Making database for each user (no sharing between each other)

2017-04-15 18:11:55 +02:00 · 2017-04-15 18:11:55 +02:00 · 213e73bf02
commit 213e73bf02
parent 7ff5503241
2 changed files with 3 additions and 6 deletions
--- a/webgoat-container/src/main/java/org/owasp/webgoat/session/DatabaseUtilities.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/session/DatabaseUtilities.java
@ -7,8 +7,6 @@ import java.sql.SQLException;
 import java.util.HashMap;
 import java.util.Map;
 import org.springframework.beans.factory.annotation.Autowired;
 /**
 *************************************************************************************************
@ -39,6 +37,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 * @author Jeff Williams <a href="http://www.aspectsecurity.com">Aspect Security</a>
 * @version $Id: $Id
 */
 //TODO: class we need to refactor to new structure, we can put the connection in the current session of the user
 public class DatabaseUtilities
 {
@ -122,7 +121,7 @@ public class DatabaseUtilities
 	private static Connection getHsqldbConnection(String user, WebgoatContext context) throws ClassNotFoundException,
 			SQLException
 	{
-		String url = context.getDatabaseConnectionString().replaceAll("\\$\\{USER\\}", user);
+		String url = context.getDatabaseConnectionString().replace("{USER}", user);
 		return DriverManager.getConnection(url, "sa", "");
 	}
--- a/webgoat-container/src/main/resources/application.properties
+++ b/webgoat-container/src/main/resources/application.properties
@ -26,9 +26,7 @@ webgoat.emaillist=owasp-webgoat@lists.owasp.org
 webgoat.feedback.address=webgoat@owasp.org
 webgoat.feedback.address.html=<A HREF=mailto:webgoat@owasp.org>webgoat@owasp.org</A>
 webgoat.database.driver=org.hsqldb.jdbcDriver
-webgoat.database.connection.string=jdbc:hsqldb:mem:test
+webgoat.database.connection.string=jdbc:hsqldb:mem:{USER}
 # TODO_NB
 #webgoat.database.connection.string=jdbc:hsqldb:mem:${USER}
 webgoat.default.language=en