问题描述
我在执行以下代码时收到以下错误。它之前工作,现在突然开始抛出这个异常。
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.Encoder;
import org.owasp.esapi.codecs.Codec;
import org.owasp.esapi.codecs.OracleCodec;
public List<SearchUserBean> getSearchUserResult(SearchUserBean searchUserBean){
Codec ORACLE_CODEC = new OracleCodec();
String WHERE="WHERE be.EMPLOYER_ID =comp.business_asso ";
if (searchUserBean.getEmailAddress()!=null && !(searchUserBean.getEmailAddress().isEmpty())) {
WHERE +="AND upper(be.EMAIL_ID) LIKE '" +ESAPI.encoder().encodeForsql( ORACLE_CODEC,searchUserBean.getEmailAddress().replace("*","%").toupperCase().trim()) +"' ";
}
return null;
}收到错误。
org.owasp.esapi.errors.ConfigurationException: java.lang.reflect.InvocationTargetException Encoder class (org.owasp.esapi.reference.DefaultEncoder) CTOR threw exception.
at org.owasp.esapi.util.ObjFactory.make(ObjFactory.java:129)
at org.owasp.esapi.ESAPI.encoder(ESAPI.java:99)
at com.beacon.search.dao.impl.SearchUserDaoImpl.getSearchUserResult(SearchUserDaoImpl.java:73)
at com.beacon.search.services.impl.SearchUserServiceImpl.getSearchUserResult(SearchUserServiceImpl.java:68)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at com.sun.proxy.$Proxy294.getSearchUserResult(UnkNown Source)
at com.beacon.search.controller.SearchUserController.getSearchUserResult(SearchUserController.java:133)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.springframework.web.method.support.invocableHandlerMethod.invoke(invocableHandlerMethod.java:219)
at org.springframework.web.method.support.invocableHandlerMethod.invokeForRequest(invocableHandlerMethod.java:132)
at org.springframework.web.servlet.mvc.method.annotation.ServletinvocableHandlerMethod.invokeAndHandle(ServletinvocableHandlerMethod.java:104)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:745)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:686)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:80)
at org.springframework.web.servlet.dispatcherServlet.dodispatch(dispatcherServlet.java:925)
at org.springframework.web.servlet.dispatcherServlet.doService(dispatcherServlet.java:856)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:936)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.
解决方法
@Vidyuth - 我有几个问题。
- 上次运行时您使用的是什么版本的 ESAPI,您现在使用的是什么版本?
- 在您的 ESAPI.properties 文件中,您将“ESAPI.Logger”属性设置为什么?
我问的一个原因是因为在 ESAPI 2.2.1.0 版本中,一些日志记录被重组,所以如果你来自早期版本并且没有更新 ESAPI.Logger,事情就会崩溃。以下是 ESAPI 2.2.1.0 发行说明的一部分:
*** IMPORTANT WORKAROUND for 2.2.1.0 ESAPI Logging ***
Lastly,if you try to use the new ESAPI 2.2.1.0 logging,you will notice that you need to change ESAPI.Logger and also possibly provide some other logging properties as well. This is because the logger packages were reorganized to improve maintainability,but we failed to mention it. To use ESAPI logging in ESAPI 2.2.1.0 (and later),you MUST set the ESAPI.Logger property to one of:
org.owasp.esapi.logging.java.JavaLogFactory - To use the new default,java.util.logging (JUL)
org.owasp.esapi.logging.log4j.Log4JLogFactory - To use the end-of-life Log4J 1.x logger
org.owasp.esapi.logging.slf4j.Slf4JLogFactory - To use the new (to release 2.2.0.0) SLF4J logger