Having problems with your account or logging in?
A lot of changes are happening in the community right now. Some may affect you. READ MORE HERE
Highlighted
mike_se Contributor.
Contributor.
265 views

PPM Support Tip: When seeing ESAPI.properties messages, these are just warnings

A new KCS article was published: KM00459800

 

Some clients have reported seeing ESAPI.properties in the serverLog.txt file.

For example, when opening a Workbench the following was seen:

For example:

"Attempting to load ESAPI.properties via file io.
Attempting to load ESAPI.properties via file io.
Found in 'org.owasp.esapi.resources' directory: C:\PPM\server\HPPPM\esapi-props\ESAPI.properties
Loaded 'ESAPI.properties' properties file
Attempting to load validation.properties via file io.
Attempting to load validation.properties via file io.
Found in 'org.owasp.esapi.resources' directory: C:\PPM\server\HPPPM\esapi-props\validation.properties
Loaded 'validation.properties' properties file
SecurityConfiguration for Encryptor.CipherTransformation not found in ESAPI.properties. Using default: AES/CBC/PKCS5Padding
SecurityConfiguration for Logger.LogApplicationName not found in ESAPI.properties. Using default: true
SecurityConfiguration for Logger.LogServerIP not found in ESAPI.properties. Using default: true
SecurityConfiguration for Logger.ApplicationName not found in ESAPI.properties. Using default: DefaultName
SecurityConfiguration for Logger.ApplicationName not found in ESAPI.properties. Using default: DefaultName
SecurityConfiguration for Encryptor.RandomAlgorithm not found in ESAPI.properties. Using default: SHA1PRNG"

 

If troubleshooitng an issue, ESAPI is very likely unrelated with the issue. To be sure ESAPI is not the issue, clear the history files in browser/Java.

ESAPI is an external security library (mostly used to prevent XSS attacks; see Google and Open Web Application Security Project - OWSAP sites for details).

The result of this extra layer of security is very verbose logging for Project and Portfolio Management (PPM).

“HP Support
If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.”
Labels (1)
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.