ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications. The ESAPI libraries are designed to make it easier for programmers to retrofit security into existing applications. The ESAPI libraries also serve as a solid foundation for new development.
The OWASP CSRFGuard library is integrated through the use of a JavaEE Filter and exposes various automated and manual ways to integrate per-session or pseudo-per-request tokens into HTML.
Nondeterministic pauses in traditional garbage collection (GC) have inhibited Java technology from being a suitable environment for real-time (RT) development. Metronome GC -- part of IBM WebSphere Real Time -- provides deterministic GC behavior that, when combined with other features, enables developers to write hard RT applications in the Java language. The authors describe the approach that Metronome uses for deterministic GC, technical issues involved in developing Metronome, and the tools and facilities available for tuning GC.