[Esapi-user] Problems with esapi

Jörg Liedl joerg.liedl at student.htw-berlin.de
Tue Mar 6 07:36:49 UTC 2012 

Okay, thanks to some guy on stack overflow the problem is solved....
my problem was that the log4j was twice in the classpath so there was 
some probleme with that...

so the correct pom.xml looks now like this:
<dependency>
<groupId>org.owasp.esapi</groupId>
<artifactId>esapi</artifactId>
<version>2.0.1</version>
<exclusions>
<exclusion>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</exclusion>
</exclusions>
</dependency>

and: the TestController.java was a bad example... not working because it 
needed some SwingSet Stuff....

but if i use in the Testcontroller something like:

     public String esapiTest(){
             String clean = ESAPI.encoder().canonicalize("someString");
             Randomizer r=ESAPI.randomizer();
             System.out.println("R: "+ r);
             System.out.println("CLEAN: "+clean);
             return "r was: "+ r + " and is in clean "+clean;
     }

It works perfekt!

I hope this will help somebody else too!

Jörg



Am 04.03.2012 18:47, schrieb Jörg Liedl:
> Hi,
> I have a small Blog project programmed, and i want to improve all 
> inputs and actions with the ESAPI.
>
> The project is JAVA EE6 on a JBoss-AS 7.1 using JSF
>
> I integrated esapi into my project with maven:
>
> <!-- ESAPI Version 2.0.1 -->
> <dependency>
> <groupId>org.owasp.esapi</groupId>
> <artifactId>esapi</artifactId>
> <version>2.0.1</version>
> </dependency>
>
> i also included the .esapi folder in the server start (thats where i 
> copied it)
>  -Dorg.owasp.esapi.resources=/home/joergi/.esapi/
>
> I looked at the ESAPI install guide ( 
> http://owasp-esapi-java.googlecode.com/svn/trunk/documentation/esapi4java-core-2.0-install-guide.pdf 
> ) and copied the example into my TestController.java..
> |@ManagedBean(name="testController")
> @RequestScoped
> public class TestController  {
>
>      public String esapiTest(){
>
>      System.out.println("ESAPI.accessController found: "
>                                 + ESAPI.accessController());
>
>      return "ESAPI.accessController found: " + ESAPI.accessController();
>      }
> }|
>
> test.xhtml looks like this:
> <?xml version="1.0" encoding="UTF-8"?>
> <ui:composition xmlns="http://www.w3.org/1999/xhtml"
> xmlns:ui="http://java.sun.com/jsf/facelets"
> xmlns:h="http://java.sun.com/jsf/html">
> <ui:define name="content">
> <h2>esapi test</h2>
> <h:outputText value="#{testController.esapiTest()}" />
> </ui:define>
> </ui:composition>
>
> and i got this error message: http://pastebin.com/6an0awMc
>
> so i'm not really sure, if the integration is workig as it should work.
>
> because when i start the original swingset project, i got something like:
> |Seeking ESAPI.properties
>    Not found in 'org.owasp.esapi.resources' directory or file not readable: /home/joergi/dev/projects/esapi_demo_1punkt0/ESAPI.properties
>    Found in 'user.home' directory: /home/joergi/.esapi/ESAPI.properties
> Loaded 'ESAPI.properties' properties file
> Seeking validation.properties
>    Not found in 'org.owasp.esapi.resources' directory or file not readable: /home/joergi/dev/projects/esapi_demo_1punkt0/validation.properties
>    Found in 'user.home' directory: /home/joergi/.esapi/validation.properties
> Loaded 'validation.properties' properties file
> Seeking ESAPI_logging_file
>    Not found in 'org.owasp.esapi.resources' directory or file not readable: /home/joergi/dev/projects/esapi_demo_1punkt0/ESAPI_logging_file
>    Found in 'user.home' directory: /home/joergi/.esapi/ESAPI_logging_file|
>
> But in my project i don't see the "seeking esapi.properties" lines 
> when the server starts...
>
> I briefly described my problem on stack overflow
>
> http://stackoverflow.com/questions/9543218/owasp-esapi-simpletest-in-a-maven-java-ee-project
>
> I don't know what i missed to integrate it...
>
> Thanks for your help
>
> Jörg
>
>
>
> _______________________________________________
> Esapi-user mailing list
> Esapi-user at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/esapi-user

-- 
Jörg Liedl

Mobile:  +49 (0) 176 77 640 540

Xing:    https://xing.com/profile/Joerg_Liedl
FB:      https://fb.com/joerg.liedl
Twitter: https://twitter.com/joerg_liedl

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-user/attachments/20120306/76ef03ae/attachment.html>

More information about the Esapi-user mailing list