[Owasp-appsensor-project] how to detect if a detection point is created and sone other questions

panos panosx13 at gmail.com
Fri Mar 8 23:21:29 UTC 2013


Hello,

I was wondering if there is a way to detect in my code if a detection 
point is created.

For example i have the code

if ( checkIntrution() )
{
     new AppSensorException("AE8", "Providing Only the Username ", 
"Provided Only the Username");
}

and I want in my code to check if the AE8 has been created is there any 
solution using only the Appsensor API?

alternatively I have thought I way with a boolean variable

for example

boolean isCreated=false;
if ( checkIntrution() )
{
     new AppSensorException("AE8", "Providing Only the Username ", 
"Provided Only the Username");
     isCreated=true;
}

....

if( isCreated )
{
....
}


Also I was wondering if there is a solution on detecting in which action 
is a Detection Point

for example lets say that in esapi.properties I have this:

IntrusionDetector.AE8.actions=log,logout,disable

is there a way to see in which action is a detection point in my source 
code ? for example I want to check if the action is in logout.


Also if a user in not authenticated as I have seen, Appsensor treats him 
like anonymous and the only action that can be applied in an anonymous 
is log.

is there a solution if I want to disable access to an anonymous?

Thanks in advance

Panos


More information about the Owasp-appsensor-project mailing list