easpi .properties and validation properties are present but still it is throwing error and the application is failing do you have any solution for this

ESAPI / esapi-java-legacy

ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.

https://owasp.org/www-project-enterprise-security-api/

Other

598 stars 363 forks source link

easpi .properties and validation properties are present but still it is throwing error and the application is failing do you have any solution for this #832

Closed sh26masood closed 4 months ago

sh26masood commented 4 months ago

          Yeah, you can get rid of those messages by running it as:

java -Dorg.owasp.esapi.logSpecial.discard=true ...

So, this is not a bug, but a feature. See https://javadoc.io/doc/org.owasp.esapi/esapi/latest/org/owasp/esapi/reference/DefaultSecurityConfiguration.html for details of how ESAPI searches for the ESAPI.properties file.

Originally posted by @kwwall in https://github.com/ESAPI/esapi-java-legacy/issues/653#issuecomment-1016995464

xeno6696 commented 4 months ago

If you provide a git repo link to a demo application that reproduces your error, we can attempt to help you, but this issue is always a local environment issue and without direct access, we can't help you much.

Often this is some sort of a classpath issue where the properties file isn't pulled into the JVM's execution environment. That's as specific as I can get with the provided information. Maybe try writing some code to see if your JVM can even access the file. Maybe you don't have read permissions?

xeno6696 commented 4 months ago

Closing as this isn't a bug.

kwwall commented 4 months ago

See https://github.com/ESAPI/esapi-java-legacy/issues/831#issuecomment-1961515828 for additional details related to this.