[OWASP-ESAPI] Using Other Authenticators

Jim Manico jim.manico at owasp.org
Wed Mar 11 14:50:21 EDT 2009

Ah, the idea came from those much smarter than I (Dave and Jeff) - I'm just 
the code monkey. =)

But I do agree, it's a great idea that is long in coming. It will be out in 
the next ESAPI production release.

- Jim

----- Original Message ----- 
From: "John Melton" <jtmelton at gmail.com>
To: "Jim Manico" <jim.manico at owasp.org>
Cc: <owasp-esapi at lists.owasp.org>
Sent: Wednesday, March 11, 2009 8:44 AM
Subject: Re: [OWASP-ESAPI] Using Other Authenticators

Great idea Jim - would be very useful.

On Wed, Mar 11, 2009 at 2:37 PM, Jim Manico <jim.manico at owasp.org> wrote:
> On the topic of using your own Authentication mechanism inside of ESAPI; 
> I'm
> currently working on a few changes in ESAPI that will allow you to specify
> your own implementation at configuration time.
> For example, I've recently checked a new logger into ESAPI -
> Log4JLogFactory. We already have JavaLogFactory.I built a mechanism so
> that either can be specificed at config time in ESAPI.properties like so:
> Implementation.Logger=org.owasp.esapi.reference.JavaLogFactory
> or
> Implementation'Logger=org.owasp.esapi.reference.JavaLogFactory
> I'm going to explode the same concept out Authenticator, Validator and all
> the other top-level classes of ESAPI.
> Cool?
> - Jim
> _______________________________________________
> OWASP-ESAPI mailing list
> OWASP-ESAPI at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-esapi

More information about the OWASP-ESAPI mailing list