diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/WebGoat.java b/webgoat-container/src/main/java/org/owasp/webgoat/WebGoat.java index b537389d9..7c5ef1213 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/WebGoat.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/WebGoat.java @@ -36,10 +36,7 @@ import org.owasp.webgoat.plugins.PluginClassLoader; import org.owasp.webgoat.plugins.PluginEndpointPublisher; import org.owasp.webgoat.plugins.PluginsExtractor; import org.owasp.webgoat.plugins.PluginsLoader; -import org.owasp.webgoat.session.Course; -import org.owasp.webgoat.session.UserTracker; -import org.owasp.webgoat.session.WebSession; -import org.owasp.webgoat.session.WebgoatContext; +import org.owasp.webgoat.session.*; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.SpringApplication; @@ -87,6 +84,12 @@ public class WebGoat extends SpringBootServletInitializer { return new WebSession(webgoatContext); } + @Bean + @Scope(value = "session", proxyMode = ScopedProxyMode.TARGET_CLASS) + public UserSessionData userSessionData() { + return new UserSessionData("test","data"); + } + @Bean public PluginEndpointPublisher pluginEndpointPublisher(ApplicationContext applicationContext) { return new PluginEndpointPublisher(applicationContext); diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/endpoints/AssignmentEndpoint.java b/webgoat-container/src/main/java/org/owasp/webgoat/endpoints/AssignmentEndpoint.java index b1cbd9544..d26b3a199 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/endpoints/AssignmentEndpoint.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/endpoints/AssignmentEndpoint.java @@ -26,6 +26,7 @@ package org.owasp.webgoat.endpoints; import org.owasp.webgoat.lessons.AttackResult; +import org.owasp.webgoat.session.UserSessionData; import org.owasp.webgoat.session.UserTracker; import org.owasp.webgoat.session.WebSession; import org.springframework.beans.factory.annotation.Autowired; @@ -47,6 +48,8 @@ public abstract class AssignmentEndpoint extends Endpoint { private UserTracker userTracker; @Autowired private WebSession webSession; + @Autowired + private UserSessionData userSessionData; //// TODO: 11/13/2016 events better fit? @@ -63,6 +66,10 @@ public abstract class AssignmentEndpoint extends Endpoint { return webSession; } + protected UserSessionData getUserSessionData() { + return userSessionData; + } + @Override public final String getPath() { return this.getClass().getAnnotationsByType(Path.class)[0].value(); diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/session/UserSessionData.java b/webgoat-container/src/main/java/org/owasp/webgoat/session/UserSessionData.java new file mode 100644 index 000000000..bed4b2b94 --- /dev/null +++ b/webgoat-container/src/main/java/org/owasp/webgoat/session/UserSessionData.java @@ -0,0 +1,32 @@ +package org.owasp.webgoat.session; + +import java.util.HashMap; + +/** + * Created by jason on 1/4/17. + */ +public class UserSessionData { + + private HashMap userSessionData = new HashMap<>(); + + public UserSessionData() { + } + + public UserSessionData(String key, String value) { + setValue(key,value); + } + + //GETTERS & SETTERS + public String getValue(String key) { + return userSessionData.get(key); + } + + public void setValue(String key, String value) { + if (userSessionData.containsKey(key)) { + userSessionData.replace(key,value); + } else { + userSessionData.put(key,value); + } + } + +}