[Esapi-user] ESAPI 2.0 for Java & Risk Assessment

Springett Steven sspringett at us.axway.com
Mon Aug 16 18:35:09 EDT 2010

I've recently 'discovered' ESAPI for Java and am evaluating 2.0.  I'm trying to determine the risk involved in including 2.0rc6 in production code. Currently I'm utilizing the Randomizer and SecurityWrapper classes. Possibly more in the future.

I haven't been able to find a roadmap or a list of known issues, so I haven't been able to collect enough information to make a decision yet. So, if any user of the Java 2.0 API can provide feedback on their experience with the API or even some classes/packages to stay away from for the time being, it would very helpful. 

On a related note, is there a target date for 2.0?

The apps I'm working on target Java 1.6.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-user/attachments/20100816/0005ed35/attachment.html 

More information about the Esapi-user mailing list