security 3.0.6. The following JSP snippet is the culprit :

<sec:authorize access="hasRole('ROLE_PREVIOUS_ADMINISTRATOR')">
                         <a href="<s:url value='/exitUser' />">
                            Switch back to your own role</a>
</sec:authorize>

The following exception is thrown :

    Struts has detected an unhandled exception:
# Messages:     Stream closed
File:   org/apache/jasper/runtime/JspWriterImpl.java
Line number:    210
Stacktraces
java.io.IOException: Stream closed

    org.apache.jasper.runtime.JspWriterImpl.ensureOpen(JspWriterImpl.java:210)
    org.apache.jasper.runtime.JspWriterImpl.flushBuffer(JspWriterImpl.java:115)
    org.apache.jasper.runtime.JspWriterImpl.flush(JspWriterImpl.java:177)
    org.apache.jasper.runtime.JspRuntimeLibrary.include(JspRuntimeLibrary.java:915)
    org.apache.jasper.runtime.PageContextImpl.include(PageContextImpl.java:652)
    org.apache.struts2.dispatcher.ServletDispatcherResult.doExecute(ServletDispatcherResult.java:123)
    org.apache.struts2.dispatcher.StrutsResultSupport.execute(StrutsResultSupport.java:186)
    com.opensymphony.xwork2.DefaultActionInvocation.executeResult(DefaultActionInvocation.java:373)
    com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:277)
    org.apache.struts2.impl.StrutsActionProxy.execute(StrutsActionProxy.java:52)
    org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:498)
    org.apache.struts2.dispatcher.FilterDispatcher.doFilter(FilterDispatcher.java:434)

I have successfully switched the user to another role and is now trying to display the link to switch back to his own role, but only if he has actually switched. I gather that the user has ROLE_PREVIOUS_ADMINISTRATOR if he has switched roles, and so I am doing the above.

I have included the tag library via :

<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I had not specified 

    <http use-expressions="true">

    in my spring security xml. After having done that, and changing the intercept urls to use expressions in their accepts values, the error disappeared. Wasn’t able to reproduce the error in a simple test application though.

    Edit : Another instance where I found this error was when I was using a custom SPEL expression in the authorize tag, and there was a NullPointerException in the method which handled the expression.

    Basically, it seems that the this error usually hides an underlying error in evaluating the expression used in the authorize (or any) tag

    • 0