diff options
author | st782s <statta@research.att.com> | 2017-11-22 11:41:10 -0500 |
---|---|---|
committer | Sunder Tattavarada <statta@research.att.com> | 2017-11-28 20:24:36 +0000 |
commit | ed07ebfbce4031ef4dfbd2f42147f6a7b351aeb8 (patch) | |
tree | ee4a6e53f01f15057f32b86f271c9b6d02b25615 /ecomp-sdk/epsdk-app-overlay/src/main/resources | |
parent | 418d7273d6d8f6fed2698df89c9910be8498a677 (diff) |
Harden code
Issue-ID: PORTAL-145,PORTAL-119
Harden code to address SQL injecton, XSS vulnerabilities; Separate
docker images for portal, sdk app and DMaaPBC ui
Change-Id: I85fad4d3fcee3243207b8f0dfe21beaa41602204
Signed-off-by: st782s <statta@research.att.com>
Diffstat (limited to 'ecomp-sdk/epsdk-app-overlay/src/main/resources')
-rw-r--r-- | ecomp-sdk/epsdk-app-overlay/src/main/resources/ESAPI.properties | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/ecomp-sdk/epsdk-app-overlay/src/main/resources/ESAPI.properties b/ecomp-sdk/epsdk-app-overlay/src/main/resources/ESAPI.properties index 290dbff3..d06d602c 100644 --- a/ecomp-sdk/epsdk-app-overlay/src/main/resources/ESAPI.properties +++ b/ecomp-sdk/epsdk-app-overlay/src/main/resources/ESAPI.properties @@ -32,8 +32,6 @@ ESAPI.Encryptor=org.owasp.esapi.reference.crypto.JavaEncryptor ESAPI.Executor=org.owasp.esapi.reference.DefaultExecutor ESAPI.HTTPUtilities=org.owasp.esapi.reference.DefaultHTTPUtilities ESAPI.IntrusionDetector=org.owasp.esapi.reference.DefaultIntrusionDetector -# Log4JFactory Requires log4j.xml or log4j.properties in classpath -ESAPI.Logger=org.owasp.esapi.reference.Log4JLogFactory #ESAPI.Logger=org.owasp.esapi.reference.JavaLogFactory ESAPI.Randomizer=org.owasp.esapi.reference.DefaultRandomizer ESAPI.Validator=org.owasp.esapi.reference.DefaultValidator @@ -42,9 +40,9 @@ ESAPI.Validator=org.owasp.esapi.reference.DefaultValidator # ESAPI Authenticator # Authenticator.AllowedLoginAttempts=3 -Authenticator.MaxOldPasswordHashes=13 +#Authenticator.MaxOldPasswordHashes=13 Authenticator.UsernameParameterName=username -Authenticator.PasswordParameterName=password +#Authenticator.PasswordParameterName=password # RememberTokenDuration (in days) Authenticator.RememberTokenDuration=14 # Session Timeouts (in minutes) |