堆栈内存溢出
  简体   繁体   English

在Unix服务器中使用Shell脚本时,esapi jar在控制台上放置一些消息(系统输出)

[英]When using shell script in unix server, esapi jar puts some message (system out) on console

 原文  2016-02-10 20:30:54       shell/ unix/ esapi

问题描述

When using any shell script in unix server, I am able to see esapi jar puts some message on console making it little difficult to see the output of that script. 在unix服务器中使用任何shell脚本时,我都能看到esapi jar在控制台上放了一些消息,这使得查看该脚本的输出变得有点困难。 ESAPI jar has some sysout in it. ESAPI jar中有一些sysout。 Is anyone aware if there is any way to get rid of it or if there is new jar which has already removed it? 是否有人知道有什么办法可以摆脱它,或者是否有新的罐子将其移除?

2 个解决方案

解决方案1
 1  2016-02-11 19:01:30

Thanks avgvstvs. 谢谢avgvstvs。 Even I got similar reply from Kevin Wall. 甚至我也从凯文·沃尔得到了类似的答复。

This is really somewhat of a catch-22 situation. 这确实是22级的情况。 This verbose output that you refer to comes from the DefaultSecurityConfiguration class as it is searching for the correct ESAPI.properties and validation.properties files to use. 您引用的此详细输出来自DefaultSecurityConfiguration类,因为它正在搜索要使用的正确ESAPI.properties和validation.properties文件。 The catch-22 is that ESAPI can use either log4j or java.util.logging, but it doesn't know which is being used until if finds and parses the ESAPI.properties file (which can be located in many different places). 问题22:ESAPI可以使用log4j或java.util.logging,但是直到找到并解析ESAPI.properties文件(可以位于许多不同的位置),它才知道正在使用哪个。

Thus we can't make these "debug" or less verbose logging because as people using ESAPI, especially for the first time, often have problems with ESAPI either not being able to find their ESAPI.properties file or having it locate and use a different on than what they intended. 因此,我们无法进行这些“调试”或更详细的记录,因为当使用ESAPI的人们(尤其是第一次使用ESAPI的人们)经常遇到ESAPI的问题,要么找不到他们的ESAPI.properties文件,要么让它找到并使用其他文件超出了他们的预期。 In particular, we can't rely on using the logger that ESAPI specifies because that information may not have been parsed yet in the ESAPI.properties file. 特别是,我们不能依赖使用ESAPI指定的记录器,因为该信息可能尚未在ESAPI.properties文件中进行解析。 (Also, doing so would more tightly couple the ESAPI logger to the ESAPI configuration, something that we would like to avoid. (此外,这样做会更紧密地将ESAPI记录器耦合到ESAPI配置,这是我们希望避免的事情。

Probably about the best we could do in this case would be to NOT output these messages if some System property was set, eg, if the property 在这种情况下,我们可能要做的最好的事情就是如果设置了某些System属性(例如,如果该属性),则不输出这些消息 

esapi.configuration.errormessages

were set to "quiet" or "off", etc. then we could refrain from outputting this. 设置为“安静”或“关闭”等,那么我们可以避免输出该内容。 Alternately, we could provide a static method on DefaultSecurityConfiguration that disables the special logging. 或者,我们可以在DefaultSecurityConfiguration上提供一个静态方法来禁用特殊日志记录。

But given the trouble that people have with getting their intended ESAPI.properties file used out-of-the-box, I would definitely want to keep the DEFAULT so that it prints these messages. 但是考虑到人们在使用现成的ESAPI.properties文件时会遇到麻烦,我绝对希望保留DEFAULT以便它打印这些消息。

BTW, I will write up these ideas in the GitHub issue # 198 that deals with it. 顺便说一句,我将在处理该问题的GitHub第198期中写下这些想法。 If anyone has any better ideas, feels free to contribute ideas at: https://github.com/ESAPI/esapi-java-legacy/issues/198 . 如果有任何更好的想法,请随时通过以下网址发表想法: https : //github.com/ESAPI/esapi-java-legacy/issues/198 Also feel free to contribute a pull request that addresses this. 也可以随时提出一个解决此问题的请求请求。 No guarantees that we will accept it, but if someone helps out, it is more likely to get attention than if not. 不能保证我们会接受它,但是如果有人提供帮助,它会比不接受时更引起关注。

Best regards, -kevin 最好的问候-kevin

解决方案2
 0  2016-02-11 12:51:48

This is a known issue. 这是一个已知问题。 For some of the history from Kevin Wall, 对于凯文·沃尔(Kevin Wall)的一些历史,

This is really somewhat of a catch-22 situation. 这确实是22级的情况。 This verbose output that is refered to comes from the DefaultSecurityConfiguration class as it is searching for the correct ESAPI.properties and validation.properties files to use. 所引用的此详细输出来自DefaultSecurityConfiguration类,因为它正在搜索要使用的正确的ESAPI.properties和validation.properties文件。 The catch-22 is that ESAPI can use either log4j or java.util.logging, but it doesn't know which is being used until it finds and parses the ESAPI.properties file (which can be located in many different places). 问题22是ESAPI可以使用log4j或java.util.logging,但是直到找到并解析ESAPI.properties文件(可以位于许多不同的位置),它才知道正在使用哪个。

Because of this, we can't use the regular ESAPI logging mechanism to control the log level as the ESAPI logger may not have been parsed yet. 因此,我们可能无法使用常规的ESAPI日志记录机制来控制日志级别,因为可能尚未解析ESAPI记录器。

Also, one of the biggest problems that new users to ESAPI ask about in Stack Exchange is how to get ESAPI to use the ESAPI.properties file that they intend it to use. 同样,ESAPI的新用户在Stack Exchange中提出的最大问题之一是如何使ESAPI使用他们打算使用的ESAPI.properties文件。 So because of that, I don't want the default to be silent or that will really excerbate that problem. 因此,因此,我不希望默认值保持沉默,否则我真的会解决这个问题。

There is some proposed changes, but I wouldn't expect anything until the next release. 有一些建议的更改,但是直到下一个发行版我都不会期望有任何更改。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 当我们使用 Shell 脚本 AIX Unix 添加用户时,如何验证 sudoers 中的某些用户? - how to verify some user in sudoers when we add user using Shell script AIX Unix? 在Unix Shell脚本中写出时出现意外的新行 - Unexpected new line when writing out in Unix Shell Script 使用shell脚本找出unix用户名(多个)是否存在 - Find out if unix user names (multiple) exists using shell script Unix Shell脚本可在远程系统上存档文件 - Unix shell script to archive files on Remote system 当我使用 '.' 执行 unix shell 脚本时会发生什么命令? - What happens when I execute a unix shell script using a '.' command? 使用Shell脚本运行Jar - Run Jar Using Shell Script 使用shell脚本运行jar文件时限制kill命令 - Restrict kill commands when running jar file using a shell script 使用 unix shell 脚本/Python 解析 json 类型的文件以找出特定值 - parsing the json kind of file to find out particular values using unix shell script/Python Unix shell 脚本 找出脚本文件所在的目录? - Unix shell script find out which directory the script file resides? 如何在 Unix 控制台或 Mac 终端上运行 shell 脚本? - How to run a shell script on a Unix console or Mac terminal?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM