[Esapi-dev] Accesing esapi.properties in restricted environment
Calderon, Juan Carlos (GE, Corporate, consultant)
juan.calderon at ge.com
Thu Sep 2 13:37:18 EDT 2010
I know the discovery process (I am familiar with the
SecurityConfiguration class). But I cannot find a way to indicate ESAPI
that configuration files will be in let's say /.esapi/ESAPI.properties
without modifying the code. Just want to confirm I am not missing
Could you let me know how to indicate ESAPI to load a file in the
Juan C Calderon
From: Jim Manico [mailto:jim.manico at owasp.org]
Sent: Jueves, 02 de Septiembre de 2010 12:30 p.m.
To: Calderon, Juan Carlos (GE, Corporate, consultant)
Cc: ESAPI-Developers; <esapi-user at lists.owasp.org>
Subject: Re: Accesing esapi.properties in restricted environment
It should work fine - we have pretty extensive auto-discovery code in
our property file loading mechanism. If it doesn't work, please send me
your log output.
jim at manico.net
On Sep 2, 2010, at 6:55 AM, "Calderon, Juan Carlos (GE, Corporate,
consultant)" <juan.calderon at ge.com> wrote:
> Hello List/Jim
> We are implementing ESAPI in an application hosted in a very
> restricted environment, thus we have to put the ESAPI.properties file
> in a webspace folder since all classpath paths are not accessible (not
> even those in
> WEB-INF) and since this is a server we are not managing, then we
> cannot place files outside of webspace.
> Is there any way to do this?
> Juan C Calderon
More information about the Esapi-dev