This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "ESAPI Swingset"
(Release of Swingset 05b) |
(Update to 05b2) |
||
Line 7: | Line 7: | ||
'''Downloads | '''Downloads | ||
− | Note: Version | + | Note: Version 05b2 require SSL for the login demo page. Instructions are included in the version of 05b2 bundled with Tomcat. If you do not know how/do not want to set up SSL on your own, it is recommended that you download the ESAPI Swingset 05b2 bundled with Apache Tomcat below. In the root directory of the .zip file, there is a README with very simple instructions for setting up SSL for this application. A .keystore file is provided, so user's will not have to generate their own keys. |
Be aware, in some browsers, navigating to the login page will provide a warning that the digital signature provided may not be legitimate. The certificate provided is self-signed for demonstration purposes. The warning can safely be ignored for this page. More detailed information will follow in the coming weeks.''' | Be aware, in some browsers, navigating to the login page will provide a warning that the digital signature provided may not be legitimate. The certificate provided is self-signed for demonstration purposes. The warning can safely be ignored for this page. More detailed information will follow in the coming weeks.''' | ||
===ESAPI Swingset/Apache Tomcat Bundle=== | ===ESAPI Swingset/Apache Tomcat Bundle=== | ||
− | *[http://owasp-esapi-java-swingset.googlecode.com/files/ | + | *[http://owasp-esapi-java-swingset.googlecode.com/files/Swingset_with_tomcat_05b2.zip ESAPI Swingset 05b2 bundled with Apache Tomcat] |
Added: July 6, 2009 | Added: July 6, 2009 | ||
Line 25: | Line 25: | ||
===ESAPI Swingset Source Code=== | ===ESAPI Swingset Source Code=== | ||
− | *[http://owasp-esapi-java-swingset.googlecode.com/files/ | + | *[http://owasp-esapi-java-swingset.googlecode.com/files/ESAPI_Swingset_05b2.zip ESAPI Swingset 05b2 Source Code] |
Added: July 6, 2009 | Added: July 6, 2009 | ||
Line 34: | Line 34: | ||
===ESAPI Swingset WAR file=== | ===ESAPI Swingset WAR file=== | ||
− | *[http://owasp-esapi-java-swingset.googlecode.com/files/ | + | *[http://owasp-esapi-java-swingset.googlecode.com/files/ESAPI_Swingset_05b2.war ESAPI Swingset 05b2 WAR file] |
Added: July 6, 2009 | Added: July 6, 2009 | ||
Revision as of 16:03, 17 July 2009
The ESAPI Swingset is a web application which demonstrates the many uses of the Enterprise Security API (ESAPI).
Swingset is now in beta stage. Much of Swingset is still incomplete, but many ESAPI functions are working.
Download/Run
This Swingset/Apache Tomcat bundle contains everything you need to get Swingset up and running in a matter of minutes. No installation is necessary (assuming you have a Java JRE or JDK installed), just edit one line of a batch file or shell script and you're ready to go!
Downloads
Note: Version 05b2 require SSL for the login demo page. Instructions are included in the version of 05b2 bundled with Tomcat. If you do not know how/do not want to set up SSL on your own, it is recommended that you download the ESAPI Swingset 05b2 bundled with Apache Tomcat below. In the root directory of the .zip file, there is a README with very simple instructions for setting up SSL for this application. A .keystore file is provided, so user's will not have to generate their own keys.
Be aware, in some browsers, navigating to the login page will provide a warning that the digital signature provided may not be legitimate. The certificate provided is self-signed for demonstration purposes. The warning can safely be ignored for this page. More detailed information will follow in the coming weeks.
ESAPI Swingset/Apache Tomcat Bundle
Added: July 6, 2009
What is included in this download?
This download includes:
- Apache Tomcat version 6.0.18
- ESAPI Swingset application
- Batch file for easy loading of Apache Tomcat in Windows
- Readme file with easy setup instructions
- Everything you need to try Swingset
ESAPI Swingset Source Code
Added: July 6, 2009
What is included in this download?
This download includes:
- All ESAPI Swingset source files
ESAPI Swingset WAR file
Added: July 6, 2009
What is included in this download?
This download includes:
- The ESAPI Swingset WAR file -- just drop it in your Apache Tomcat Webapps directory and you're ready to go
Note: the Secure Login page requires SSL be configured on your web server!
Download the JRE or JDK
If it is not already installed, please download a Java JRE or JDK version 5 or later. Please note that, Tomcat 5.5 and above uses the Eclipse JDT Java compiler for compiling JSP pages. This means you no longer need to have the complete Java Development Kit (JDK) to run Tomcat, but a Java Runtime Environment (JRE) is sufficient.
Setup and Run Swingset
Setup Swingset for Windows
- Extract ESAPI_Swingset.zip to a directory of your choice.
- Open Windows Explorer and Navigate to the directory to which ESAPI_Swingset.zip was extracted
- Open Tomcat_6.0.18_start.bat with notepad
- Set either of the two, JRE_HOME or JAVA_HOME enviornment variable for Tomcat to run.
- Save the file
- To set JAVA_HOME environment variable. You need to change the line "set JAVA_HOME=jdk_directory" to your Java install directory, where "jdk_directory" is the root of your Java directory. For many, the line will look like: "set JAVA_HOME=C:\Program Files\Java\jdk1.6.0_10". Please remember that Swingset requires JDK/JRE version 5 or higher.
- To set JRE_HOME change the "JRE_HOME=C:\Program Files\Java\jre1.6.0_10" so that it points to your JRE installation directory
Running Swingset on Windows
- Navigate to the ESAPI_Swingset directory
- Execute Tomcat_6.0.18_start.bat. This can be done through the command line or by double clicking the file.
- If you followed the installation instructions in this wiki, Tomcat should now be running
- Open a web browser and navigate to http://localhost:8080/main
- You should see the ESAPI Swingset start page
How Can I help with Swingset
The ESAPI Swingset is still in an early beta stage. Many pages within Swingset are still incomplete, and we could certainly use some help getting them finished. If you are interested in helping, please check out Swingset's SVN repository.
If you have any ideas for how the ESAPI Swingset could be better, or if you would like to submit new code, please contact Jeff Williams.