esapi-java-legacy
esapi-java-legacy copied to clipboard
ESAPI
Review Access Control packages
From [email protected] on February 06, 2010 11:56:48
There is no javadoc package description (package.html) for the 2 access control related packages, org.owasp.esapi.reference.accesscontrol and org.owasp.esapi.reference.accesscontrol.policyloader. (Note that all the other ESAPI packages have a package description.)
Related, but lower priority is that most of the classes in these two packages have no javadoc.
If these packages are not quite ready for prime time, yet we feel we want to leave them in place, I suggest that we write a package level description that labels them as "experimental" and warn that they should not be used for production level software.
I'm not really sure who to assign this to. Mike Fauzy is listed as the author of most of these classes, but he doesn't show up in the list of those I can assign it to (unless he is 'kfealz'??) below for either Owner or Cc. I found Jeff's name listed as co-author for one class so I'm making him the unlucky stuckee.
Original issue: http://code.google.com/p/owasp-esapi-java/issues/detail?id=107
From [email protected] on February 06, 2010 08:59:23
Added Component-Docs as label.
Labels: Component-Docs
From [email protected] on November 02, 2010 00:38:28
Beta software being dumped on ESAPI is very frustrating.We should resolve this in some way before 2.0GA.
Labels: Milestone-Release2.0
From [email protected] on November 04, 2010 08:27:45
Summary: Review Access Control packages before 2.0GA
Labels: -Priority-Low Priority-High
From [email protected] on July 04, 2014 23:16:18
Renaming this since GA 2.0 has shipped
Summary: Review Access Control packages (was: Review Access Control packages before 2.0GA)
This should just be some simple Javadoc additions (although, I am lowering the priority to medium; I've never seen anyone use this reference implementation, except for perhaps the old 'ESAPI Swingset'.)
