A first attempt at internationalization of WebGoat. For complete internationalization WebGoat needs two things:

1. Every text passage/label that appears in lessons must independent of the current language set for WebGoat. 2. Every lesson plan and solutions must be translated for each supported language. Number 1 is achieved by using webgoat/util/WebgoatI18N.java and by having every output routed through this piece of code. You no longer say hints.add("Lesson Hint 1"); or ....addElement("Shopping Cart")) but you in the lesson you say hints.add(WebGoatI18N.get("Lesson Hint1")) or ....addElement(WebGoatI18N.get("Shopping Cart"). Then WebGoatI18N looks up the corresponding string for the language set as the current lanuage and returns it. Number 2 is achieved by having subdirectories in lesson_plans corresponding to every language. That means, a lesson that has been translated to Spanish and German will be found in lesson_plans/English and lesson_plans/Spanish and lesson_plans/German. This is how WebGoat finds out about available languages: in Course.java in loadResources() it looks for lesson plans. Unlike before, now a lesson plan can be found multiple times in different "language" directories. So for every directory the lesson plan is found in, WebGoat associates this language with the lesson and also lets WebGoatI18N load the appropriate WebGoatLabels_$LANGAUGE$.properties file which contains the translations of labels. So this is what you have to do for a new language: First of all, you have to copy and translate every lesson plan that you need in the new language, and then you also have to create a WebGoatLabels_$LANGUAGE$.properties file with that labels that will be used in these lessons. Atm WebGoat crashes throws an exception when a label is missing but this can be sorted out quickly. git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@389 4033779f-a91e-0410-96ef-6bf7bf53c507
2009-10-26 15:58:15 +00:00
parent 59abed1dde
commit 1dc6c799a7
104 changed files with 1223 additions and 488 deletions
--- a/main/project/JavaSource/org/owasp/webgoat/lessons/WeakAuthenticationCookie.java
+++ b/main/project/JavaSource/org/owasp/webgoat/lessons/WeakAuthenticationCookie.java
@ -18,6 +18,7 @@ import org.apache.ecs.html.TH;
 import org.apache.ecs.html.TR;
 import org.apache.ecs.html.Table;
 import org.owasp.webgoat.session.*;
+import org.owasp.webgoat.util.WebGoatI18N;


 /***************************************************************************************************
@ -103,7 +104,7 @@ public class WeakAuthenticationCookie extends LessonAdapter
 			}
 			else
 			{
-				s.setMessage("Invalid cookie");
+				s.setMessage(WebGoatI18N.get("InvalidCookie"));
 				s.eatCookies();
 			}
 		}
@ -141,14 +142,14 @@ public class WeakAuthenticationCookie extends LessonAdapter
 			if (loginID != "")
 			{
 				Cookie newCookie = new Cookie(AUTHCOOKIE, loginID);
-				s.setMessage("Your identity has been remembered");
+				s.setMessage(WebGoatI18N.get("IdentityRemembered"));
 				s.getResponse().addCookie(newCookie);

 				return (username);
 			}
 			else
 			{
-				s.setMessage("Invalid username and password entered.");
+				s.setMessage(WebGoatI18N.get("InvalidUsernameAndPassword"));
 			}
 		}

@ -168,7 +169,7 @@ public class WeakAuthenticationCookie extends LessonAdapter

 		if (logout)
 		{
-			s.setMessage("Goodbye!  Your password has been forgotten");
+			s.setMessage(WebGoatI18N.get("PasswordForgotten"));
 			s.eatCookies();

 			return (makeLogin(s));
@ -185,7 +186,7 @@ public class WeakAuthenticationCookie extends LessonAdapter
 			if ((user != null) && (user.length() > 0)) { return (makeUser(s, user, "PARAMETERS")); }
 		} catch (Exception e)
 		{
-			s.setMessage("Error generating " + this.getClass().getName());
+			s.setMessage(WebGoatI18N.get("ErrorGenerating") + this.getClass().getName());
 			e.printStackTrace();
 		}

@ -250,27 +251,16 @@ public class WeakAuthenticationCookie extends LessonAdapter
 	protected List<String> getHints(WebSession s)
 	{
 		List<String> hints = new ArrayList<String>();
-		hints.add("The server authenticates the user using a cookie, if you send the right cookie.");
-		hints.add("Is the AuthCookie value guessable knowing the username and password?");
-		hints.add("Add 'AuthCookie=********;' to the Cookie: header using "
-				+ "<A href=\"http://www.owasp.org/development/webscarab\">WebScarab</A>.");
-		hints.add("After logging in as webgoat a cookie is added. 65432ubphcfx<br/>"
-				+ "After logging in as aspect a cookie is added. 65432udfqtb<br/>"
-				+ "Is there anything similar about the cookies and the login names?");
+		hints.add(WebGoatI18N.get("WeakAuthenticationCookieHints1"));
+		hints.add(WebGoatI18N.get("WeakAuthenticationCookieHints2"));
+		hints.add(WebGoatI18N.get("WeakAuthenticationCookieHints3"));
+		hints.add(WebGoatI18N.get("WeakAuthenticationCookieHints4"));
+		
+		
 		return hints;
 	}

-	/**
-	 * Gets the instructions attribute of the WeakAuthenticationCookie object
-	 * 
-	 * @return The instructions value
-	 */
-	public String getInstructions(WebSession s)
-	{
-		String instructions = "Login using the webgoat/webgoat account to see what happens. You may also try aspect/aspect. When you understand the authentication cookie, try changing your identity to alice.";

-		return (instructions);
-	}

 	private final static Integer DEFAULT_RANKING = new Integer(90);

@ -300,7 +290,7 @@ public class WeakAuthenticationCookie extends LessonAdapter
 	{
 		ElementContainer ec = new ElementContainer();

-		ec.addElement(new H1().addElement("Sign In "));
+		ec.addElement(new H1().addElement(WebGoatI18N.get("SignIn")));
 		Table t = new Table().setCellSpacing(0).setCellPadding(2).setBorder(0).setWidth("90%").setAlign("center");

 		if (s.isColor())
@ -310,12 +300,12 @@ public class WeakAuthenticationCookie extends LessonAdapter

 		TR tr = new TR();
 		tr.addElement(new TH()
-				.addElement("Please sign in to your account.  See the OWASP admin if you do not have an account.")
+				.addElement(WebGoatI18N.get("WeakAuthenticationCookiePleaseSignIn"))
 				.setColSpan(2).setAlign("left"));
 		t.addElement(tr);

 		tr = new TR();
-		tr.addElement(new TD().addElement("*Required Fields").setWidth("30%"));
+		tr.addElement(new TD().addElement("*"+WebGoatI18N.get("RequiredFields")).setWidth("30%"));
 		t.addElement(tr);

 		tr = new TR();
@ -324,8 +314,8 @@ public class WeakAuthenticationCookie extends LessonAdapter

 		TR row1 = new TR();
 		TR row2 = new TR();
-		row1.addElement(new TD(new B(new StringElement("*User Name: "))));
-		row2.addElement(new TD(new B(new StringElement("*Password: "))));
+		row1.addElement(new TD(new B(new StringElement("*"+WebGoatI18N.get("UserName")))));
+		row2.addElement(new TD(new B(new StringElement("*"+WebGoatI18N.get("Password")))));

 		Input input1 = new Input(Input.TEXT, USERNAME, "");
 		Input input2 = new Input(Input.PASSWORD, PASSWORD, "");
@ -334,7 +324,7 @@ public class WeakAuthenticationCookie extends LessonAdapter
 		t.addElement(row1);
 		t.addElement(row2);

-		Element b = ECSFactory.makeButton("Login");
+		Element b = ECSFactory.makeButton(WebGoatI18N.get("Login"));
 		t.addElement(new TR(new TD(b)));
 		ec.addElement(t);

@ -357,10 +347,10 @@ public class WeakAuthenticationCookie extends LessonAdapter
 	protected Element makeUser(WebSession s, String user, String method) throws Exception
 	{
 		ElementContainer ec = new ElementContainer();
-		ec.addElement(new P().addElement("Welcome, " + user));
-		ec.addElement(new P().addElement("You have been authenticated with " + method));
-		ec.addElement(new P().addElement(ECSFactory.makeLink("Logout", LOGOUT, true)));
-		ec.addElement(new P().addElement(ECSFactory.makeLink("Refresh", "", "")));
+		ec.addElement(new P().addElement(WebGoatI18N.get("WelcomeUser") + user));
+		ec.addElement(new P().addElement(WebGoatI18N.get("YouHaveBeenAuthenticatedWith") + method));
+		ec.addElement(new P().addElement(ECSFactory.makeLink(WebGoatI18N.get("Logout"), LOGOUT, true)));
+		ec.addElement(new P().addElement(ECSFactory.makeLink(WebGoatI18N.get("Refresh"), "", "")));

 		return (ec);
 	}