Move the default property names and values out of a reference implemenation class

[kwwall]

All (well, most, at least) of the ESAPI property names defined in ESAPI.properties are defined in the reference implementation class org.owasp.esapi.reference.DefaultSecurityConfiguration which is just (in hindsight at least) was (how can I say this nicely?) a less than optimal design decision. The property names (and some of the default property values) are defined there as public static final String objects. This then causes one component that wants to use one of the new SecurityConfiguration methods such as getStringProp(String propName) to reference the implementation class org.owasp.esapi.reference.DefaultSecurityConfiguration leading to undesired tight coupling of implementations across components. This wasn't a problem before we added the getStringProp(), getIntProp(), or getBooleanProp() as each property had a dedicated method, but that in itself soon became unwieldy.

This is a proposal that these public properties get moved elsewhere (proposed: org.owasp.esapi.PropNames) and that we mark the current ones in DefaultSecurityConfiguration as deprecated and schedule them for removal in a future ESAPI release. (Note: This was part of a fork that I was working on privately in BitBucket that a few people reviewed and I mostly plan on stealing from that work.)