OGNL performs security detection but is not supported by GAE. The solution is to create a listener and leave the security check processor empty.
OgnlRuntime. setSecurityManager (null );
Add web. xml
<listener><listener-class>com.llx.gps.listener.Struts2ListenerOnGAE</listener-class></listener>
package com.llx.gps.listener;import javax.servlet.ServletContextEvent;import javax.servlet.ServletContextListener;import javax.servlet.http.HttpSessionAttributeListener;import javax.servlet.http.HttpSessionBindingEvent;import javax.servlet.http.HttpSessionEvent;import javax.servlet.http.HttpSessionListener;import ognl.OgnlRuntime;public class Struts2ListenerOnGAE implements ServletContextListener, HttpSessionListener, HttpSessionAttributeListener {public void contextInitialized(ServletContextEvent sce) {OgnlRuntime.setSecurityManager(null);}@Overridepublic void contextDestroyed(ServletContextEvent arg0) {// TODO Auto-generated method stub}@Overridepublic void sessionCreated(HttpSessionEvent arg0) {// TODO Auto-generated method stub}@Overridepublic void sessionDestroyed(HttpSessionEvent arg0) {// TODO Auto-generated method stub}@Overridepublic void attributeAdded(HttpSessionBindingEvent arg0) {// TODO Auto-generated method stub}@Overridepublic void attributeRemoved(HttpSessionBindingEvent arg0) {// TODO Auto-generated method stub}@Overridepublic void attributeReplaced(HttpSessionBindingEvent arg0) {// TODO Auto-generated method stub}}