[Esapi-user] IntrusionException and IntrusionDetector

• Previous message: [Esapi-user] Regars Strong Password Generating
• Next message: [Esapi-user] IntrusionException and IntrusionDetector
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,
 
I need some help on understanding Intrusion detection. The Validator interface throws IntrusionException. The JavaDoc says "input that is clearly an attack will generate a descriptive IntrusionException." My question is how the intrusion is detected? what 'clearly' means in here? Any sceneraio is appreciated.
 
Suppose, an intrusion is detected. I assume the ESAPI.IntrusionDetector (org.owasp.esapi.reference.DefaultIntrusionDetector, for example)defined in the config file will be notified. Can I assume the IntrusionDetector will be invoked automatically whenever IntrusionException is thrown? How it works?
 
Thank you.
 
Jim 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-user/attachments/20110623/241713cd/attachment.html 

• Previous message: [Esapi-user] Regars Strong Password Generating
• Next message: [Esapi-user] IntrusionException and IntrusionDetector
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]