| title | displaytext | layout | tab | order | tags |
|---|---|---|---|---|---|
whatididwithesapi |
What I did with ESAPI |
true |
2 |
esapi |
-
I used ESAPI for Java with Google AppEngine. I used it for simple validation and encoding. --Jeff
-
I used ESAPI for PHP with a custom web 2.0 corporate knowledge management application, made up of many open source and commercial applications integrated to work together. I added an organization- and application-specific "Adapter" control to wrap calls to the other ESAPI controls. --Mike
-
I used ESAPI for Java’s "Logger" control to make it easier for a US Government customer to meet C&A requirements. --Dave
-
I used ESAPI for Java to build a low risk web application that was over 250,000+ lines of code in size. --Jim
-
I used ESAPI for Java's "Authenticator" to replace a spaghetti-like mechanism in a legacy financial services web application. In hindsight I should have used the application-specific "Adapter" pattern mentioned by Mike above. The organization also uses the ESAPI Encryptor as an interface to a hardware security module. --Roman
-
I use ESAPI to be our security package for all our product, this way we can set one standard for all products. --Yair
-
I use ESAPI for Java to educate developers about application security principals at several of the world’s largest organizations. --Jim