...
http://owasp-esapi-java.googlecode.com/svn/trunk_doc/latest/org/owasp/esapi/AccessController.html
Learn More:
‒OWASP Top 10-2007 on Insecure Dir Object References
http://www.owasp.org/index.php/Top_10_2007-Insecure_Direct_Object_Reference ‒ESAPI Access Reference Map ‒ESAPI Access Control API (See isAuthorizedForData(), isAuthorizedForFile(), isAuthorizedForFunction())
‒CWE Entry 639 on Insecure Direct Object Reference
http://cwe.mitre.org/data/definitions/639.html ‒CWE Entry 22 on Path Traversal (an example of a Direct Object Reference attack)