[Esapi-user] [Wiki content sprint] Call for contributors!

Boberski, Michael [USA] boberski_michael at bah.com
Wed Apr 28 09:41:49 EDT 2010


The ESAPI for Java project needs your help to put some additional documentation into place. Writing things down helps minimize rote questions, promote the use/adoption of ESAPI, and attracts project contributors.

The project is specifically looking for help add content to the Google Code wiki here: http://code.google.com/p/owasp-esapi-java/wiki/esapi4java_v2

The basic outline is this:

# ESAPI for Java 2.x
    * Getting started
    * Preparing to use ESAPI
    * General concepts
    * Sample usage
    * Sample applications
    * Appendix - Additional versions
    * Appendix - Additional references

Assignments will be tracked like this, by annotating the table of contents:

    + Quick-and-dirty remediation use case (Assigned to Jeff, 0% complete)

We'll use this worked example to figure out what pages should look like in terms of depth/breadth/etc.: http://pkif.sourceforge.net/pkif-docs/docs/Help/Getting_Started.html , see how this isn't Shakespeare that we need:

# Linux Installation
    * PKIFv2 is installed by extracting PKIFv2 distribution package to an appropriate location.
    * Specify PKIF_HOME environment variable which points to PKIFv2 distribution directory.
    * Add the location of the bin directory from PKIFv2 distrubution package to LD_LIBRARY_PATH.

Using big long fancy words of the day or excessively chatty explanations will actually attract my attention in a negative way, the red pen comes out quick.

With the above in mind then, here is a first set of sections that are currently available to work on:

    * Preparing to use ESAPI
          o Installing ESAPI for Java
          o Using ESAPI for Java with Eclipse version ...
          o Using ESAPI for Java with ... (please coordinate with Jim to figure out what's supported)
    * Sample usage
          o OWASP ASVS Level 1A
                + ...
                + OWASP-0500 Input Validation
                      # OWASP-0501 Not applicable
                      # OWASP-0502 Code sample
                + ... (please see ASVS to figure out what samples are needed here: http://code.google.com/p/owasp-asvs/wiki/Verification)
    * Sample applications
          o Hello World
          o ESAPI Swingset

Assignments will be made on a first-come, first-serve basis; just email the list and I'll update the wiki TOC as described above. People are encouraged to team up to work on sections together. The first person to volunteer should be considered the lead, of course folks can work out between themselves whatever arrangement they wish. On this list I probably don't have to say it, but for completeness I will: please email the list with questions/comments/status updates as you go. I'd like to have a first cut at every section in 2-3 weeks (except for "Sample usage", just a few of those done), and begin detailed reviews (and fill out "Sample usage") the 2-3 weeks after that.

Thanks in advance,


Mike B.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-user/attachments/20100428/652133eb/attachment.html 

More information about the Esapi-user mailing list