Re: [Mod-security-developers] ModSecurity for Java
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] ModSecurity for Java
|
From: Juan C. C. R. <jua...@so...> - 2011-06-03 13:27:46
|
Yes I have, although as the implementations are different I guess there is a bug or something on the original code of OWASP Java WAF. I will leave that part to later on and make some more progress on the evaluation of the rules, keep you posted Thanks, Juan Carlos ________________________________________ De: Ryan Barnett [RBa...@tr...] Enviado el: jueves, 02 de junio de 2011 07:28 a.m. Para: mod...@li... Asunto: Re: [Mod-security-developers] ModSecurity for Java Hey Juan Carlos, Thanks for the update! Have you looked at the "MsHttpServletResponse.java" code from the old ModSecurity for Java project? http://www.modsecurity.org/download/msj-m3c.war Maybe that would help. -Ryan From: Juan calderon <jua...@ow...<mailto:jua...@ow...>> Reply-To: "mod...@li...<mailto:mod...@li...>" <mod...@li...<mailto:mod...@li...>> Date: Thu, 2 Jun 2011 00:51:39 -0500 To: "mod...@li...<mailto:mod...@li...>" <mod...@li...<mailto:mod...@li...>> Subject: [Mod-security-developers] ModSecurity for Java Hello Guys Just a little update, Rule parser for this project is already working and supporting the 4 directives (SecRuleEngine, SecRule, SecRequestBodyAccess, SecResponseBodyAccess ) of Rule Language Porting Spec Level 1 :) I am struggling to get the Response variables working, I always get an empty string for the response body buffer :(, can anyone give me some support on this one, I might not be using the ReponseWrapper correctly. Regards, Juan Carlos Calderon ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. ------------------------------------------------------------------------------ Simplify data backup and recovery for your virtual environment with vRanger. Installation's a snap, and flexible recovery options mean your data is safe, secure and there when you need it. Data protection magic? Nope - It's vRanger. Get your free trial download today. http://p.sf.net/sfu/quest-sfdev2dev _______________________________________________ mod-security-developers mailing list mod...@li... https://lists.sourceforge.net/lists/listinfo/mod-security-developers ModSecurity Services from Trustwave's SpiderLabs: https://www.trustwave.com/spiderLabs.php |
