Move database specific items into WebgoatContext

Update DatabaseUtilities to use a webgoatContext to create a Connection


git-svn-id: http://webgoat.googlecode.com/svn/trunk@138 4033779f-a91e-0410-96ef-6bf7bf53c507

webgoat/main/project/JavaSource/org/owasp/webgoat/session/DatabaseUtilities.java

@@ -63,14 +63,20 @@ public class DatabaseUtilities
     public static Connection makeConnection(WebSession s)
 	    throws ClassNotFoundException, SQLException
     {
-	Class.forName(s.getWebgoatContext().getDatabaseDriver());
+    	return makeConnection(s.getWebgoatContext());
+    }
     
-	String password = s.getWebgoatContext().getDatabasePassword();
+    public static Connection makeConnection(WebgoatContext context)
-	String conn = s.getWebgoatContext().getDatabaseConnectionString();
+    	throws ClassNotFoundException, SQLException
+    {
+	Class.forName(context.getDatabaseDriver());
+
+	String password = context.getDatabasePassword();
+	String conn = context.getDatabaseConnectionString();
 	if (password == null || password.equals("")) {
 		return (DriverManager.getConnection(conn));
 	} else {
-		String user = s.getWebgoatContext().getDatabaseUser();
+		String user = context.getDatabaseUser();
 		return DriverManager.getConnection(conn, user, password);
 	}
     }

webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java

@@ -193,8 +193,6 @@ public class WebSession
 
 	private int previousScreen = ERROR;
 
-	private static boolean databaseBuilt = false;
-
 	private static Connection connection = null;
 
 	private int hintNum = -1;
@@ -264,16 +262,6 @@ public class WebSession
 		this.context = context;
 		course = new Course();
 		course.loadCourses( enterprise, context, "/" );
-
-		// FIXME: hack to save context for web service calls
-		DatabaseUtilities.servletContextRealPath = context.getRealPath("/");
-		System.out.println("Context Path: " + DatabaseUtilities.servletContextRealPath);
-		// FIXME: need to solve concurrency problem here -- make tables for this user
-		if ( !databaseBuilt )
-		{
-			new RefreshDBScreen().refreshDB( this );
-			databaseBuilt = true;
-		}
 	}
 
 	public static synchronized Connection getConnection(WebSession s) 

webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebgoatContext.java

@@ -1,7 +1,11 @@
 package org.owasp.webgoat.session;
 
+import java.sql.Connection;
+
 import javax.servlet.http.HttpServlet;
 
+import org.owasp.webgoat.lessons.admin.RefreshDBScreen;
+
 public class WebgoatContext {
 
 	public final static String DATABASE_CONNECTION_STRING = "DatabaseConnectionString";
@@ -12,6 +16,8 @@ public class WebgoatContext {
 
 	public final static String DATABASE_PASSWORD = "DatabasePassword";
 
+	private static boolean databaseBuilt = false;
+	
 	private String databaseConnectionString;
 
 	private String realConnectionString = null;
@@ -31,6 +37,22 @@ public class WebgoatContext {
 		databaseDriver = servlet.getInitParameter(DATABASE_DRIVER);
 		databaseUser = servlet.getInitParameter(DATABASE_USER);
 		databasePassword = servlet.getInitParameter(DATABASE_PASSWORD);
+		
+		// FIXME: hack to save context for web service calls
+		DatabaseUtilities.servletContextRealPath = servlet.getServletContext().getRealPath("/");
+		System.out.println("Context Path: " + DatabaseUtilities.servletContextRealPath);
+		// FIXME: need to solve concurrency problem here -- make tables for this user
+		if ( !databaseBuilt ) {
+			try {
+				Connection conn = DatabaseUtilities.makeConnection(this);
+				new CreateDB().makeDB(conn);
+				conn.close();
+				databaseBuilt = true;
+			} catch (Exception e) {
+				e.printStackTrace();
+			}
+		}
+
 	}
 
 	/**