|
Deprecated Methods |
org.owasp.esapi.reference.accesscontrol.ExperimentalAccessController.assertAuthorizedForData(String, Object)
|
org.owasp.esapi.reference.DefaultAccessController.assertAuthorizedForFile(String)
|
org.owasp.esapi.reference.accesscontrol.ExperimentalAccessController.assertAuthorizedForFile(String)
|
org.owasp.esapi.reference.accesscontrol.ExperimentalAccessController.assertAuthorizedForFunction(String)
|
org.owasp.esapi.reference.accesscontrol.ExperimentalAccessController.assertAuthorizedForService(String)
|
org.owasp.esapi.reference.accesscontrol.ExperimentalAccessController.assertAuthorizedForURL(String)
|
org.owasp.esapi.crypto.CryptoHelper.computeDerivedKey(SecretKey, int, String)
UseKeyDerivationFunction instead. This method will be removed as of
ESAPI release 2.1 so if you are using this, please change your code. |
org.owasp.esapi.Encryptor.decrypt(String)
As of 1.4.2; use Encryptor.decrypt(CipherText) instead, which
also ensures message authenticity. This method will be
completely removed as of the next major release or point
release (3.0 or 2.1, whichever comes first) as per OWASP
deprecation policy. |
org.owasp.esapi.reference.crypto.JavaEncryptor.decrypt(String)
|
org.owasp.esapi.filters.SecurityWrapperResponse.encodeRedirectUrl(String)
in servlet spec 2.1. Use
SecurityWrapperResponse.encodeRedirectUrl(String) instead. |
org.owasp.esapi.filters.SecurityWrapperResponse.encodeUrl(String)
in servlet spec 2.1. Use
SecurityWrapperResponse.encodeURL(String) instead. |
org.owasp.esapi.Encryptor.encrypt(String)
As of 1.4.2; use Encryptor.encrypt(PlainText) instead, which
also ensures message authenticity. This method will be
completely removed as of the next major release or point
release (3.0 or 2.1, whichever comes first) as per OWASP
deprecation policy. |
org.owasp.esapi.reference.crypto.JavaEncryptor.encrypt(String)
|
org.owasp.esapi.waf.configuration.AppGuardianConfiguration.getLogDirectory()
|
org.owasp.esapi.waf.configuration.AppGuardianConfiguration.getLogLevel()
|
org.owasp.esapi.filters.SecurityWrapperRequest.getRealPath(String)
in servlet spec 2.1. Use ServletContext.getRealPath(String) instead. |
org.owasp.esapi.crypto.CipherText.getSerialVersionUID()
Use CipherText.cipherTextVersion instead. Will
disappear as of ESAPI 2.1. |
org.owasp.esapi.reference.accesscontrol.ExperimentalAccessController.isAuthorizedForData(String, Object)
|
org.owasp.esapi.reference.accesscontrol.ExperimentalAccessController.isAuthorizedForFile(String)
|
org.owasp.esapi.reference.accesscontrol.ExperimentalAccessController.isAuthorizedForFunction(String)
|
org.owasp.esapi.reference.accesscontrol.ExperimentalAccessController.isAuthorizedForService(String)
|
org.owasp.esapi.reference.accesscontrol.ExperimentalAccessController.isAuthorizedForURL(String)
|
org.owasp.esapi.filters.SecurityWrapperRequest.isRequestedSessionIdFromUrl()
in servlet spec 2.1. Use SecurityWrapperRequest.isRequestedSessionIdFromURL() instead. |
org.owasp.esapi.reference.crypto.DefaultEncryptedProperties.main(String[])
Use EncryptedPropertiesUtils instead, which allows creating, reading,
and writing encrypted properties. |
org.owasp.esapi.SecurityConfiguration.setCipherTransformation(String)
To be replaced by new class in ESAPI 2.1, but here if you need it
until then. Details of replacement forthcoming to ESAPI-Dev list. |
org.owasp.esapi.waf.configuration.AppGuardianConfiguration.setLogDirectory(String)
|
org.owasp.esapi.waf.configuration.AppGuardianConfiguration.setLogLevel(Level)
|
org.owasp.esapi.filters.SecurityWrapperResponse.setStatus(int, String)
In Servlet spec 2.1. |