[Esapi-user] ESAPI - Logging

Jim Manico jim.manico at owasp.org
Mon May 10 13:21:03 EDT 2010


Willie,

The big benefit of ESAPI logging is:

1) Built in log injection prevention
2) Security-centric log messages (which is lacking from all other 
logging frameworks)
3) Logging integration with the various ESAPI components

Before we go any further - what version of ESAPI Are you using?

Thank you for considering ESAPI! :)

-- 
Jim Manico
OWASP Podcast Host/Producer
OWASP ESAPI Project Manager
http://www.manico.net



> Hi Guys
>
> I have recently started with an integration of ESAPI into our current 
> application,
> we currently use commons logging as a logging framework with log4j 
> plugged in..
>
> what would you suggest we use for logging, ESAPI or Commons Logging?
>  this is hard because we have a very big system with
>
>  private static final Log LOG = LogFactory.getLog(A.class);
>
> statements everywhere, would you suggest that I change it to 
> ESAPI.getLogger(A.class) ?
>
>
> Thank you very much
> -- 
> Sincerely
> Willie Scholtz
>
>
> _______________________________________________
> Esapi-user mailing list
> Esapi-user at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/esapi-user
>    


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-user/attachments/20100510/a8c64443/attachment.html 


More information about the Esapi-user mailing list