From balakrsn...@gmail.com on May 28, 2014 04:57:17

What steps will reproduce the problem? i tried to implement the ESAPI implementation in our application like the below code by adding ESAPI jar and two property files and added the system resource variable pointing to the property files ,

import org.owasp.esapi.Logger;
import org.owasp.esapi.ESAPI;

public class BrandTag extends BodyTagSupport {

private final static Logger logger = (org.owasp.esapi.Logger)ESAPI.getLogger(BrandTag.class);

public int doStartTag() throws javax.servlet.jsp.JspException{

Object sessionObj = pageContext.getSession().getAttribute(getBrandName);

if(getBrandName!= null){

try {

logger.info(Logger.EVENT_SUCCESS,"ESAPI's log: brand received from getBrandName is "+getBrandName);

with this code am able get the log only after restarting the web server. if i made any changes in code and try to publish it, am getting error org.owasp.esapi.reference.Log4JLogger incompatible with org.owasp.esapi.Logger.

i have deployed EAR in DEV server, its working fine. but in RSA while publishing only am getting class type cast error What is the expected output? What do you see instead? What version of the product are you using? On what operating system? Does this issue affect only a specified browser or set of browsers? Please provide any additional information below.

Original issue: http://code.google.com/p/owasp-esapi-java/issues/detail?id=329