[Esapi-user] Has anyone written a GUI to manage ESAPI configuration file settings?

Mike Boberski mike.boberski at gmail.com
Wed Jan 27 20:20:34 EST 2010


Exactly, yes, that's what I meant, like that. E.g. dragging an email square
onto a validator circle, double clicking on the email square to tailor the
default email regex, and then click submit and the ESAPI config file is
saved and then available for export.

I don't know the particulars of others' experiences bringing ESAPI to
development teams other than what I can glean from the lists, but I am
finding that it's exactly analogous to bringing PKI toolkits (both COTS and
customized) to development teams which I did for many years, for which there
are many lessons learned which can be applied here, like putting a GUI on
configuration editors, like taking the "extended factory" approach to wrap
the heck out of things for specific customers, developing compliance tests
etc., and (you guessed it) documentation, documentation, documentation.

</dream>, well-put.

Mike


On Wed, Jan 27, 2010 at 8:09 PM, Jeff Williams <
jeff.williams at aspectsecurity.com> wrote:

> I like this idea and think it would go a long way towards making ESAPI
> easy to understand and use. Actually, it should really be an enterprise
> security policy editor that saves to a format that ESAPI can read. I'm
> thinking of wizards that present options so that people with authority
> can make informed decisions about appsec. </dream>
>
> --Jeff
>
>
> -----Original Message-----
> From: esapi-user-bounces at lists.owasp.org
> [mailto:esapi-user-bounces at lists.owasp.org] On Behalf Of Boberski,
> Michael [USA]
> Sent: Monday, January 25, 2010 3:52 PM
> To: Kevin W. Wall
> Cc: ESAPI-Users
> Subject: Re: [Esapi-user] Has anyone written a GUI to manage ESAPI
> configuration file settings?
>
> Something more content aware, right.
>
> Mike B.
>
> -----Original Message-----
> From: Kevin W. Wall [mailto:kevin.w.wall at gmail.com]
> Sent: Monday, January 25, 2010 3:50 PM
> To: Boberski, Michael [USA]
> Cc: ESAPI-Users
> Subject: Re: [Esapi-user] Has anyone written a GUI to manage ESAPI
> configuration file settings?
>
> Boberski, Michael [USA] wrote:
> > Hi,
> >
> > Has anyone (1)written a GUI-based utility (either a heavy client or
> web-based) to manage ESAPI configuration files that (2)they might be
> interested in sharing?
>
> Isn't there perhaps an Eclipse plugin for managing Java properties
> files?
>
> I know there are Eclipse plugins for managing XML. (E.g., the POM XML
> editor.) Is that what you are thinking of or were you thinking that is
> more context aware?
>
> -kevin
> --
> Kevin W. Wall
> "The most likely way for the world to be destroyed, most experts agree,
> is by accident. That's where we come in; we're computer professionals.
> We cause accidents."        -- Nathaniel Borenstein, co-creator of MIME
> _______________________________________________
> Esapi-user mailing list
> Esapi-user at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/esapi-user
> _______________________________________________
> Esapi-user mailing list
> Esapi-user at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/esapi-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-user/attachments/20100127/fdb56bc8/attachment.html 


More information about the Esapi-user mailing list