This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "ESAPI Specification"
From OWASP
(Created page with "== AccessController == === <Key,Context> void assertAuthorized(Key key, Context context) === === <Key,Context> boolean isAuthorized(Key key, Context context) === == AccessRefe...") |
|||
Line 1: | Line 1: | ||
== AccessController == | == AccessController == | ||
+ | |||
+ | === Changes from ESAPI 2.0 === | ||
+ | * Removed deprecated methods | ||
+ | * Added Generic Stereotypes to the Key and Context parameters) | ||
=== <Key,Context> void assertAuthorized(Key key, Context context) === | === <Key,Context> void assertAuthorized(Key key, Context context) === | ||
Line 84: | Line 88: | ||
=== void addException(Throwable exception) === | === void addException(Throwable exception) === | ||
+ | |||
+ | == LogFactory == | ||
+ | Still thinking this one through | ||
+ | |||
+ | == Logger == | ||
+ | Still thinking this one through | ||
== Randomizer == | == Randomizer == |
Revision as of 05:22, 16 June 2011
- 1 AccessController
- 2 AccessReferenceMap<Key>
- 3 Authenticator
- 4 Codec
- 5 Encoder
- 6 Encryptor
- 6.1 PlainText decrypt(CipherText cipherText, SecretKey secretKey) throws EncryptionException
- 6.2 CipherText encrypt(PlainText plainText, SecretKey secretKey) throws EncryptionException
- 6.3 MessageDigest hash(PlainText plainText, Salt salt, Integer iterations) throws EncryptionException
- 6.4 String seal(String data, Long timestamp) throws EncryptionException
- 6.5 String sign(String data) throws EncryptionException
- 6.6 String unseal(String sealedData) throws EncryptionException
- 6.7 void verifySeal(String sealedData) throws DataIntegrityException
- 6.8 void verifySignature(String signature, String data) throws InvalidSignatureException
- 7 Executor
- 8 ExecutorResult
- 9 ExecutorTarget
- 10 IntrusionDetector
- 11 LogFactory
- 12 Logger
- 13 Randomizer
- 13.1 Boolean getRandomBoolean()
- 13.2 Byte[] getRandomBytes(Integer len)
- 13.3 String getRandomFilename(String extension)
- 13.4 String getRandomUUID()
- 13.5 Integer getRandomInteger(Integer min, Integer max)
- 13.6 Long getRandomLong(Long min, Long max)
- 13.7 Float getRandomReal(Float min, Float max)
- 13.8 String getRandomString(Integer len, char[] charSet)
- 14 Resource
- 15 User
- 15.1 <Type> Type getAccountID()
- 15.2 String getAccountName()
- 15.3 Long getExpirationTime()
- 15.4 Integer getFailedLoginCount()
- 15.5 Long getLastFailedLoginTime()
- 15.6 String getLastHostAddress()
- 15.7 Long getLastLoginTime()
- 15.8 Long getLastPasswordChangeTime()
- 15.9 String getLocale()
- 15.10 Set<String> getRoles()
- 15.11 String getScreenName()
- 15.12 Boolean isAnonymous()
- 15.13 Boolean isEnabled()
- 15.14 Boolean isExpired()
- 15.15 Boolean isInRole(String role)
- 15.16 Boolean isLocked()
- 15.17 Boolean isLoggedIn()
- 16 Validator
AccessController
Changes from ESAPI 2.0
- Removed deprecated methods
- Added Generic Stereotypes to the Key and Context parameters)
<Key,Context> void assertAuthorized(Key key, Context context)
<Key,Context> boolean isAuthorized(Key key, Context context)
AccessReferenceMap<Key>
<Type> Key addDirectReference(Type direct)
<Type> Type getDirectReference(Key key)
<Type> Key getIndirectReference(Type directReference)
<Type> Key removeDirectReference(Type directReference)
<Type> void update(Set<Type> directReferences)
Authenticator
User login() throws AuthenticationException
void logout() throws AuthenticationException
Codec
String encode(char c)
String decode(String s)
Encoder
String encode(String s)
String decode(String s)
void addCodec(Codec c)
Set<Codec> getCodecs()
void setCodecs(Set<Codec> codecs)
Encryptor
PlainText decrypt(CipherText cipherText, SecretKey secretKey) throws EncryptionException
CipherText encrypt(PlainText plainText, SecretKey secretKey) throws EncryptionException
MessageDigest hash(PlainText plainText, Salt salt, Integer iterations) throws EncryptionException
String seal(String data, Long timestamp) throws EncryptionException
String sign(String data) throws EncryptionException
String unseal(String sealedData) throws EncryptionException
void verifySeal(String sealedData) throws DataIntegrityException
void verifySignature(String signature, String data) throws InvalidSignatureException
Executor
ExecutorResult executeSystemCommand(ExecutorTarget target, Encoder encoder) throws ExecutionException
ExecutorResult
String getErrorOutput()
String getStandardOutput()
Integer getExitValue()
ExecutorTarget
Resource getExecutable()
Resource getWorkingDirectory()
OrderedMap<String,String> getParameters()
IntrusionDetector
void addEvent(String eventName, String message)
void addException(Throwable exception)
LogFactory
Still thinking this one through
Logger
Still thinking this one through