-
Notifications
You must be signed in to change notification settings - Fork 368
Installing ESAPI for JAVA
Kevin W. Wall edited this page Jul 10, 2022
·
4 revisions
ESAPI for Java installation is the same on Windows and Linux platforms.
ESAPI for Java is installed by extracting the ESAPI distribution package to an appropriate location.
The following is the distribution structure for the ESAPI for Java 2.x release distributions:
esapi-java-legacy
|-- <various text and xml configuration files>
|-- configuration
| |-- esapi
| | |-- ESAPI-AccessControlPolicy.xml
| | |-- ESAPI.properties
| | |-- antisamy-esapi.xml
| | |-- users.txt
| | |-- validation.properties
| | |-- waf-policies
| | | |-- add-header-policy.xml
| | | |-- add-httponly-policy.xml
| | | |-- add-secure-policy.xml
| | | |-- authentication-policy.xml
| | | |-- bean-shell-policy.xml
| | | |-- bean-shell-rule.bsh
| | | |-- detect-outbound-policy.xml
| | | |-- dynamic-insertion-policy.xml
| | | |-- enforce-https-policy.xml
| | | |-- must-match-policy.xml
| | | |-- replace-outbound-policy.xml
| | | |-- restrict-content-type-policy.xml
| | | |-- restrict-extension-policy.xml
| | | |-- restrict-method-policy.xml
| | | |-- restrict-source-ip-policy.xml
| | | |-- restrict-user-agent-policy.xml
| | | `-- virtual-patch-policy.xml
| | `-- waf-policy.xsd
| `-- properties
| |-- ESAPI_en_US.properties
| |-- ESAPI_fr_FR.properties
| `-- ESAPI_zhs_CN.properties
|-- documentation
| |-- <two dozen plus files related to ESAPI documentation>
|-- resources
| |-- owasp-esapi-dev.jks
| `-- settings.xml
|-- src
| |-- examples
| | |-- README
| | |-- java
| | | |-- DisplayEncryptedProperties.java
| | | |-- ESAPILogging.java
| | | `-- PersistedEncryptedData.java
| | `-- scripts
| | |-- compile.sh
| | |-- encryptProperties.sh
| | |-- encrypted.properties
| | |-- findjar.sh
| | |-- persistEncryptedData.sh
| | |-- runClass.sh
| | |-- setMasterKey.sh
| | |-- setenv-svn.sh
| | `-- setenv-zip.sh
| |-- main
| | |-- assembly
| | | `-- dist.xml
| | |-- java
| | | |-- META-INF
| | | | `-- MANIFEST.MF
| | | `-- org
| | | `-- owasp
| | | `-- esapi
| | | |-- <2 dozen *.java files, mostly interfaces>
| | | |-- codecs
| | | | |-- <various Java classes for codecs>
| | | |-- configuration
| | | | |-- <classes for ESAPI configuration>
| | | | `-- consts
| | | | |-- <constants used for ESAPI configuration>
| | | |-- crypto
| | | | |-- <utility classes implementing ESAPI crypto>
| | | |-- errors
| | | | |-- <various ESAPI exception classes>
| | | |-- filters
| | | | |-- <various ESAPI JavaEE servlet filters>
| | | |-- logging
| | | | |-- <classes and sub-directories related to logging>
| | | |-- reference
| | | | |-- <ESAPI reference implemenation of interfaces>
| | | |-- tags
| | | | |-- <classes implementing ESAPI encoder tag lib>
| | | |-- util
| | | | |-- <General miscellaneous utility classes>
| | | `-- waf
| | | |-- <classes related to ESAPI WAF>
| | `-- resources
| | |-- ESAPI-properties.xsd
| | `-- META-INF
| | `-- esapi.tld
| |-- test
| | |-- java
| | |-- <All the JUNit tests for ESAPI>
| | `-- resources
| | |-- <various resource files used by JUnit tests>
| `-- util
| |-- README.txt
| `-- esapi-release.sh
`-- target
|-- <stuff generated by various maven goals>
The ESAPI-2.0 directory contains the JAR file. The configuration directory contains the ESAPI configuration and localization files. The 'configuration' directory contains the ESAPI configuration files. The properties directory contains the ESAPI localization files. The documentation directory contains the documentation. The libs directory contains libraries that ESAPI relies upon to work. The project directory contains sample code.