These are the notes for the Struts 2.0.9 distribution.

Struts 2.0.9 corrects a serious security flaw in one of our dependencies. All users are encouraged to update to Struts 2.0.9 or to utilize the XWork 2.0.4 JAR with a prior release of Struts 2.

For prior notes in this release series, see Release Notes 2.0.8

• If you are a Maven user, you might want to get started using the Maven Archetype.
• Another quick-start entry point is the blank application. Rename and deploy the WAR as a starting point for your own development.

<dependency>
  <groupId>org.apache.struts</groupId>
    <artifactId>struts2-core</artifactId>
      <version>2.0.9</version>
</dependency>

<repositories>
  <repository>
    <id>apache.snapshots</id>
    <name>ASF Maven 2 Snapshot</name>
    <url>http://people.apache.org/repo/m2-snapshot-repository</url>
  </repository>
</repositories>

Significant Fixes

• This release utilizes XWork 2.0.4 which prevents OGNL evaluations of user input.
• For other changes, see the JIRA release notes.

Experimental Features and Plugins

Please help us test these brave new features. Feedback appreciated!

• Java 1.4 support: We are backporting the core Struts and XWork JARs, and, as a courtesy, bundling them with the distribution. However, Struts 2 is being coded for Java 5 and backward compatibility is not assured.
• Cookie Interceptor: Inject cookie with a certain configurable name / value into action (since 2.0.7) (WW-1678).
• Portlets: Automatic portlet support allows portal and servlet deployments with no code changes (WW-1645@S2jira).
• AJAX Theme: AJAX tags look and feel just like standard Struts tags but provide greater interactivity and flexibility. The AJAX theme is backed by the popular Dojo Toolkit (WW-1609).
• Zero Configuration: Optionally, eliminate or reduce XML configuration with convention and annotation (WW-1491).
• REST-ful URLs: Use search-engine friendly URLs, like category/action/movie/Thrillers (WW-1475).
• Experimental Plugins
  • Codebehind Plugin: Reduce mundane configuration by using "page controller" conventions (WW-1515).
  • Plexus Plugin - A new plugin that enables Struts Actions, Interceptors, and Results to be created and injected by Plexus.
  • Scope Plugin - Initial version of scope plugin that mimics JBoss Seam-style of scoped bijection (presently in the Sandbox).
  • Struts1 Plugin - A new plugin that allows you to use existing Struts 1 Actions and ActionForms in Struts 2 applications..
  • Tiles Plugin - A new plugin allows your Struts actions to return Tiles pages. The Tiles plugin is dependant on Tiles 2, which is still in beta.

Issue Detail

• JIRA Release Notes 2.0.9
• JIRA Release Notes 2.0.8
• JIRA Release Notes 2.0.7
• JIRA Release Notes 2.0.6
• JIRA Release Notes 2.0.5
• JIRA Release Notes 2.0.4
• JIRA Release Notes 2.0.3
• JIRA Release Notes 2.0.2
• JIRA Release Notes 2.0.1
• JIRA Release Notes 2.0.0

Issue List

• Struts 2.0.9 DONE
• Struts 2.0.9 TODO

Other resources

• Commit Logs (Struts 1 and Struts 2)
• Source Code Repository (includes change browsing)

Release Plan

• Struts 2.0.9 is a milestone version in the 2.0.x series. Struts 2.0.8 is the prior GA release.
• The Release Managers are James Holmes and Ted Husted.
• The tag date for the release is 23 July 2007.