This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "GPC Project Details/OWASP Enterprise Security API"

From OWASP
Jump to: navigation, search
m (Added Jeremiah Stacey as a contributor.)
 
(3 intermediate revisions by 3 users not shown)
Line 8: Line 8:
  
 
* '''There are optionally your own implementations for each security control.''' There may be application logic contained in these classes which may be developed by or for your organization. An example: enterprise authentication.
 
* '''There are optionally your own implementations for each security control.''' There may be application logic contained in these classes which may be developed by or for your organization. An example: enterprise authentication.
| project_license = [http://en.wikipedia.org/wiki/BSD_license BSD license]
+
| project_license =BSD license
| leader_name = Jeff Williams
+
| leader_name =Kevin W. Wall and Matt Seil
| leader_email = jeff.williams@owasp.org
+
| leader_email =kevin.w.wall@gmail.com
| leader_username = Jeff_Williams
+
| past_leaders_special_contributions =Jeff Williams, Dave Wichers, Chris Schmidt, Jim Manico
| past_leaders_special_contributions =  
+
| maintainer_name =
| maintainer_name = Jim Manico
+
| maintainer_email =
| maintainer_email = [email protected]
+
| maintainer_username =
| maintainer_username =jmanico
+
| contributor_name1 = Jeremiah J. Stacey
| contributor_name1 = Chris Schmidt
+
| contributor_email1 =
| contributor_email1 =  
+
| contributor_username1 =
| contributor_username1 =  
+
| contributor_name2 = Chris Schmidt
| contributor_name2 = Kevin Wall
+
| contributor_email2 = [email protected]
| contributor_email2 =  
+
| contributor_username2 = Chris_Schmidt
| contributor_username2 =  
+
| contributor_name3 =
| contributor_name3 =  
+
| contributor_email3 =
| contributor_email3 =  
+
| contributor_username3 =
| contributor_username3 =  
+
| contributor_name4 =Jeff Williams
| contributor_name4 =  
+
| contributor_email4 =
| contributor_email4 =  
+
| contributor_username4 =
| contributor_username4 =  
+
| contributor_name5 =Dave Wichers
| contributor_name5 =  
+
| contributor_email5 =
| contributor_email5 =  
+
| contributor_username5 =
| contributor_username5 =  
+
| contributor_name6 =John Steven
| contributor_name6 =  
+
| contributor_email6 =
| contributor_email6 =  
 
 
| contributor_username6 =  
 
| contributor_username6 =  
| contributor_name7 =  
+
 
| contributor_email7 =  
+
| contributor_name7 =
| contributor_username7 =  
+
| contributor_email7 =
| contributor_name8 =  
+
| contributor_username7 =
| contributor_email8 =  
+
| contributor_name8 =
| contributor_username8 =  
+
| contributor_email8 =
| contributor_name9 =  
+
| contributor_username8 =
| contributor_email9 =  
+
| contributor_name9 =
| contributor_username9 =  
+
| contributor_email9 =
| contributor_name10 =  
+
| contributor_username9 =
| contributor_email10 =  
+
| contributor_name10 =
| contributor_username10 =
+
| contributor_email10 =
 +
| contributor_username10 =
 +
|
 
| pamphlet_link = http://www.owasp.org/images/8/81/Esapi-datasheet.pdf
 
| pamphlet_link = http://www.owasp.org/images/8/81/Esapi-datasheet.pdf
 
| presentation_link = http://owasp-esapi-java.googlecode.com/files/OWASP%20ESAPI.ppt
 
| presentation_link = http://owasp-esapi-java.googlecode.com/files/OWASP%20ESAPI.ppt

Latest revision as of 03:11, 29 May 2019

PROJECT INFO
What does this OWASP project offer you?
what is this project?
OWASP Enterprise Security API

Purpose: ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications. The ESAPI libraries are designed to make it easier for programmers to retrofit security into existing applications. The ESAPI libraries also serve as a solid foundation for new development. Allowing for language-specific differences, all OWASP ESAPI versions have the same basic design:

  • There is a set of security control interfaces. They define for example types of parameters that are passed to types of security controls.
  • There is a reference implementation for each security control. The logic is not organization‐specific and the logic is not application‐specific. An example: string‐based input validation.
  • There are optionally your own implementations for each security control. There may be application logic contained in these classes which may be developed by or for your organization. An example: enterprise authentication.

License: BSD license

who is working on this project?
Project Leader: Kevin W. Wall and Matt Seil @

Project Maintainer:

Project Contributor(s):

  • Jeremiah J. Stacey
  • Chris Schmidt @
  • Jeff Williams
  • Dave Wichers
  • John Steven
how can you learn more?
Project Pamphlet: View

3x slide Project Presentation: View

Mailing list: Subscribe or read the archives

Project Roadmap: N/A

Main links:

Project Health: Yellow button.JPG Not Reviewed (Provisional)
To be reviewed under Assessment Criteria v2.0

Key Contacts
  • Contact Kevin W. Wall and Matt Seil @ to contribute, review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.