Uses of Package
org.owasp.esapi
-
Packages that use org.owasp.esapi Package Description org.owasp.esapi The ESAPI interfaces andException
classes model the most important security functions to enterprise web applications.org.owasp.esapi.errors A set of exception classes designed to model the error conditions that frequently arise in enterprise web applications and web services.org.owasp.esapi.logging.appender org.owasp.esapi.logging.java org.owasp.esapi.logging.log4j org.owasp.esapi.logging.slf4j org.owasp.esapi.reference This package contains reference implementations of the ESAPI interfaces.org.owasp.esapi.reference.accesscontrol org.owasp.esapi.reference.accesscontrol.policyloader org.owasp.esapi.reference.crypto This package contains the reference implementation for some of the ESAPI cryptography-related classes used throughout ESAPI.org.owasp.esapi.reference.validation This package contains data format-specific validation rule functions.org.owasp.esapi.tags This package contains sample JSP tags that demonstrate how to use the ESAPI functions to protect an application from within a JSP page.org.owasp.esapi.waf.rules This package contains all of the Rule subclasses that correspond to policy file entries. -
Classes in org.owasp.esapi used by org.owasp.esapi Class Description AccessController The AccessController interface defines a set of methods that can be used in a wide variety of applications to enforce access control.Authenticator The Authenticator interface defines a set of methods for generating and handling account credentials and session identifiers.Encoder TheEncoder
interface contains a number of methods for decoding input and encoding output so that it will be safe for a variety of interpreters.Encryptor The Encryptor interface provides a set of methods for performing common encryption, random number, and hashing operations.ExecuteResult The ExecuteResult class encapsulates the pieces of data that can be returned from a process executed by the Executor interface.Executor The Executor interface is used to run an OS command with reduced security risk.HTTPUtilities The HTTPUtilities interface is a collection of methods that provide additional security related to HTTP requests, responses, sessions, cookies, headers, and logging.IntrusionDetector The IntrusionDetector interface is intended to track security relevant events and identify attack behavior.Logger The Logger interface defines a set of methods that can be used to log security events.Logger.EventType Defines the type of log event that is being generated.Randomizer The Randomizer interface defines a set of methods for creating cryptographically random numbers and strings.SecurityConfiguration TheSecurityConfiguration
interface stores all configuration information that directs the behavior of the ESAPI implementation.SecurityConfiguration.Threshold Models a simple threshold as a count and an interval, along with a set of actions to take if the threshold is exceeded.User The User interface represents an application user or user account.ValidationErrorList The ValidationErrorList class defines a well-formed collection of ValidationExceptions so that groups of validation functions can be called in a non-blocking fashion.ValidationRule Validator The Validator interface defines a set of methods for canonicalizing and validating untrusted input. -
Classes in org.owasp.esapi used by org.owasp.esapi.errors Class Description Logger The Logger interface defines a set of methods that can be used to log security events. -
Classes in org.owasp.esapi used by org.owasp.esapi.logging.appender Class Description Logger.EventType Defines the type of log event that is being generated. -
Classes in org.owasp.esapi used by org.owasp.esapi.logging.java Class Description LogFactory The LogFactory interface is intended to allow substitution of various logging packages, while providing a common interface to access them.Logger The Logger interface defines a set of methods that can be used to log security events.Logger.EventType Defines the type of log event that is being generated. -
Classes in org.owasp.esapi used by org.owasp.esapi.logging.log4j Class Description LogFactory The LogFactory interface is intended to allow substitution of various logging packages, while providing a common interface to access them.Logger The Logger interface defines a set of methods that can be used to log security events.Logger.EventType Defines the type of log event that is being generated. -
Classes in org.owasp.esapi used by org.owasp.esapi.logging.slf4j Class Description LogFactory The LogFactory interface is intended to allow substitution of various logging packages, while providing a common interface to access them.Logger The Logger interface defines a set of methods that can be used to log security events.Logger.EventType Defines the type of log event that is being generated. -
Classes in org.owasp.esapi used by org.owasp.esapi.reference Class Description AccessController The AccessController interface defines a set of methods that can be used in a wide variety of applications to enforce access control.AccessReferenceMap The AccessReferenceMap interface is used to map from a set of internal direct object references to a set of indirect references that are safe to disclose publicly.Authenticator The Authenticator interface defines a set of methods for generating and handling account credentials and session identifiers.Encoder TheEncoder
interface contains a number of methods for decoding input and encoding output so that it will be safe for a variety of interpreters.ExecuteResult The ExecuteResult class encapsulates the pieces of data that can be returned from a process executed by the Executor interface.Executor The Executor interface is used to run an OS command with reduced security risk.HTTPUtilities The HTTPUtilities interface is a collection of methods that provide additional security related to HTTP requests, responses, sessions, cookies, headers, and logging.IntrusionDetector The IntrusionDetector interface is intended to track security relevant events and identify attack behavior.Logger The Logger interface defines a set of methods that can be used to log security events.Randomizer The Randomizer interface defines a set of methods for creating cryptographically random numbers and strings.SecurityConfiguration TheSecurityConfiguration
interface stores all configuration information that directs the behavior of the ESAPI implementation.SecurityConfiguration.Threshold Models a simple threshold as a count and an interval, along with a set of actions to take if the threshold is exceeded.User The User interface represents an application user or user account.ValidationErrorList The ValidationErrorList class defines a well-formed collection of ValidationExceptions so that groups of validation functions can be called in a non-blocking fashion.ValidationRule Validator The Validator interface defines a set of methods for canonicalizing and validating untrusted input. -
Classes in org.owasp.esapi used by org.owasp.esapi.reference.accesscontrol Class Description AccessController The AccessController interface defines a set of methods that can be used in a wide variety of applications to enforce access control.AccessControlRule Logger The Logger interface defines a set of methods that can be used to log security events. -
Classes in org.owasp.esapi used by org.owasp.esapi.reference.accesscontrol.policyloader Class Description AccessControlRule Logger The Logger interface defines a set of methods that can be used to log security events. -
Classes in org.owasp.esapi used by org.owasp.esapi.reference.crypto Class Description EncryptedProperties TheEncryptedProperties
interface represents a properties file where all the data is encrypted before it is added, and decrypted when it retrieved.Encryptor The Encryptor interface provides a set of methods for performing common encryption, random number, and hashing operations. -
Classes in org.owasp.esapi used by org.owasp.esapi.reference.validation Class Description Encoder TheEncoder
interface contains a number of methods for decoding input and encoding output so that it will be safe for a variety of interpreters.ValidationErrorList The ValidationErrorList class defines a well-formed collection of ValidationExceptions so that groups of validation functions can be called in a non-blocking fashion.ValidationRule -
Classes in org.owasp.esapi used by org.owasp.esapi.tags Class Description Encoder TheEncoder
interface contains a number of methods for decoding input and encoding output so that it will be safe for a variety of interpreters. -
Classes in org.owasp.esapi used by org.owasp.esapi.waf.rules Class Description Logger The Logger interface defines a set of methods that can be used to log security events.