Wikipedia

Apache Struts 2

Also found in: Encyclopedia.
(redirected from Apache Struts)
For the predecessor of Apache Struts 2, see Apache Struts 1.
Apache Struts 2
Apache Struts Logo
Developer(s)Apache Software Foundation
Initial releaseOctober 10, 2006
Stable release
2.5.26 / December 6, 2020 (2020-12-06)[1]
RepositoryStruts Repository
Written inJava
Operating systemCross-platform
PlatformCross-platform (JVM)
TypeWeb framework
LicenseApache License 2.0
Websitestruts.apache.org

Apache Struts 2 is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model–view–controller (MVC) architecture. The WebWork framework spun off from Apache Struts 1 aiming to offer enhancements and refinements while retaining the same general architecture of the original Struts framework. In December 2005, it was announced that WebWork 2.2 was adopted as Apache Struts 2, which reached its first full release in February 2007.[2]

Struts 2 has a history of critical security bugs,[3] many tied to its use of OGNL technology;[4] some vulnerabilities can lead to arbitrary code execution. In October 2017, it was reported that failure by Equifax to address a Struts 2 vulnerability advised in March 2017 was later exploited in the data breach that was disclosed by Equifax in September 2017.[5][6]

Features

  • Simple POJO-based actions
  • Simplified testability
  • Thread safe
  • AJAX support
  • Template support
  • Support for different result types
  • Easy to extend with plugins
    • REST plugin (REST-based actions, extension-less URLs)
    • Convention plugin (action configuration via Conventions and Annotations)
    • Spring plugin (dependency injection)
    • Hibernate plugin
    • Support in design
    • JFreechart plugin (charts)
    • jQuery plugin (Ajax support, UI widgets, dynamic table, charts)
    • Rome plugin

See also

  • List of application servers
  • Comparison of web frameworks

References

  1. ^ "06 December 2020 - Struts 2.5.26 General Availability". Retrieved 6 December 2020.
  2. ^ About Apache Struts 2 Archived January 14, 2014, at the Wayback Machine
  3. ^ "Apache Struts : List of security vulnerabilities". cvedetails.com. Retrieved October 2, 2017.
  4. ^ Munoz, Alvaro (January 14, 2014). "Struts 2: OGNL Expression Injections". HPE.com. Retrieved October 2, 2017.
  5. ^ Chirgwin, Richard (October 2, 2017). "Equifax couldn't find or patch vulnerable Struts implementations". The Register. Retrieved October 2, 2017.
  6. ^ Goodin, Dan (October 2, 2017). "A series of delays and major errors led to massive Equifax breach". Ars Technica. Retrieved October 2, 2017.

External links

This article is copied from an article on Wikipedia® - the free encyclopedia created and edited by its online user community. The text was not checked or edited by anyone on our staff. Although the vast majority of Wikipedia® encyclopedia articles provide accurate and timely information, please do not assume the accuracy of any particular article. This article is distributed under the terms of GNU Free Documentation License.

Copyright © 2003-2025 Farlex, Inc Disclaimer
All content on this website, including dictionary, thesaurus, literature, geography, and other reference data is for informational purposes only. This information should not be considered complete, up to date, and is not intended to be used in place of a visit, consultation, or advice of a legal, medical, or any other professional.