Missing property notifications

[GoogleCodeExporter]

What steps will reproduce the problem?
Run ESAPI without the necessary properties set in ESAPI.properties:
1. Install JCE (Java Cryptography Extension)
2. Comment out property 'Encryptor.MasterKey'
3. invoke ESAPI.encryptor().encrypt(regularString);

What is the expected output? What do you see instead?

I see:
looong stacktrace, including these lines:
WARNING: [Anonymous:null@unknown -> /DefaultName/IntrusionDetector] Must
install unlimited strength crypto extension from Sun
org.owasp.esapi.errors.EncryptionException: Encryption failure

What version of the product are you using? On what operating system?
Using trunk on Ubuntu 9.04

Please provide any additional information below.
I believed that my problems were rooted in not being able to install JCE
properly; this was wrong; the problem was missing properties and poor error
handling in DefaultSecurityConfiguration. 
- DefaultSecurityConfiguration: report missing properties
- Improve logging in JavaEncryption (and generally)

Original issue reported on code.google.com by mikael....@gmail.com on 3 Sep 2009 at 9:23

[GoogleCodeExporter]

I believe this issue has been resolved. Keven can you verify?

Original comment by chrisisbeef on 2 Dec 2009 at 7:25

[GoogleCodeExporter]

This was fixed in ESAPI-2.0rc3 release.

Using ESAPI with Encryptor.MasterKey or Encryptor.MasterSalt
being either missing or empty in the ESAPI.properties file now
results in a ConfigurationException being thrown.

Furthermore, the ESAPI.properties file is now shipped this way be
default to force developers to generate their own master key and salt
by executing JavaEncryptor.main(). The exact instructions on how to
do this are in the ESAPI.properties file.

Depending on how you are using ESAPI, this may or may not be logged.

Original comment by kevin.w.wall@gmail.com on 3 Dec 2009 at 1:11

• Changed state: Fixed