This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Project Information: OWASP Enterprise Security API Project"

From OWASP
Jump to: navigation, search
 
(10 intermediate revisions by 4 users not shown)
Line 1: Line 1:
 +
[[Category:OWASP_Enterprise_Security_API]]
 
----
 
----
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
Line 8: Line 9:
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
 
  | colspan="7" style="width:85%; background:#cccccc" align="left"|
 
  | colspan="7" style="width:85%; background:#cccccc" align="left"|
'''What ESAPI is?''' The ESAPI is a free and open collection of all the security methods that a developer needs to build a secure web application. You can just use the interfaces and build your own implementation using your company's infrastructure. Or, you can use the reference implementation as a starting point. In concept, the API is language independent. However, the first deliverables from the project are a Java API and a Java reference implementation.  Efforts to build ESAPI in .NET and PHP are already underway.
+
Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The '''OWASP Enterprise Security API (ESAPI) Toolkits''' help software developers guard against security-related design and implementation flaws. The ESAPI Toolkit architecture is very simple – a collection of classes that encapsulate the key security operations most applications need. ESAPI is designed to make it easy to retrofit security into existing applications, as well as providing a solid foundation for new development. ESAPI comes with an ESAPI filter that minimizes the changes required to your base application. There are ESAPI Toolkits for the following platforms:
 +
* '''Java EE''' - This version of the ESAPI Toolkit is currently available.
 +
* '''.NET''' - This version of the ESAPI Toolkit is currently under development.
 +
* '''PHP''' - This version of the ESAPI Toolkit is currently under development.
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|
 
  | style="width:15%; background:#7B8ABD" align="center"|
Line 21: Line 25:
 
License<br>[http://en.wikipedia.org/wiki/BSD_license '''BSD license''']
 
License<br>[http://en.wikipedia.org/wiki/BSD_license '''BSD license''']
 
  | style="width:14%; background:#cccccc" align="center"|
 
  | style="width:14%; background:#cccccc" align="center"|
Project Type<br>[[:Category:OWASP_Project#Beta_Status_Projects|'''Tool''']]
+
Project Type<br>[[:Category:OWASP_Project#Release Quality Projects|'''Tool''']]
  | style="width:15%; background:#000000" align="center"|
+
  | style="width:15%; background:#cccccc" align="center"|
Sponsors<br>[http://www.aspectsecurity.com/ https://www.owasp.org/images/d/d1/Aspect_logo.gif]
+
Sponsors<br><div style="background:#ffffff">[http://www.aspectsecurity.com/ https://www.owasp.org/images/d/d1/Aspect_logo.gif]</div>
 
  |}
 
  |}
 
{| style="width:100%" border="0" align="center"  
 
{| style="width:100%" border="0" align="center"  
Line 31: Line 35:
 
  |-
 
  |-
 
  | style="width:29%; background:#cccccc" align="center"|
 
  | style="width:29%; background:#cccccc" align="center"|
Provisory '''[[:Category:OWASP Project Assessment#Beta Quality Tool Criteria|Beta Quality]]'''<br>(under review)<br>[[:OWASP Enterprise Security API Project - Assessment Frame|Please see here for complete information.]]
+
Provisory '''[[:Category:OWASP Project Assessment#Release Quality Tool Criteria|Release Quality]]'''<br>(Waiting for Second Reviewer's assessment)<br>[[:OWASP Enterprise Security API Project - Assessment Frame|Please see here for complete information.]]
  | style="width:42%; background:#cccccc" align="center"|
+
  | style="width:42%; background:#cccccc" align="left"|
[http://owasp-esapi-java.googlecode.com/svn/trunk/documentation/OWASP%20ESAPI%20Overview.pptx ESAPI PowerPoint presentation]<br>[http://www.youtube.com/watch?v=QAPD1jPn04g ESAPI Video presentation]<br>ESAPI Demo application - [[ESAPI_Swingset|The ESAPI Swingset]]<br>JAVA 1.4 compatible JAR for ESAPI v1.4 - [http://owasp-esapi-java.googlecode.com/files/owasp-esapi-full-java-1.4.jar Complete] & [http://owasp-esapi-java.googlecode.com/files/owasp-esapi-basic-java-1.4.jar Basic] JAR files<br>[http://owasp-esapi-java.googlecode.com/files/owasp-esapi-java-src-1.4.zip Source files for ESAPI v1.4]<br>[http://code.google.com/p/owasp-esapi-java/ ESAPI Google Code repository]<br>[http://owasp-esapi-java.googlecode.com/svn/trunk_doc/index.html ESAPI Javadocs]<br>[https://www.owasp.org/index.php/ESAPI_Javadocs Javadocs' information generation]<br>[http://code.google.com/p/owasp-esapi-java/issues/list Problems with the ESAPI may be reported here]
+
* [http://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API#OWASP_ESAPI_Documentation_Downloads About ESAPI and documentation downloads]
 +
* ESAPI Demo application - [[ESAPI_Swingset|The ESAPI Swingset]]<br>
 +
* JAVA 1.4 compatible JAR for ESAPI v1.4 - [http://owasp-esapi-java.googlecode.com/files/owasp-esapi-full-java-1.4.jar Complete] & [http://owasp-esapi-java.googlecode.com/files/owasp-esapi-basic-java-1.4.jar Basic] JAR files<br>
 +
* [http://owasp-esapi-java.googlecode.com/files/owasp-esapi-java-src-1.4.zip Source files for ESAPI v1.4]<br>
 +
* [http://code.google.com/p/owasp-esapi-java/ ESAPI Google Code repository]<br>
 +
* [http://owasp-esapi-java.googlecode.com/svn/trunk_doc/index.html ESAPI Javadocs]<br>
 +
* [https://www.owasp.org/index.php/ESAPI_Javadocs Javadocs' information generation]<br>
 +
* [http://code.google.com/p/owasp-esapi-java/issues/list Problems with the ESAPI may be reported here]
 
  | style="width:29%; background:#cccccc" align="center"|
 
  | style="width:29%; background:#cccccc" align="center"|
[[Top Ten|OWASP Top Ten]]
+
[http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top Ten]<br>[http://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP ASVS Project]
 
  |}
 
  |}
 
----
 
----

Latest revision as of 01:34, 31 March 2009


PROJECT INFORMATION
Project Name OWASP Enterprise Security API (ESAPI) Project
Short Project Description

Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The OWASP Enterprise Security API (ESAPI) Toolkits help software developers guard against security-related design and implementation flaws. The ESAPI Toolkit architecture is very simple – a collection of classes that encapsulate the key security operations most applications need. ESAPI is designed to make it easy to retrofit security into existing applications, as well as providing a solid foundation for new development. ESAPI comes with an ESAPI filter that minimizes the changes required to your base application. There are ESAPI Toolkits for the following platforms:

  • Java EE - This version of the ESAPI Toolkit is currently available.
  • .NET - This version of the ESAPI Toolkit is currently under development.
  • PHP - This version of the ESAPI Toolkit is currently under development.

Key Project Information

Project Leader
Jeff Williams

Project Contibutors
If any, add here

Mailing List
Subscribe here
Use here

License
BSD license

Project Type
Tool

Sponsors
Aspect_logo.gif
Release Status Main Links Related Projects

Provisory Release Quality
(Waiting for Second Reviewer's assessment)
Please see here for complete information.

OWASP Top Ten
OWASP ASVS Project