I have build a ESAPITestValidator class as follows :
public class ESAPITestValidator {
Validator instance = ESAPI.validator();
ValidationErrorList errors = new ValidationErrorList();
File parent = null;
String path = new String("");
boolean status = false;
public boolean testGetValidDirectoryPath(String inputPath,String context)
{
try
{
parent = new File(inputPath).getParentFile().getCanonicalFile();
//String parent = ESAPI.securityConfiguration().getResourceFile("ESAPI.properties").getParentFile().getCanonicalPath();
path = instance.getValidDirectoryPath(context, inputPath, parent, true, errors);
status = true;
return status;
}catch(Exception exception)
{
exception.printStackTrace();
status= false;
}
return status;
}
}
Now I am Trying to invoke the testGetValidDirectoryPath() from a main class as follows :
public class HelloWorld {
public static void main(String[] args) {
ESAPITestValidator obj = new ESAPITestValidator();
if ( obj.testGetValidDirectoryPath("C:\\Users\\1730176\\Downloads","C:\\Users") )
System.out.println("Success");
else
System.out.println("Failure");
}
}
I have also Uploaded the ESAPI.properties and Validation.properties in the same Source folder as the main and validator class. But I am getting the following exception :
System property [org.owasp.esapi.opsteam] is not set
System property [org.owasp.esapi.devteam] is not set
Attempting to load ESAPI.properties via file I/O.
Attempting to load ESAPI.properties as resource file via file I/O.
Not found in 'org.owasp.esapi.resources' directory or file not readable:
D:\Arindam_Workspace\ESAPI_Workspace\ESAPIProofOfConcept\ESAPI.properties
Not found in SystemResource Directory/resourceDirectory:
.esapi\ESAPI.properties
Found in 'user.home' directory: C:\Users\1730176\esapi\ESAPI.properties
Loaded 'ESAPI.properties' properties file
SecurityConfiguration for Validator.ConfigurationFile.MultiValued not found
in ESAPI.properties. Using default: false
Attempting to load validation.properties via file I/O.
Attempting to load validation.properties as resource file via file I/O.
Not found in 'org.owasp.esapi.resources' directory or file not readable:
D:\Arindam_Workspace\ESAPI_Workspace\ESAPIProofOfConcept\
validation.properties
Not found in SystemResource Directory/resourceDirectory:
.esapi\validation.properties
Found in 'user.home' directory: C:\Users\1730176\esapi\validation.properties
Loaded 'validation.properties' properties file
Exception in thread "main" java.lang.NoClassDefFoundError:
javax/servlet/http/HttpServletRequest
at java.lang.Class.getDeclaredMethods0(Native Method)
at java.lang.Class.privateGetDeclaredMethods(Class.java:2427)
at java.lang.Class.getMethod0(Class.java:2670)
at java.lang.Class.getMethod(Class.java:1603)
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:77)
at org.owasp.esapi.ESAPI.validator(ESAPI.java:191)
at main.utility.ESAPITestValidator.<init>(ESAPITestValidator.java:20)
at main.core.HelloWorld.main(HelloWorld.java:16)
Caused by: java.lang.ClassNotFoundException:
javax.servlet.http.HttpServletRequest
at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
... 8 more
Can anyone sujjest What I have done worng or am I missing something ?
The JVM is looking for the javax/servlet/http/HttpServletRequest class, and you haven't loaded it into the classpath. You will need to include an implementation of the java servlet API on the classpath. Keep in mind that ESAPI is a web-based library and you will probably have an easier time testing if you clone the actual esapi-java-legacy project and work with the unit tests there.