Maven Java EE项目中的OWASP ESAPI simpleTest [英] OWASP ESAPI simpleTest in a Maven Java EE project
本文介绍了Maven Java EE项目中的OWASP ESAPI simpleTest的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有一个小小的JavaEE项目,我必须使用OWASP ESAPI保护它
i have a litte JavaEE project, and i have to secure it with the OWASP ESAPI
我在Maven中集成了这样的ESAPI:
i integrated the ESAPI like this in Maven:
<!-- ESAPI Version 2.0.1 -->
<dependency>
<groupId>org.owasp.esapi</groupId>
<artifactId>esapi</artifactId>
<version>2.0.1</version>
</dependency>
所以在此之后我可以使用ESAPI课程进行编程。
So after this i can use the ESAPI classes for programming.
我还在服务器启动中包含 .esapi 文件夹:
i also included the .esapi folder in the server start:
-Dorg.owasp.esapi.resources=/home/joergi/.esapi/
我还将 ESAPI.properties 和 validation.properties 复制到
src/main/resources
(I我不确定它是否有效,但启动服务器时没有错误。
(I'm not sure if it works, but i get no error while starting the server)
我看了 ESAPI安装指南(pdf)(记录真的很糟糕)并复制了示例
I looked at the ESAPI install guide (pdf) (really bad documented) and copied the example
要测试ESAPI是否已成功集成和配置,
创建一个名为EsapiIntegrationTest.java的文件并粘贴:
"To test if ESAPI has been successfully integrated and configured, create a file called EsapiIntegrationTest.java and paste in:"
import org.owasp.esapi.ESAPI;
public class EsapiTest {
public static void main(String[] args){
System.out.println("ESAPI.accessController found: "
+ ESAPI.accessController());
}
}
如果可以运行此文件并查看println输出,然后ESAPI已成功安装和配置
!您现在可以开始使用
ESAPI功能来保护您的Web应用程序!
"If you can run this file and see the println output, then ESAPI has been successfully installed and configured! You can now begin using ESAPI functionality to secure your web applications!"
我为我的例子翻译了它:
I "translated" it for my example:
@ManagedBean(name="testController")
@RequestScoped
public class TestController {
public String esapiTest(){
System.out.println("ESAPI.accessController found: "
+ ESAPI.accessController());
return "ESAPI.accessController found: " + ESAPI.accessController();
}
}
我有一个文件 test.xhtml :
<?xml version="1.0" encoding="UTF-8"?>
<ui:composition xmlns="http://www.w3.org/1999/xhtml"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
template="/WEB-INF/templates/default.xhtml">
<ui:define name="content">
<h2>esapi test</h2>
<h:outputText value="#{testController.esapiTest()}" />
</ui:define>
</ui:composition>
输入 test.xhtml 我得到这个真的很长的错误(对于很少见的人,你也可以在 pastebin 中看到它)
when entering the test.xhtml i get this really long error (for a nicer few you can see it also in pastebin)
03:32:00,521 Schwerwiegend [javax.enterprise.resource.webcontainer.jsf.application] (http--127.0.0.1-8080-2) Error Rendering View[/pages/test/test.xhtml]: javax.el.ELException: /pages/test/test.xhtml @10,58 value="#{testController.esapiTest()}": org.owasp.esapi.errors.ConfigurationException: java.lang.reflect.InvocationTargetException AccessController class (org.owasp.esapi.reference.DefaultAccessController) CTOR threw exception.
at com.sun.faces.facelets.el.TagValueExpression.getValue(TagValueExpression.java:114) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:194) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:182) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at javax.faces.component.UIOutput.getValue(UIOutput.java:169) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at com.sun.faces.renderkit.html_basic.HtmlBasicInputRenderer.getValue(HtmlBasicInputRenderer.java:205) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.getCurrentValue(HtmlBasicRenderer.java:355) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.encodeEnd(HtmlBasicRenderer.java:164) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:875) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1764) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1760) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1760) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at com.sun.faces.application.view.FaceletViewHandlingStrategy.renderView(FaceletViewHandlingStrategy.java:402) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at com.sun.faces.application.view.MultiViewHandler.renderView(MultiViewHandler.java:131) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:288) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:121) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:139) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:594) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.10.Final.jar:]
at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.core.StandardContextValve.__invoke(StandardContextValve.java:161) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java) [jbossweb-7.0.10.Final.jar:]
at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.1.0.Final.jar:7.1.0.Final]
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:154) [jboss-as-web-7.1.0.Final.jar:7.1.0.Final]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.10.Final.jar:]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.10.Final.jar:]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.10.Final.jar:]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.10.Final.jar:]
at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_03]
Caused by: org.owasp.esapi.errors.ConfigurationException: java.lang.reflect.InvocationTargetException AccessController class (org.owasp.esapi.reference.DefaultAccessController) CTOR threw exception.
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:129) [esapi-2.0.1.jar:2.0.1]
at org.owasp.esapi.ESAPI.accessController(ESAPI.java:85) [esapi-2.0.1.jar:2.0.1]
at de.liedl.bachelor.controller.TestController.esapiTest(TestController.java:45) [classe:]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_03]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_03]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_03]
at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_03]
at javax.el.BeanELResolver.invokeMethod(BeanELResolver.java:735) [jboss-el-api_2.2_spec-1.0.0.Final.jar:1.0.0.Final]
at javax.el.BeanELResolver.invoke(BeanELResolver.java:467) [jboss-el-api_2.2_spec-1.0.0.Final.jar:1.0.0.Final]
at javax.el.CompositeELResolver.invoke(CompositeELResolver.java:246) [jboss-el-api_2.2_spec-1.0.0.Final.jar:1.0.0.Final]
at org.apache.el.parser.AstValue.getValue(AstValue.java:159) [jbossweb-7.0.10.Final.jar:]
at org.apache.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:189) [jbossweb-7.0.10.Final.jar:]
at org.jboss.weld.el.WeldValueExpression.getValue(WeldValueExpression.java:50) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31]
at com.sun.faces.facelets.el.TagValueExpression.getValue(TagValueExpression.java:109) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
... 35 more
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_03]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_03]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_03]
at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_03]
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:86) [esapi-2.0.1.jar:2.0.1]
... 48 more
Caused by: org.owasp.esapi.errors.ConfigurationException: java.lang.ClassNotFoundException: org.owasp.esapi.reference.Log4JLogFactory2 from [Module "deployment.bachelor_demo.war:main" from Service Module Loader] LogFactory class (org.owasp.esapi.reference.Log4JLogFactory2) must be in class path.
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:108) [esapi-2.0.1.jar:2.0.1]
at org.owasp.esapi.ESAPI.logFactory(ESAPI.java:137) [esapi-2.0.1.jar:2.0.1]
at org.owasp.esapi.ESAPI.getLogger(ESAPI.java:154) [esapi-2.0.1.jar:2.0.1]
at org.owasp.esapi.reference.DefaultAccessController.<init>(DefaultAccessController.java:29) [esapi-2.0.1.jar:2.0.1]
at org.owasp.esapi.reference.DefaultAccessController.getInstance(DefaultAccessController.java:22) [esapi-2.0.1.jar:2.0.1]
... 53 more
Caused by: java.lang.ClassNotFoundException: org.owasp.esapi.reference.Log4JLogFactory2 from [Module "deployment.bachelor_demo.war:main" from Service Module Loader]
at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:190)
at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:468)
at org.jboss.modules.ConcurrentClassLoader.performLoadClassChecked(ConcurrentClassLoader.java:456)
at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:398)
at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:120)
at java.lang.Class.forName0(Native Method) [rt.jar:1.7.0_03]
at java.lang.Class.forName(Class.java:186) [rt.jar:1.7.0_03]
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:74) [esapi-2.0.1.jar:2.0.1]
... 57 more
03:32:00,574 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/bachelor_demo].[FacesServlet]] (http--127.0.0.1-8080-2) Servlet.service() for servlet FacesServlet threw exception: java.lang.ClassNotFoundException: org.owasp.esapi.reference.Log4JLogFactory2 from [Module "deployment.bachelor_demo.war:main" from Service Module Loader]
at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:190)
at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:468)
at org.jboss.modules.ConcurrentClassLoader.performLoadClassChecked(ConcurrentClassLoader.java:456)
at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:398)
at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:120)
at java.lang.Class.forName0(Native Method) [rt.jar:1.7.0_03]
at java.lang.Class.forName(Class.java:186) [rt.jar:1.7.0_03]
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:74) [esapi-2.0.1.jar:2.0.1]
at org.owasp.esapi.ESAPI.logFactory(ESAPI.java:137) [esapi-2.0.1.jar:2.0.1]
at org.owasp.esapi.ESAPI.getLogger(ESAPI.java:154) [esapi-2.0.1.jar:2.0.1]
at org.owasp.esapi.reference.DefaultAccessController.<init>(DefaultAccessController.java:29) [esapi-2.0.1.jar:2.0.1]
at org.owasp.esapi.reference.DefaultAccessController.getInstance(DefaultAccessController.java:22) [esapi-2.0.1.jar:2.0.1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_03]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_03]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_03]
at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_03]
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:86) [esapi-2.0.1.jar:2.0.1]
at org.owasp.esapi.ESAPI.accessController(ESAPI.java:85) [esapi-2.0.1.jar:2.0.1]
at de.liedl.bachelor.controller.TestController.esapiTest(TestController.java:45) [classe:]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_03]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_03]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_03]
at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_03]
at javax.el.BeanELResolver.invokeMethod(BeanELResolver.java:735) [jboss-el-api_2.2_spec-1.0.0.Final.jar:1.0.0.Final]
at javax.el.BeanELResolver.invoke(BeanELResolver.java:467) [jboss-el-api_2.2_spec-1.0.0.Final.jar:1.0.0.Final]
at javax.el.CompositeELResolver.invoke(CompositeELResolver.java:246) [jboss-el-api_2.2_spec-1.0.0.Final.jar:1.0.0.Final]
at org.apache.el.parser.AstValue.getValue(AstValue.java:159) [jbossweb-7.0.10.Final.jar:]
at org.apache.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:189) [jbossweb-7.0.10.Final.jar:]
at org.jboss.weld.el.WeldValueExpression.getValue(WeldValueExpression.java:50) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31]
at com.sun.faces.facelets.el.TagValueExpression.getValue(TagValueExpression.java:109) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:194) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:182) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at javax.faces.component.UIOutput.getValue(UIOutput.java:169) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at com.sun.faces.renderkit.html_basic.HtmlBasicInputRenderer.getValue(HtmlBasicInputRenderer.java:205) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.getCurrentValue(HtmlBasicRenderer.java:355) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at com.sun.faces.renderkit.html_basic.HtmlBasicRenderer.encodeEnd(HtmlBasicRenderer.java:164) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:875) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1764) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1760) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1760) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at com.sun.faces.application.view.FaceletViewHandlingStrategy.renderView(FaceletViewHandlingStrategy.java:402) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at com.sun.faces.application.view.MultiViewHandler.renderView(MultiViewHandler.java:131) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:288) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:121) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:139) [jsf-impl-2.1.5-jbossorg-1.jar:2.1.5-SNAPSHOT]
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:594) [jboss-jsf-api_2.1_spec-2.0.0.Final.jar:2.0.0.Final]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.10.Final.jar:]
at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.core.StandardContextValve.__invoke(StandardContextValve.java:161) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java) [jbossweb-7.0.10.Final.jar:]
at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.1.0.Final.jar:7.1.0.Final]
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:154) [jboss-as-web-7.1.0.Final.jar:7.1.0.Final]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.10.Final.jar:]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.10.Final.jar:]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.10.Final.jar:]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.10.Final.jar:]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.10.Final.jar:]
at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_03]
我知道 ESAPI Swingset演示 - 这在我的配置中运行
i know the ESAPI Swingset Demo - and this is running in my configuration
我有两个问题:
是我的maven和我的服务器启动配置吗?
因为错误看起来ESAPI无法找到ESAPI记录器功能....
I have 2 questions:
is my maven and my server start configuration right?
because the error looks like the ESAPI can't find the ESAPI Logger functions....
和
甚至可以在我的设置中使用简单的测试代码片段吗?
And
Is it even possible to use the simple test code-snippet in my setup at all?
(ps也尝试了它没有maven,只是包括下载的jar - 但它没有工作)
(p.s. also tried to it without maven and just with including the downloaded jar - but its not working)
我想念的东西:
(这是来自swingset演示示例,不是来自我自己的项目)
I miss something like:
(this is from the swingset demo example, NOT from my own project)
Seeking ESAPI.properties
Not found in 'org.owasp.esapi.resources' directory or file not readable: /home/joergi/dev/projects/esapi_demo_1punkt0/ESAPI.properties
Not found in SystemResource Directory/resourceDirectory: .esapi/ESAPI.properties
Not found in SystemResource Directory/.esapi: .esapi/ESAPI.properties
Not found in SystemResource Directory: ESAPI.properties
Found in 'user.home' directory: /home/joergi/.esapi/ESAPI.properties
Loaded 'ESAPI.properties' properties file
Seeking validation.properties
Not found in 'org.owasp.esapi.resources' directory or file not readable: /home/joergi/dev/projects/esapi_demo_1punkt0/validation.properties
Not found in SystemResource Directory/resourceDirectory: .esapi/validation.properties
Not found in SystemResource Directory/.esapi: .esapi/validation.properties
Not found in SystemResource Directory: validation.properties
Found in 'user.home' directory: /home/joergi/.esapi/validation.properties
Loaded 'validation.properties' properties file
Seeking ESAPI_logging_file
Not found in 'org.owasp.esapi.resources' directory or file not readable: /home/joergi/dev/projects/esapi_demo_1punkt0/ESAPI_logging_file
Not found in SystemResource Directory/resourceDirectory: .esapi/ESAPI_logging_file
Not found in SystemResource Directory/.esapi: .esapi/ESAPI_logging_file
Not found in SystemResource Directory: ESAPI_logging_file
Found in 'user.home' directory: /home/joergi/.esapi/ESAPI_logging_file
希望有人可以提供帮助!
Hopefully somebody can help!
推荐答案
你有多个版本的Log4J库一世在您的类路径中,可能是由于您的应用程序正在使用另一个库的下游依赖项。检查您的依赖关系树以找出重复库的加载位置并将其排除在您的pom.xml中
You have multiple versions of the Log4J library in your classpath, likely as a result of a downstream dependency from another library being used by your application. Examine your dependency tree to figure out where the duplicate library is being loaded and exclude it in your pom.xml
mvn dependency:tree
这将显示应用程序的依赖关系树。
This will show you the dependency tree for your application.
<exclusion>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</exclusion>
将此排除项添加到pom.xml中的罪魁祸首依赖项中,所有这些都应该适用于全世界。
Add this exclusion to the culprit dependency in your pom.xml and all should be right with the world.
这篇关于Maven Java EE项目中的OWASP ESAPI simpleTest的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
