本文介绍了Maven项目(Web)中OWASP ESAPI文件的位置的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试在我的Maven Web项目中使用OWASP ESAPI库。我面临的问题是控制器无法找到ESAPI属性文件。

I am trying to use OWASP ESAPI library in my Maven Web Project.The problem i am facing is that the controllers are not able to find the ESAPI properties file.

我尝试将它们放在资源文件夹中,但它不起作用。我似乎无法使其正常工作。

I tried putting them in the resources folder ,but it does not work.I can't seem to get it working.

有人可以帮助我找到正确的位置Maven项目中的ESAPI资源。

Can someone help me with the correct location of ESAPI resources in a Maven Project.

推荐答案

实现类的类Javadoc,[DefaultSecurityConfiguration](),描述了如何找到ESAPI.property类。它相当复杂,并且已经在ESAPI用户邮件列表上多次讨论过,因此您会感到困惑并不奇怪。 (如果有人花时间创建一个问题,这是我认为应该在ESAPI FAQ中的第一个问题。)

The class Javadoc for the implementation class, [DefaultSecurityConfiguration] (http://owasp-esapi-java.googlecode.com/svn/trunk_doc/latest/org/owasp/esapi/reference/DefaultSecurityConfiguration.html), describes how the ESAPI.property class is found. It is rather complicated and has been discussed several times on the ESAPI User mailing list so it is not surprising you are confused. (This is the first questions that I feel should be in an ESAPI FAQ if someone ever takes the time to create one.)

我们在Maven中发现了一些错误这样,如果ESAPI.properties文件的完整路径包含其中的任何空格(例如,C:\Documents and Settings \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ ,Maven似乎窒息而无法找到它。 (注意,如果这是你的路径,你可以告诉Maven查看C:\Docume~1 \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\工作。)

There also some bugs that we found in Maven such that if the full path to your ESAPI.properties file contains any spaces in it (e.g., "C:\Documents and Settings\kww\code\ESAPI\configuration\esapi\ESAPI.properties"), Maven seems to choke on it and is unable to find it. (Note, if this were your path, you could tell Maven to look under "C:\Docume~1\kww\code\ESAPI\configuration\esapi\ESAPI.properties" instead, and that seems to work.)

我通常建议人们将系统属性org.owasp.esapi.resources从java命令行设置为某个文件夹没有空格并在那里复制您的ESAPI.properties。 (这也在前面提到的Javadoc中讨论过。)

What I normally suggest to people is to set the system property "org.owasp.esapi.resources" from the java command line to some folder that has no spaces and copy your ESAPI.properties under there. (This is also discussed in the aforementioned Javadoc.)

最后,如果你感到困惑,请看一下src / examples / scripts下的一些Bash脚本,例如runclass.sh,并希望(如果你能阅读Bash),这应该告诉你这是如何工作的。

Lastly, should you get confused, take a look at some of the Bash scripts under "src/examples/scripts", such as "runclass.sh" and hopefully (if you can read Bash), that should show you how this works.

希望有所帮助。
-kevin

Hope that helps.-kevin

这篇关于Maven项目(Web)中OWASP ESAPI文件的位置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

10-15 22:04