|
|||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||||
The ISecurityConfiguration interface stores all configuration information that directs the behavior of the ESAPI implementation.
Protection of this configuration information is critical to the secure operation of the application using the ESAPI. You should use operating system access controls to limit access to wherever the configuration information is stored. Please note that adding another layer of encryption does not make the attackers job much more difficult. Somewhere there must be a master "secret" that is stored unencrypted on the application platform. Creating another layer of indirection doesn't provide any real additional security.
| Method Summary | |
java.util.List |
getAllowedFileExtensions()
Gets the allowed file extensions. |
int |
getAllowedFileUploadSize()
Gets the allowed file upload size. |
int |
getAllowedLoginAttempts()
Gets the allowed login attempts. |
java.lang.String |
getApplicationName()
Gets the application name, used for logging |
java.lang.String |
getCharacterEncoding()
Gets the character encoding. |
java.lang.String |
getDigitalSignatureAlgorithm()
Gets the digital signature algorithm. |
java.lang.String |
getEncryptionAlgorithm()
Gets the encryption algorithm. |
java.lang.String |
getHashAlgorithm()
Gets the hasing algorithm. |
java.io.File |
getKeystore()
Gets the keystore. |
char[] |
getMasterPassword()
Gets the master password. |
byte[] |
getMasterSalt()
Gets the master salt. |
int |
getMaxOldPasswordHashes()
Gets the max old password hashes. |
java.lang.String |
getPasswordParameterName()
Gets the password parameter name. |
Threshold |
getQuota(java.lang.String eventName)
Gets an intrusion detection Quota. |
java.lang.String |
getRandomAlgorithm()
Gets the random number generation algorithm. |
java.lang.String |
getResourceDirectory()
Gets the ESAPI resource directory as a String. |
java.lang.String |
getUsernameParameterName()
Gets the username parameter name. |
void |
setResourceDirectory(java.lang.String dir)
Sets the ESAPI resource directory. |
| Method Detail |
public java.lang.String getApplicationName()
public char[] getMasterPassword()
public java.io.File getKeystore()
public byte[] getMasterSalt()
public java.util.List getAllowedFileExtensions()
public int getAllowedFileUploadSize()
public java.lang.String getPasswordParameterName()
public java.lang.String getUsernameParameterName()
public java.lang.String getEncryptionAlgorithm()
public java.lang.String getHashAlgorithm()
public java.lang.String getCharacterEncoding()
public java.lang.String getDigitalSignatureAlgorithm()
public java.lang.String getRandomAlgorithm()
public int getAllowedLoginAttempts()
public int getMaxOldPasswordHashes()
public Threshold getQuota(java.lang.String eventName)
eventName -
public java.lang.String getResourceDirectory()
public void setResourceDirectory(java.lang.String dir)
|
|||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||||