Apache Struts 2 is an

open-source Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use and view the source code, design documents, or content of the product. The open source model is a decentrali ...

web application framework A web framework (WF) or web application framework (WAF) is a software framework that is designed to support the development of web applications including web services, web resources, and web APIs. Web frameworks provide a standard way to build and ...

for developing

Java EE Jakarta EE, formerly Java Platform, Enterprise Edition (Java EE) and Java 2 Platform, Enterprise Edition (J2EE), is a set of specifications, extending Java SE with specifications for enterprise features such as distributed computing and web serv ...

web application A web application (or web app) is application software that is created with web technologies and runs via a web browser. Web applications emerged during the late 1990s and allowed for the server to dynamically build a response to the request, ...

s. It uses and extends the

Java Servlet A Jakarta Servlet, formerly Java Servlet is a Java (programming language), Java software component that extends the capabilities of a server (computing), server. Although servlets can respond to many types of requests, they most commonly impl ...

API An application programming interface (API) is a connection between computers or between computer programs. It is a type of software interface, offering a service to other pieces of software. A document or standard that describes how to build ...

to encourage developers to adopt a

model–view–controller Model–view–controller (MVC) is a software architectural pattern commonly used for developing user interfaces that divides the related program logic into three interconnected elements. These elements are: * the model, the internal representat ...

(MVC) architecture. The WebWork framework spun off from

Apache Struts 1 Apache Struts 1 is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model–view–controller (MVC) architecture. It was originally crea ...

aiming to offer enhancements and refinements while retaining the same general architecture of the original Struts framework. In December 2005, it was announced that WebWork 2.2 was adopted as Apache Struts 2, which reached its first full release in February 2007. Struts 2 has a history of critical security bugs, many tied to its use of OGNL technology; some vulnerabilities can lead to

arbitrary code execution In computer security, arbitrary code execution (ACE) is an attacker's ability to run any commands or code of the attacker's choice on a target machine or in a target process. An arbitrary code execution vulnerability is a security flaw in softwa ...

. In October 2017, it was reported that failure by

Equifax Equifax Inc. is an American multinational consumer credit reporting agency headquartered in Atlanta, Atlanta, Georgia and is one of the three largest consumer credit reporting agency, consumer credit reporting agencies, along with Experian and T ...

to address a Struts 2 vulnerability advised in March 2017 was later exploited in the

data breach A data breach, also known as data leakage, is "the unauthorized exposure, disclosure, or loss of personal information". Attackers have a variety of motives, from financial gain to political activism, political repression, and espionage. There ...

that was disclosed by Equifax in September 2017.

Features

* Simple POJO-based actions * Simplified testability * Thread safe *

AJAX Ajax may refer to: Greek mythology and tragedy * Ajax the Great, a Greek mythological hero, son of King Telamon and Periboea * Ajax the Lesser, a Greek mythological hero, son of Oileus, the king of Locris * Ajax (play), ''Ajax'' (play), by the an ...

support ** jQuery plugin **

Dojo Toolkit Dojo Toolkit (stylized as dōjō toolkit) is an open-source modular JavaScript library (or more specifically JavaScript toolkit) designed to ease the rapid development of cross-platform, JavaScript/ Ajax-based applications and web sites. It was ...

plugin (deprecated) ** Ajax client-side validation * Template support * Support for different result types * Easy to extend with plugins **

REST REST (Representational State Transfer) is a software architectural style that was created to describe the design and guide the development of the architecture for the World Wide Web. REST defines a set of constraints for how the architecture of ...

plugin (REST-based actions, extension-less URLs) ** Convention plugin (action configuration via Conventions and Annotations) ** Spring plugin (

dependency injection In software engineering, dependency injection is a programming technique in which an object or function receives other objects or functions that it requires, as opposed to creating them internally. Dependency injection aims to separate the con ...

) **

Hibernate Hibernation is a state of minimal activity and metabolic reduction entered by some animal species. Hibernation is a seasonal heterothermy characterized by low body-temperature, slow breathing and heart-rate, and low metabolic rate. It is most ...

plugin ** Support in design ** JFreechart plugin (charts) ** jQuery plugin (Ajax support, UI widgets, dynamic table, charts) ** Rome plugin

Citations

References

External links

* {{Java (Sun) Struts 2 Cross-platform free software Free software programmed in Java (programming language) Java enterprise platform Web frameworks Software using the Apache license 2006 software

Features

See also

Citations

References

External links