Direct Object References
This simple web application shows how the OWASP Enterprise Security API can mask direct references and hide them behind unpredictable indirect references.
Direct Download
The following file references are direct references using the file name and will not work since this is not a valid entry in the reference map.