Hello Oleg

The development is in progress and it will take 2 or 3 months more. If you need the firewall you can use the version 1 from ESAPI 2.0GA. Notice ModSecurity rules are not supported in that version. But, it is very easy to create rules for it. let me know if you need any help with that.

Regards,
Juan Carlos Calderon

On Thu, Jun 16, 2011 at 6:49 PM, Oleg Gryb <oleg_gryb@yahoo.com> wrote:
Can anyone please provide more data on this Java project? In particularly I need
to know:

1. Is it stable enough to be used in production?
2. If it's not, do you have any timelines for the first version that can be used
in prod?

In general, I think it would be very useful for expanding the applicability of
mod-security.

Thanks,
Oleg.



----- Original Message ----
> From: Juan Carlos Calderon Rojas <juan.calderon@softtek.com>
> To: "mod-security-developers@lists.sourceforge.net"
> Sent: Fri, June 3, 2011 6:18:56 AM
> Subject: Re: [Mod-security-developers] ModSecurity for Java
>
> Yes I have, although as the implementations are different I guess there is a
>bug  or something on the original code of  OWASP Java WAF.
>
> I will leave  that part to later on and make some more progress on the
>evaluation of the  rules, keep you posted
>
> Thanks,
> Juan  Carlos
>
> ________________________________________
> De: Ryan Barnett [RBarnett@trustwave.com]
> Enviado el:  jueves, 02 de junio de 2011 07:28 a.m.
> Para: mod-security-developers@lists.sourceforge.net
> Asunto:  Re: [Mod-security-developers] ModSecurity for Java
>
> Hey Juan  Carlos,
> Thanks for the update!  Have you looked at the  "MsHttpServletResponse.java"
>code from the old ModSecurity for Java  project?
> http://www.modsecurity.org/download/msj-m3c.war
>
> Maybe that  would help.
>
> -Ryan
>
> From: Juan calderon <juan.calderon@owasp.org<mailto:juan.calderon@owasp.org>>
> Reply-To:
>"mod-security-developers@lists.sourceforge.net<mailto:mod-security-developers@lists.sourceforge.net>"
>
><mod-security-developers@lists.sourceforge.net<mailto:mod-security-developers@lists.sourceforge.net>>
>
> Date:  Thu, 2 Jun 2011 00:51:39 -0500
> To:
>"mod-security-developers@lists.sourceforge.net<mailto:mod-security-developers@lists.sourceforge.net>"
>
><mod-security-developers@lists.sourceforge.net<mailto:mod-security-developers@lists.sourceforge.net>>
>
> Subject:  [Mod-security-developers] ModSecurity for Java
>
> Hello Guys
>
> Just a  little update, Rule parser for this project is already working and
>supporting  the 4 directives (SecRuleEngine, SecRule, SecRequestBodyAccess,
>SecResponseBodyAccess ) of Rule Language Porting Spec Level 1 :)
>
> I am  struggling to get the Response variables working, I always get an empty
>string  for the response body buffer :(, can anyone give me some support on
>this one, I might not be using the ReponseWrapper  correctly.
>
> Regards,
> Juan Carlos  Calderon
>
> ________________________________
> This transmission may  contain information that is privileged, confidential,
>and/or exempt from  disclosure under applicable law. If you are not the intended
>recipient, you are  hereby notified that any disclosure, copying, distribution,
>or use of the  information contained herein (including any reliance thereon) is
>STRICTLY  PROHIBITED. If you received this transmission in error, please
>immediately  contact the sender and destroy the material in its entirety,
>whether in  electronic or hard copy  format.
>
>
> ------------------------------------------------------------------------------
> Simplify  data backup and recovery for your virtual environment with  vRanger.
> Installation's a snap, and flexible recovery options mean your data  is safe,
> secure and there when you need it. Data protection magic?
> Nope -  It's vRanger. Get your free trial download  today.
> http://p.sf.net/sfu/quest-sfdev2dev
> _______________________________________________
> mod-security-developers  mailing list
> mod-security-developers@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity  Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php
> ------------------------------------------------------------------------------
> Simplify  data backup and recovery for your virtual environment with  vRanger.
> Installation's a snap, and flexible recovery options mean your data  is safe,
> secure and there when you need it. Discover what all the cheering's  about.
> Get your free trial download today.
> http://p.sf.net/sfu/quest-dev2dev2
> _______________________________________________
> mod-security-developers  mailing list
> mod-security-developers@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/mod-security-developers
> ModSecurity  Services from Trustwave's SpiderLabs:
> https://www.trustwave.com/spiderLabs.php
>

------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________
mod-security-developers mailing list
mod-security-developers@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-developers
ModSecurity Services from Trustwave's SpiderLabs:
https://www.trustwave.com/spiderLabs.php