esapi-使用esapi 2.2.3.1获取classnotfoundexception

inkz8wg9  于 2021-08-20  发布在  Java
关注(0)|答案(0)|浏览(1207)

我的代码使用org.owasp.esapi 2.2.0.0,但升级到2.2.3.1后,我得到了classnotfoundexception。
我的代码类似于:

Properties esapiProps = new Properties();
  try {
     esapiProps.load( SecurityUtil.class.getResourceAsStream("/ESAPI.properties") );

  } catch (IOException | NullPointerException e) {
     logger.log(Level.SEVERE, "esapi Exception: ", e);
  }
  ESAPI.override( new DefaultSecurityConfiguration(esapiProps));
  // ----- Then canonicalize an input -----
  ESAPI.encoder().canonicalize(input);

我阅读了发行说明并添加了一些属性和esapi java日志
my esapi.properties(类内路径)

ESAPI.printProperties=true
LogLevel=INFO
ESAPI.Encoder=org.owasp.esapi.reference.DefaultEncoder
Encoder.AllowMultipleEncoding=false
Encoder.AllowMixedEncoding=false
Encoder.DefaultCodecList=HTMLEntityCodec,PercentCodec,JavaScriptCodec

ESAPI.Logger=org.owasp.esapi.reference.JavaLogFactory
Logger.ApplicationName=My Test Application
Logger.LogEncodingRequired=false
Logger.LogApplicationName=true
Logger.LogServerIP=true
Logger.LogFileName=ESAPI_logging_file
Logger.MaxLogFileSize=10000000
Logger.UserInfo=true
Logger.ClientInfo=true

我的esapi-java-logging.properties(类路径中)

handlers= java.util.logging.ConsoleHandler
.level= INFO
java.util.logging.ConsoleHandler.level = INFO
java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
java.util.logging.SimpleFormatter.format=[%1$tF %1$tT] [%3$-7s] %5$s %n

但我有一个例外:

[ERROR   ] SRVE0315E: An exception occurred: java.lang.Throwable: org.owasp.esapi.errors.ConfigurationException: java.lang.reflect.InvocationTargetException Encoder class (org.owasp.esapi.reference.DefaultEncoder) CTOR threw exception.
    at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:5095)
    at [internal classes]
Caused by: org.owasp.esapi.errors.ConfigurationException: java.lang.reflect.InvocationTargetException Encoder class (org.owasp.esapi.reference.DefaultEncoder) CTOR threw exception.
    at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:129)
    at org.owasp.esapi.ESAPI.encoder(ESAPI.java:101)
    .
    .
    .
    at sun.reflect.GeneratedMethodAccessor521.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.apache.wink.server.internal.handlers.InvokeMethodHandler.handleRequest(InvokeMethodHandler.java:63)
    ... 1 more
Caused by: java.lang.reflect.InvocationTargetException
    at sun.reflect.GeneratedMethodAccessor522.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:86)
    ... 8 more
Caused by: org.owasp.esapi.errors.ConfigurationException: java.lang.ClassNotFoundException: org.owasp.esapi.reference.JavaLogFactory LogFactory class (org.owasp.esapi.reference.JavaLogFactory) must be in class path.
    ... 17 more
Caused by: java.lang.ClassNotFoundException: org.owasp.esapi.reference.JavaLogFactory
    at com.ibm.ws.classloading.internal.AppClassLoader.findClassCommonLibraryClassLoaders(AppClassLoader.java:569)
    at [internal classes]
    at java.lang.ClassLoader.loadClass(ClassLoader.java:351)
    at java.lang.Class.forName0(Native Method)
    at java.lang.Class.forName(Class.java:264)
    at org.owasp.esapi.util.ObjFactory.loadClassByStringName(ObjFactory.java:158)
    at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:81)
    ... 15 more

如果我更改esapi.properties并复制https://raw.githubusercontent.com/esapi/esapi-java-legacy/develop/configuration/esapi/esapi.properties,classnotfoundexception消失,我得到nullpointerexception异常:

[ERROR   ] SRVE0315E: An exception occurred: java.lang.Throwable: org.owasp.esapi.errors.ConfigurationException: java.lang.reflect.InvocationTargetException Encoder class (org.owasp.esapi.reference.DefaultEncoder) CTOR threw exception.
    at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:5095)
    at [internal classes]
Caused by: org.owasp.esapi.errors.ConfigurationException: java.lang.reflect.InvocationTargetException Encoder class (org.owasp.esapi.reference.DefaultEncoder) CTOR threw exception.
    at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:129)
    at org.owasp.esapi.ESAPI.encoder(ESAPI.java:101)
    .
    .
    .
    at sun.reflect.GeneratedMethodAccessor522.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.apache.wink.server.internal.handlers.InvokeMethodHandler.handleRequest(InvokeMethodHandler.java:63)
    ... 1 more
Caused by: java.lang.reflect.InvocationTargetException
    at sun.reflect.GeneratedMethodAccessor523.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:86)
    ... 8 more
Caused by: java.lang.ExceptionInInitializerError
    ... 20 more
Caused by: java.lang.NullPointerException
    ... 22 more
Javaesapi

暂无答案!

目前还没有任何答案,快来回答吧!

我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备2022004421号-2 NULL123 https://www.null123.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com