-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Medium
-
Affects Version/s: 8.6.1, 8.5.5
-
Component/s: Other
-
19
-
Severity 3 - Minor
-
65
Issue Summary
This is reproducible on Data Center: Yes
Steps to Reproduce
- Install 8.6.1 Confluence
- Login to Confluence and perform any action
- atlassian-confluence.log file will be spammed with the below warning messages
Expected Results
Should not spam the log file.
Actual Results
The below exception is thrown in the xxxxxxx.log file:
2023-11-10 19:33:38,617 WARN [http-nio-8090-exec-3 url: /, /dashboard.action; user: admin] [opensymphony.xwork2.ognl.SecurityMemberAccess] isAccessible Access to non-public [protected com.atlassian.confluence.setup.settings.SettingsManager com.atlassian.confluence.core.ConfluenceActionSupport.settingsManager] is blocked! -- url: / | userName: admin | traceId: 3e847c830d995d49 2023-11-10 19:34:13,991 WARN [http-nio-8090-exec-5 url: /display/TEST/New+Page, /pages/viewpage.action; user: admin] [opensymphony.xwork2.ognl.SecurityMemberAccess] isAccessible Access to non-public [protected com.atlassian.confluence.setup.settings.SettingsManager com.atlassian.confluence.core.ConfluenceActionSupport.settingsManager] is blocked! -- url: /display/TEST/New+Page | userName: admin | referer: http://localhost:8090/ | traceId: e3549de2a1869951 2023-11-10 19:34:46,784 WARN [http-nio-8090-exec-7 url: /display/TEST/Test, /pages/viewpage.action; user: admin] [opensymphony.xwork2.ognl.SecurityMemberAccess] isAccessible Access to non-public [protected com.atlassian.confluence.setup.settings.SettingsManager com.atlassian.confluence.core.ConfluenceActionSupport.settingsManager] is blocked! -- page: 98361 | referer: http://localhost:8090/pages/resumedraft.action?draftId=98378&draftShareId=4158ee81-1555-4d7c-a704-13080fe205fd& | traceId: f92e3d5b387400ef | userName: admin | action: viewpage | url: /display/TEST/Test 2023-11-10 19:34:46,827 WARN [http-nio-8090-exec-7 url: /display/TEST/Test, /pages/viewpage.action; user: admin] [opensymphony.xwork2.ognl.SecurityMemberAccess] isAccessible Access to non-public [protected com.atlassian.confluence.setup.settings.SettingsManager com.atlassian.confluence.core.ConfluenceActionSupport.settingsManager] is blocked! -- url: /display/TEST/Test | userName: admin | referer: http://localhost:8090/pages/resumedraft.action?draftId=98378&draftShareId=4158ee81-1555-4d7c-a704-13080fe205fd& | traceId: f92e3d5b387400ef
Workaround
- Edit the <confluence-install-folder>/confluence/WEB-INF/classes/log4j.properties file
- Add these entries at the end of the file:
log4j.logger.com.opensymphony.xwork2.ognl.SecurityMemberAccess=ERROR
- Save the file and restart your Confluence instance.