A C D E F G H I J K L M N O P R S T U V W

A

ANONYMOUS - Static variable in interface org.owasp.esapi.interfaces.IUser

AccessControlException - exception org.owasp.esapi.errors.AccessControlException.

An AccessControlException should be thrown when a user attempts to access a resource that they are not authorized for.

AccessControlException(String, String) - Constructor for class org.owasp.esapi.errors.AccessControlException

Creates a new instance of EnterpriseSecurityException.

AccessControlException(String, String, Throwable) - Constructor for class org.owasp.esapi.errors.AccessControlException

Instantiates a new access control exception.

AccessController - class org.owasp.esapi.AccessController.

Reference implementation of the IAccessController interface.

AccessController() - Constructor for class org.owasp.esapi.AccessController

AccessReferenceMap - class org.owasp.esapi.AccessReferenceMap.

Reference implementation of the IAccessReferenceMap interface.

AccessReferenceMap() - Constructor for class org.owasp.esapi.AccessReferenceMap

This AccessReferenceMap implementation uses short random strings to create a layer of indirection.

AccessReferenceMap(Set) - Constructor for class org.owasp.esapi.AccessReferenceMap

Instantiates a new access reference map.

AuthenticationAccountsException - exception org.owasp.esapi.errors.AuthenticationAccountsException.

An AuthenticationException should be thrown when anything goes wrong during login or logout.

AuthenticationAccountsException(String, String) - Constructor for class org.owasp.esapi.errors.AuthenticationAccountsException

Creates a new instance of EnterpriseSecurityException.

AuthenticationAccountsException(String, String, Throwable) - Constructor for class org.owasp.esapi.errors.AuthenticationAccountsException

Instantiates a new authentication exception.

AuthenticationCredentialsException - exception org.owasp.esapi.errors.AuthenticationCredentialsException.

An AuthenticationException should be thrown when anything goes wrong during login or logout.

AuthenticationCredentialsException(String, String) - Constructor for class org.owasp.esapi.errors.AuthenticationCredentialsException

Creates a new instance of EnterpriseSecurityException.

AuthenticationCredentialsException(String, String, Throwable) - Constructor for class org.owasp.esapi.errors.AuthenticationCredentialsException

Instantiates a new authentication exception.

AuthenticationException - exception org.owasp.esapi.errors.AuthenticationException.

An AuthenticationException should be thrown when anything goes wrong during login or logout.

AuthenticationException(String, String) - Constructor for class org.owasp.esapi.errors.AuthenticationException

Creates a new instance of EnterpriseSecurityException.

AuthenticationException(String, String, Throwable) - Constructor for class org.owasp.esapi.errors.AuthenticationException

Instantiates a new authentication exception.

AuthenticationHostException - exception org.owasp.esapi.errors.AuthenticationHostException.

An AuthenticationHostException should be thrown when there is a problem with the host involved with authentication, particularly if the host changes unexpectedly.

AuthenticationHostException(String, String) - Constructor for class org.owasp.esapi.errors.AuthenticationHostException

Creates a new instance of AuthenticationHostException.

AuthenticationHostException(String, String, Throwable) - Constructor for class org.owasp.esapi.errors.AuthenticationHostException

Instantiates a new authentication exception.

AuthenticationLoginException - exception org.owasp.esapi.errors.AuthenticationLoginException.

An AuthenticationException should be thrown when anything goes wrong during login or logout.

AuthenticationLoginException(String, String) - Constructor for class org.owasp.esapi.errors.AuthenticationLoginException

Creates a new instance of EnterpriseSecurityException.

AuthenticationLoginException(String, String, Throwable) - Constructor for class org.owasp.esapi.errors.AuthenticationLoginException

Instantiates a new authentication exception.

Authenticator - class org.owasp.esapi.Authenticator.

Reference implementation of the IAuthenticator interface.

Authenticator() - Constructor for class org.owasp.esapi.Authenticator

AvailabilityException - exception org.owasp.esapi.errors.AvailabilityException.

An AvailabilityException should be thrown when the availability of a limited resource is in jeopardy.

AvailabilityException(String, String) - Constructor for class org.owasp.esapi.errors.AvailabilityException

Creates a new instance of AvailabilityException.

AvailabilityException(String, String, Throwable) - Constructor for class org.owasp.esapi.errors.AvailabilityException

Instantiates a new AvailabilityException.

accessController() - Static method in class org.owasp.esapi.ESAPI

actions - Variable in class org.owasp.esapi.Threshold

addCSRFToken(String) - Method in class org.owasp.esapi.HTTPUtilities

addCSRFToken(String) - Method in interface org.owasp.esapi.interfaces.IHTTPUtilities

Adds the current user's CSRF token (see User.getCSRFToken()) to the URL for purposes of preventing CSRF attacks.

addDirectReference(Object) - Method in class org.owasp.esapi.AccessReferenceMap

Adds a direct reference and a new random indirect reference, overwriting any existing values.

addDirectReference(Object) - Method in interface org.owasp.esapi.interfaces.IAccessReferenceMap

Adds a direct reference to the AccessReferenceMap and generates an associated indirect reference.

addEvent(String) - Method in class org.owasp.esapi.IntrusionDetector

Adds the event to the IntrusionDetector.

addEvent(String) - Method in interface org.owasp.esapi.interfaces.IIntrusionDetector

Adds the event to the IntrusionDetector.

addException(Exception) - Method in class org.owasp.esapi.IntrusionDetector

This implementation uses an exception store in each User object to track exceptions.

addException(Exception) - Method in interface org.owasp.esapi.interfaces.IIntrusionDetector

Adds the exception to the IntrusionDetector.

addRole(String) - Method in class org.owasp.esapi.User

addRole(String) - Method in interface org.owasp.esapi.interfaces.IUser

Adds a role to an account.

addRoles(Set) - Method in class org.owasp.esapi.User

addRoles(Set) - Method in interface org.owasp.esapi.interfaces.IUser

Adds the roles.

assertAuthorizedForData(String) - Method in class org.owasp.esapi.AccessController

assertAuthorizedForData(String) - Method in interface org.owasp.esapi.interfaces.IAccessController

assertAuthorizedForFile(String) - Method in class org.owasp.esapi.AccessController

assertAuthorizedForFile(String) - Method in interface org.owasp.esapi.interfaces.IAccessController

assertAuthorizedForFunction(String) - Method in class org.owasp.esapi.AccessController

assertAuthorizedForFunction(String) - Method in interface org.owasp.esapi.interfaces.IAccessController

assertAuthorizedForService(String) - Method in class org.owasp.esapi.AccessController

assertAuthorizedForService(String) - Method in interface org.owasp.esapi.interfaces.IAccessController

assertAuthorizedForURL(String) - Method in class org.owasp.esapi.AccessController

assertAuthorizedForURL(String) - Method in interface org.owasp.esapi.interfaces.IAccessController

assertIsValidHTTPRequest() - Method in class org.owasp.esapi.Validator

Validates the current HTTP request by comparing parameters, headers, and cookies to a predefined whitelist of allowed characters.

assertIsValidHTTPRequest(HttpServletRequest) - Method in class org.owasp.esapi.Validator

Validates the current HTTP request by comparing parameters, headers, and cookies to a predefined whitelist of allowed characters.

assertIsValidHTTPRequest() - Method in interface org.owasp.esapi.interfaces.IValidator

Validates the current HTTP request by comparing parameters, headers, and cookies to a predefined whitelist of allowed characters.

assertIsValidHTTPRequestParameterSet(String, Set, Set) - Method in class org.owasp.esapi.Validator

Validates that the parameters in the current request contain all required parameters and only optional ones in addition.

assertIsValidHTTPRequestParameterSet(String, Set, Set) - Method in interface org.owasp.esapi.interfaces.IValidator

Validates that the parameters in the current request contain all required parameters and only optional ones in addition.

assertValidFileUpload(String, String, String, byte[], int, boolean) - Method in class org.owasp.esapi.Validator

Validates the filepath, filename, and content of a file.

assertValidFileUpload(String, String, String, byte[], int, boolean) - Method in interface org.owasp.esapi.interfaces.IValidator

Validates the filepath, filename, and content of a file.

authenticator() - Static method in class org.owasp.esapi.ESAPI