Provide page on Java security libraries

[jgadsden]

Summary :

Adds page for the OWASP Java security libraries:

• OWASP Java Encoder project
• OWASP Java HTML Sanitizer project
• OWASP JSON Sanitizer project

Description for the changelog :

Add Java security libraries

Declaration:

Thanks for submitting a pull request, please make sure:

• content meets the license for this project
• you have read the contribution guide and agree to the Code of Conduct
• either no AI-generated content has been used in this pull request
• or any use of AI in this pull request has been disclosed below:
  • AI Tools: [e.g. GitHub CoPilot, ChatGPT, JetBrains Junie, etc]
  • LLMs and versions: [e.g. GPT-4.1, Claude Haiku 4.5, Gemini 2.5 Pro, etc]
  • Prompts: [Summarize the key prompts or instructions given to the AI tools]

Other info :

Closes #181

[grimley517]

This seems to be housekeeping rather than a page addition

[jgadsden]

yes, good point @grimley517 , I am still working on the actual content, just rather slowly

[jgadsden]

did you mind reviewing this @grimley517 ? Much appreciated if you wanted to, as you showed interest

[kwwall]

@jgadsden - So, a bit late to the party (my apologies; I get flooded with git notifications so am way behind,), but I had a question.

Are these Java security libraries supposed to be limited to OWASP libraries or to any security library? Because if it is any security library, I'd recommend Spring Security library, Apache Shiro, and Google Tink (for Java). And if it's meant to only be OWASP libraries, what about OWASP AntiSamy and OWASP ESAPI? I know; I might be a little biased on ESAPI, but it has much that these others don't offer such as validation, safe logging, etc. Long ago, I wrote "Should I use ESAPI?". I think it is worth a read, at least to see what Java security libraries I recommended to see that my bias is too unreasonable.

Best regards!