Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ClassNotFoundException: org.owasp.esapi.reference.accesscontrol.DefaultAccessController AccessController class #297

Closed
meg23 opened this issue Nov 13, 2014 · 2 comments

Comments

@meg23
Copy link

meg23 commented Nov 13, 2014

From taringamberini on January 09, 2013 11:22:09

What steps will reproduce the problem? 1. System.out.println("ESAPI.accessController found: " + ESAPI.accessController());
without setting the custom directory but putting it in WEB-INF/classes

What is the expected output?
Loading configuration files.

What do you see instead?
Caused by: org.owasp.esapi.errors.ConfigurationException: java.lang.ClassNotFoundException: org.owasp.esapi.reference.accesscontrol.DefaultAccessController AccessController class (org.owasp.esapi.reference.accesscontrol.DefaultAccessController) must be in class path.
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:108)
at org.owasp.esapi.ESAPI.accessController(ESAPI.java:85) What version of the product are you using? On what operating system? esapi-2.0.1 checked out from tags\esapi-2.0.1 Does this issue affect only a specified browser or set of browsers? Browser indipendent. Please provide any additional information below. In
org.owasp.esapi.reference.DefaultSecurityConfiguration

change from
public static final String DEFAULT_ACCESS_CONTROL_IMPLEMENTATION = "org.owasp.esapi.reference.accesscontrol.DefaultAccessController"

to
public static final String DEFAULT_ACCESS_CONTROL_IMPLEMENTATION = "org.owasp.esapi.reference.DefaultAccessController"

clearly because DefaultAccessController is in org.owasp.esapi.reference package and not in the org.owasp.esapi.reference.accesscontrol one.

Best regards,
Tarin

Tarin Gamberini
Regione Emilia-Romagna.it
www.taringamberini.com

Original issue: http://code.google.com/p/owasp-esapi-java/issues/detail?id=291

@xeno6696
Copy link
Collaborator

I intended on testing this change by using a classloader in test, but the fields are not part of the interface, and making them part of the interface would be silly. @kwwall if you think this one's worth the effort, I can write that test, but from what I've read the AccesController is an experimental feature in the first place.

@kwwall
Copy link
Contributor

kwwall commented Jul 29, 2017 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants