Clean up in pom files
This commit is contained in:
Nanne Baars
Nanne Baars
parent
ee0988effe
commit
216b29fca2
42
README.MD
42
README.MD
@ -97,27 +97,10 @@ To change IP address add the following variable to WebGoat/webgoat-container/src
|
||||
server.address=x.x.x.x
|
||||
```
|
||||
|
||||
# Vagrant
|
||||
|
||||
We supply a complete environment using Vagrant, to run WebGoat with Vagrant you must first have Vagrant and Virtualbox installed.
|
||||
|
||||
```shell
|
||||
$ cd WebGoat/webgoat-images/vagrant-training
|
||||
$ vagrant up
|
||||
```
|
||||
|
||||
Once the provisioning is complete login to the Virtualbox with username vagrant and password vagrant.
|
||||
WebGoat and WebWolf will automatically start when you login to this image.
|
||||
|
||||
|
||||
# Building a new Docker image
|
||||
|
||||
NOTE: Travis will create a new Docker image automatically when making a new release.
|
||||
|
||||
WebGoat now has Docker support for x86 and ARM (raspberry pi).
|
||||
### Docker on x86
|
||||
On x86 you can build a container with the following commands:
|
||||
|
||||
```Shell
|
||||
cd WebGoat/
|
||||
mvn install
|
||||
@ -128,31 +111,6 @@ docker login
|
||||
docker push webgoat/webgoat-8.0
|
||||
```
|
||||
|
||||
### Docker on ARM (Raspberry Pi)
|
||||
On a Raspberry Pi (it has yet been tested with a Raspberry Pi 3 and the hypriot Docker image) you need to build JFFI for
|
||||
ARM first. This is needed by the docker-maven-plugin ([see here](https://github.com/spotify/docker-maven-plugin/issues/233)):
|
||||
|
||||
```Shell
|
||||
sudo apt-get install build-essential
|
||||
git clone https://github.com/jnr/jffi.git
|
||||
cd jffi
|
||||
ant jar
|
||||
cd build/jni
|
||||
sudo cp libjffi-1.2.so /usr/lib
|
||||
```
|
||||
|
||||
When you have done this you can build the Docker container using the following commands:
|
||||
|
||||
```Shell
|
||||
cd WebGoat/
|
||||
mvn install
|
||||
cd webgoat-server
|
||||
mvn docker:build -Drpi=true
|
||||
docker tag webgoat/webgoat-8.0 webgoat/webgoat-8.0:8.0
|
||||
docker login
|
||||
docker push webgoat/webgoat-8.0
|
||||
```
|
||||
|
||||
# Run Instructions:
|
||||
|
||||
Once installed connect to http://localhost:8080/WebGoat and http://localhost:9090/WebWolf
|
||||
|
||||
95
pom.xml
95
pom.xml
@ -21,7 +21,7 @@
|
||||
<parent>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-parent</artifactId>
|
||||
<version>1.5.18.RELEASE</version>
|
||||
<version>1.5.21.RELEASE</version>
|
||||
</parent>
|
||||
|
||||
<licenses>
|
||||
@ -116,46 +116,19 @@
|
||||
|
||||
<!-- Shared properties with plugins and version numbers across submodules-->
|
||||
<activation.version>1.1.1</activation.version>
|
||||
<axis-ant.version>1.4</axis-ant.version>
|
||||
<axis-jaxrpc.version>1.4</axis-jaxrpc.version>
|
||||
<axis-saaj.version>1.4</axis-saaj.version>
|
||||
<axis.version>1.4</axis.version>
|
||||
<build-helper-maven-plugin.version>1.9.1</build-helper-maven-plugin.version>
|
||||
<cobertura-maven-plugin.version>2.7</cobertura-maven-plugin.version>
|
||||
<commons-collections.version>3.2.1</commons-collections.version>
|
||||
<commons-digester.version>2.1</commons-digester.version>
|
||||
<commons-discovery.version>0.5</commons-discovery.version>
|
||||
<commons-fileupload.version>1.3.1</commons-fileupload.version>
|
||||
<commons-io.version>2.6</commons-io.version>
|
||||
<commons-lang3.version>3.4</commons-lang3.version>
|
||||
<coveralls-maven-plugin.version>4.0.0</coveralls-maven-plugin.version>
|
||||
<gatling.version>2.2.5</gatling.version>
|
||||
<gatling-plugin.version>2.2.4</gatling-plugin.version>
|
||||
<commons-io.version>2.6</commons-io.version>
|
||||
<guava.version>18.0</guava.version>
|
||||
<h2.version>1.4.190</h2.version>
|
||||
<hsqldb.version>2.3.4</hsqldb.version>
|
||||
<j2h.version>1.3.1</j2h.version>
|
||||
<jackson-core.version>2.6.3</jackson-core.version>
|
||||
<jackson-databind.version>2.6.3</jackson-databind.version>
|
||||
<javaee-api.version>6.0</javaee-api.version>
|
||||
<javax.transaction-api.version>1.3</javax.transaction-api.version>
|
||||
<jcl-over-slf4j.version>1.7.12</jcl-over-slf4j.version>
|
||||
<jtds.version>1.3.1</jtds.version>
|
||||
<junit.version>4.12</junit.version>
|
||||
<lombok.version>1.18.4</lombok.version>
|
||||
<mail-api.version>1.5.4</mail-api.version>
|
||||
<maven-compiler-plugin.version>3.8.0</maven-compiler-plugin.version>
|
||||
<maven-failsafe-plugin.version>2.22.0</maven-failsafe-plugin.version>
|
||||
<maven-gpg-plugin.version>1.6</maven-gpg-plugin.version>
|
||||
<maven-jar-plugin.version>3.1.1</maven-jar-plugin.version>
|
||||
<maven-javadoc-plugin.version>2.10.4</maven-javadoc-plugin.version>
|
||||
<maven-release-plugin.version>2.5.2</maven-release-plugin.version>
|
||||
<maven-source-plugin.version>3.0.1</maven-source-plugin.version>
|
||||
<maven-jar-plugin.version>3.1.2</maven-jar-plugin.version>
|
||||
<maven-javadoc-plugin.version>3.1.1</maven-javadoc-plugin.version>
|
||||
<maven-source-plugin.version>3.1.0</maven-source-plugin.version>
|
||||
<maven-surefire-plugin.version>2.22.0</maven-surefire-plugin.version>
|
||||
<nexus-staging-maven-plugin.version>1.6.6</nexus-staging-maven-plugin.version>
|
||||
<scala.version>2.11.7</scala.version>
|
||||
<sauce_junit.version>2.1.20</sauce_junit.version>
|
||||
<selenium-java.version>2.48.2</selenium-java.version>
|
||||
<spring.security.version>3.2.4.RELEASE</spring.security.version>
|
||||
</properties>
|
||||
|
||||
@ -166,32 +139,6 @@
|
||||
<module>webwolf</module>
|
||||
</modules>
|
||||
|
||||
<distributionManagement>
|
||||
<snapshotRepository>
|
||||
<id>ossrh</id>
|
||||
<url>https://oss.sonatype.org/content/repositories/snapshots</url>
|
||||
</snapshotRepository>
|
||||
<repository>
|
||||
<id>ossrh</id>
|
||||
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
|
||||
</repository>
|
||||
</distributionManagement>
|
||||
|
||||
<pluginRepositories>
|
||||
<pluginRepository>
|
||||
<id>apache.snapshots</id>
|
||||
<url>http://repository.apache.org/snapshots/</url>
|
||||
<!-- The releases element here is due to an issue in Maven 2.0 that will be
|
||||
fixed in future releases. This should be able to be disabled altogether. -->
|
||||
<releases>
|
||||
<updatePolicy>daily</updatePolicy>
|
||||
</releases>
|
||||
<snapshots>
|
||||
<updatePolicy>daily</updatePolicy>
|
||||
</snapshots>
|
||||
</pluginRepository>
|
||||
</pluginRepositories>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.projectlombok</groupId>
|
||||
@ -224,38 +171,6 @@
|
||||
<encoding>UTF-8</encoding>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-release-plugin</artifactId>
|
||||
<version>${maven-release-plugin.version}</version>
|
||||
<configuration>
|
||||
<autoVersionSubmodules>true</autoVersionSubmodules>
|
||||
<useReleaseProfile>false</useReleaseProfile>
|
||||
<releaseProfiles>release</releaseProfiles>
|
||||
<tagNameFormat>@{project.version}</tagNameFormat>
|
||||
<goals>deploy</goals>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.eluder.coveralls</groupId>
|
||||
<artifactId>coveralls-maven-plugin</artifactId>
|
||||
<version>${coveralls-maven-plugin.version}</version>
|
||||
<configuration>
|
||||
<repoToken/>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.codehaus.mojo</groupId>
|
||||
<artifactId>cobertura-maven-plugin</artifactId>
|
||||
<version>${cobertura-maven-plugin.version}</version>
|
||||
<configuration>
|
||||
<check/>
|
||||
<format>xml</format>
|
||||
<maxmem>256m</maxmem>
|
||||
<!-- aggregated reports for multi-module projects -->
|
||||
<aggregate>true</aggregate>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
|
||||
@ -13,29 +13,6 @@
|
||||
<version>v8.0.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<profiles>
|
||||
<profile>
|
||||
<id>performance</id>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>io.gatling</groupId>
|
||||
<artifactId>gatling-maven-plugin</artifactId>
|
||||
<version>${gatling-plugin.version}</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<goals>
|
||||
<goal>execute</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
|
||||
</profiles>
|
||||
|
||||
<build>
|
||||
<resources>
|
||||
<resource>
|
||||
@ -69,7 +46,11 @@
|
||||
<artifactId>maven-surefire-plugin</artifactId>
|
||||
<version>${maven-surefire-plugin.version}</version>
|
||||
<configuration>
|
||||
<forkMode>never</forkMode>
|
||||
<forkCount>0</forkCount>
|
||||
<reuseForks>true</reuseForks>
|
||||
<argLine>
|
||||
--illegal-access=permit
|
||||
</argLine>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
@ -89,12 +70,23 @@
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.datatype</groupId>
|
||||
<artifactId>jackson-datatype-jsr310</artifactId>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-undertow</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-web</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-tomcat</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>javax.activation</groupId>
|
||||
<artifactId>activation</artifactId>
|
||||
<version>${activation.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
@ -119,14 +111,6 @@
|
||||
<artifactId>guava</artifactId>
|
||||
<version>${guava.version}</version>
|
||||
</dependency>
|
||||
|
||||
|
||||
<dependency>
|
||||
<groupId>io.gatling.highcharts</groupId>
|
||||
<artifactId>gatling-charts-highcharts</artifactId>
|
||||
<version>${gatling.version}</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-security</artifactId>
|
||||
@ -140,28 +124,11 @@
|
||||
<artifactId>thymeleaf-extras-springsecurity4</artifactId>
|
||||
<version>2.1.2.RELEASE</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>javax.activation</groupId>
|
||||
<artifactId>activation</artifactId>
|
||||
<version>${activation.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.hsqldb</groupId>
|
||||
<artifactId>hsqldb</artifactId>
|
||||
<version>${hsqldb.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>javax.transaction</groupId>
|
||||
<artifactId>javax.transaction-api</artifactId>
|
||||
<version>${javax.transaction-api.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.scala-lang</groupId>
|
||||
<artifactId>scala-compiler</artifactId>
|
||||
<version>${scala.version}</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
|
||||
<!-- ************* END spring MVC and related dependencies ************** -->
|
||||
<!-- ************* START: Dependencies for Unit and Integration Testing ************** -->
|
||||
|
||||
@ -44,9 +44,9 @@ import org.thymeleaf.resourceresolver.IResourceResolver;
|
||||
import org.thymeleaf.templateresolver.TemplateResolver;
|
||||
|
||||
import java.io.*;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.Map;
|
||||
|
||||
import static org.apache.commons.lang3.CharEncoding.UTF_8;
|
||||
import static org.asciidoctor.Asciidoctor.Factory.create;
|
||||
|
||||
/**
|
||||
@ -92,7 +92,7 @@ public class AsciiDoctorTemplateResolver extends TemplateResolver {
|
||||
extensionRegistry.inlineMacro("webGoatVersion", WebGoatVersionMacro.class);
|
||||
|
||||
asciidoctor.convert(new InputStreamReader(is), writer, createAttributes());
|
||||
return new ByteArrayInputStream(writer.getBuffer().toString().getBytes(UTF_8));
|
||||
return new ByteArrayInputStream(writer.getBuffer().toString().getBytes(StandardCharsets.UTF_8));
|
||||
}
|
||||
} catch (IOException e) {
|
||||
//no html yet
|
||||
|
||||
@ -31,7 +31,6 @@
|
||||
package org.owasp.webgoat;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.catalina.Context;
|
||||
import org.owasp.webgoat.plugins.PluginEndpointPublisher;
|
||||
import org.owasp.webgoat.plugins.PluginsLoader;
|
||||
import org.owasp.webgoat.session.Course;
|
||||
@ -42,9 +41,6 @@ import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.boot.builder.SpringApplicationBuilder;
|
||||
import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory;
|
||||
import org.springframework.boot.context.embedded.tomcat.TomcatContextCustomizer;
|
||||
import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
|
||||
import org.springframework.boot.web.support.SpringBootServletInitializer;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
@ -53,7 +49,6 @@ import org.springframework.context.annotation.ScopedProxyMode;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
import java.io.File;
|
||||
import java.util.Arrays;
|
||||
|
||||
@SpringBootApplication
|
||||
@Slf4j
|
||||
@ -99,20 +94,4 @@ public class WebGoat extends SpringBootServletInitializer {
|
||||
public RestTemplate restTemplate() {
|
||||
return new RestTemplate();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public EmbeddedServletContainerFactory servletContainer() {
|
||||
TomcatEmbeddedServletContainerFactory factory = new TomcatEmbeddedServletContainerFactory();
|
||||
factory.setTomcatContextCustomizers(Arrays.asList(new CustomCustomizer()));
|
||||
return factory;
|
||||
}
|
||||
|
||||
static class CustomCustomizer implements TomcatContextCustomizer {
|
||||
@Override
|
||||
public void customize(Context context) {
|
||||
context.setUseHttpOnly(false);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
@ -58,8 +58,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry security = http
|
||||
.authorizeRequests()
|
||||
.antMatchers("/css/**", "/images/**", "/js/**", "fonts/**", "/plugins/**", "/registration", "/register.mvc").permitAll()
|
||||
.antMatchers("/servlet/AdminServlet/**").hasAnyRole("WEBGOAT_ADMIN", "SERVER_ADMIN") //
|
||||
.antMatchers("/JavaSource/**").hasRole("SERVER_ADMIN") //
|
||||
.anyRequest().authenticated();
|
||||
security.and()
|
||||
.formLogin()
|
||||
|
||||
@ -25,6 +25,7 @@
|
||||
|
||||
package org.owasp.webgoat.assignments;
|
||||
|
||||
import com.google.common.base.Strings;
|
||||
import lombok.Getter;
|
||||
import org.apache.commons.lang3.StringEscapeUtils;
|
||||
import org.owasp.webgoat.i18n.PluginMessages;
|
||||
|
||||
@ -17,7 +17,6 @@ spring.jpa.hibernate.ddl-auto=update
|
||||
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.HSQLDialect
|
||||
spring.datasource.driver-class-name=org.hsqldb.jdbc.JDBCDriver
|
||||
|
||||
|
||||
logging.level.org.springframework=INFO
|
||||
logging.level.org.springframework.boot.devtools=INFO
|
||||
logging.level.org.owasp=DEBUG
|
||||
|
||||
@ -1,27 +0,0 @@
|
||||
import io.gatling.core.Predef._
|
||||
import io.gatling.http.Predef._
|
||||
import org.apache.commons.lang3.RandomStringUtils
|
||||
|
||||
import scala.concurrent.duration._
|
||||
|
||||
class BasicSimulation extends Simulation {
|
||||
|
||||
val httpConf = http
|
||||
.baseURL("http://localhost:8080/WebGoat/") // Here is the root for all relative URLs
|
||||
.userAgentHeader("Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:16.0) Gecko/20100101 Firefox/16.0")
|
||||
|
||||
val scn = scenario("Register and automatic login").
|
||||
exec(session =>
|
||||
session.setAll(("username", RandomStringUtils.randomAlphabetic(10)))
|
||||
)
|
||||
.exec(
|
||||
http("Test")
|
||||
.post("register.mvc")
|
||||
.formParam("username", "${username}")
|
||||
.formParam("password", "${username}")
|
||||
.formParam("matchingPassword", "${username}")
|
||||
.formParam("agree", "agree")
|
||||
)
|
||||
|
||||
setUp(scn.inject(atOnceUsers(100)).protocols(httpConf))
|
||||
}
|
||||
@ -21,7 +21,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
public class BypassRestrictionsFrontendValidationTest extends LessonTest {
|
||||
|
||||
@Before
|
||||
public void setup() throws Exception {
|
||||
public void setup() {
|
||||
when(webSession.getCurrentLesson()).thenReturn(new BypassRestrictions());
|
||||
this.mockMvc = MockMvcBuilders.webAppContextSetup(this.wac).build();
|
||||
}
|
||||
|
||||
@ -8,6 +8,14 @@
|
||||
<artifactId>webgoat-lessons-parent</artifactId>
|
||||
<version>v8.0.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<!-- jsoup HTML parser library @ https://jsoup.org/ -->
|
||||
<groupId>org.jsoup</groupId>
|
||||
<artifactId>jsoup</artifactId>
|
||||
<version>1.11.3</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
|
||||
@ -32,10 +32,8 @@
|
||||
package org.owasp.webgoat.plugin;
|
||||
|
||||
import com.beust.jcommander.internal.Lists;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import com.google.common.collect.EvictingQueue;
|
||||
import com.google.common.collect.Maps;
|
||||
import org.apache.catalina.servlet4preview.http.HttpServletRequest;
|
||||
import org.joda.time.DateTime;
|
||||
import org.joda.time.format.DateTimeFormat;
|
||||
import org.joda.time.format.DateTimeFormatter;
|
||||
@ -46,11 +44,11 @@ import org.owasp.webgoat.assignments.AttackResult;
|
||||
import org.owasp.webgoat.session.WebSession;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.io.IOException;
|
||||
import java.util.Collection;
|
||||
import java.util.Map;
|
||||
|
||||
@ -84,7 +84,7 @@ public class JWTFinalEndpoint extends AssignmentEndpoint {
|
||||
}
|
||||
return null;
|
||||
}
|
||||
}).parse(token);
|
||||
}).parseClaimsJws(token);
|
||||
if (errorMessage[0] != null) {
|
||||
return trackProgress(failed().output(errorMessage[0]).build());
|
||||
}
|
||||
|
||||
@ -59,4 +59,13 @@ public class JWTFinalEndpointTest extends LessonTest {
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.feedback", CoreMatchers.is(messages.getMessage("jwt-final-jerry-account"))));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldNotBeAbleToBypassWithSimpleToken() throws Exception {
|
||||
mockMvc.perform(MockMvcRequestBuilders.post("/JWT/final/delete")
|
||||
.param("token", ".eyJ1c2VybmFtZSI6IlRvbSJ9.")
|
||||
.content(""))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.feedback", CoreMatchers.is(messages.getMessage("jwt-invalid-token"))));
|
||||
}
|
||||
}
|
||||
@ -32,7 +32,7 @@
|
||||
<module>vulnerable-components</module>
|
||||
<module>webgoat-introduction</module>
|
||||
<module>webwolf-introduction</module>
|
||||
<module>auth-bypass</module>
|
||||
<module>auth-bypass</module>
|
||||
<module>missing-function-ac</module>
|
||||
<module>csrf</module>
|
||||
<module>password-reset</module>
|
||||
@ -67,7 +67,6 @@
|
||||
<dependency>
|
||||
<groupId>org.mockito</groupId>
|
||||
<artifactId>mockito-core</artifactId>
|
||||
<version>1.10.19</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@ -97,12 +96,6 @@
|
||||
<artifactId>xstream</artifactId>
|
||||
<version>1.4.7</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<!-- jsoup HTML parser library @ https://jsoup.org/ -->
|
||||
<groupId>org.jsoup</groupId>
|
||||
<artifactId>jsoup</artifactId>
|
||||
<version>1.11.3</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<dependencyManagement>
|
||||
<dependencies>
|
||||
@ -118,28 +111,25 @@
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-dependency-plugin</artifactId>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>copy-artifact-src</id>
|
||||
<phase>package</phase>
|
||||
<goals>
|
||||
<goal>copy</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<overWriteIfNewer>true</overWriteIfNewer>
|
||||
<artifactItems>
|
||||
<artifactItem>
|
||||
<groupId>${project.groupId}</groupId>
|
||||
<artifactId>${project.artifactId}</artifactId>
|
||||
<version>${project.version}</version>
|
||||
<type>${project.packaging}</type>
|
||||
</artifactItem>
|
||||
</artifactItems>
|
||||
<outputDirectory>${project.basedir}/../webgoat-container/src/main/resources/plugin_lessons</outputDirectory>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
<artifactId>maven-surefire-plugin</artifactId>
|
||||
<version>${maven-surefire-plugin.version}</version>
|
||||
<configuration>
|
||||
<forkCount>0</forkCount>
|
||||
<reuseForks>true</reuseForks>
|
||||
<argLine>
|
||||
--illegal-access=permit
|
||||
</argLine>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-compiler-plugin</artifactId>
|
||||
<version>${maven-compiler-plugin.version}</version>
|
||||
<configuration>
|
||||
<source>11</source>
|
||||
<target>11</target>
|
||||
<encoding>UTF-8</encoding>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
@ -13,83 +13,7 @@
|
||||
<start-class>org.owasp.webgoat.StartWebGoat</start-class>
|
||||
</properties>
|
||||
|
||||
<profiles>
|
||||
<profile>
|
||||
<id>raspberry-pi-3</id>
|
||||
<activation>
|
||||
<property>
|
||||
<name>rpi</name>
|
||||
</property>
|
||||
</activation>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>com.spotify</groupId>
|
||||
<artifactId>docker-maven-plugin</artifactId>
|
||||
<version>0.4.10</version>
|
||||
<configuration>
|
||||
<imageName>webgoat/webgoat-8.0</imageName>
|
||||
<dockerDirectory>src/main/docker_rpi3</dockerDirectory>
|
||||
<resources>
|
||||
<resource>
|
||||
<targetPath>/</targetPath>
|
||||
<directory>${project.build.directory}</directory>
|
||||
<include>${project.build.finalName}.jar</include>
|
||||
</resource>
|
||||
<resource>
|
||||
<targetPath>/</targetPath>
|
||||
<directory>${project.basedir}/../webwolf/target</directory>
|
||||
<include>webwolf-${project.version}.jar</include>
|
||||
</resource>
|
||||
</resources>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>default</id>
|
||||
<activation>
|
||||
<property>
|
||||
<name>!rpi</name>
|
||||
</property>
|
||||
</activation>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>com.spotify</groupId>
|
||||
<artifactId>docker-maven-plugin</artifactId>
|
||||
<version>0.4.10</version>
|
||||
<configuration>
|
||||
<imageName>webgoat/webgoat-8.0</imageName>
|
||||
<dockerDirectory>${project.basedir}</dockerDirectory>
|
||||
<resources>
|
||||
<resource>
|
||||
<targetPath>/</targetPath>
|
||||
<directory>${project.build.directory}</directory>
|
||||
<include>${project.build.finalName}.jar</include>
|
||||
</resource>
|
||||
<resource>
|
||||
<targetPath>/</targetPath>
|
||||
<directory>${project.basedir}/../webwolf/target</directory>
|
||||
<include>webwolf-${project.version}.jar</include>
|
||||
</resource>
|
||||
</resources>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</profile>
|
||||
</profiles>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.spotify</groupId>
|
||||
<artifactId>docker-maven-plugin</artifactId>
|
||||
<version>0.4.10</version>
|
||||
<scope>test</scope>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.owasp.webgoat</groupId>
|
||||
<artifactId>webgoat-container</artifactId>
|
||||
|
||||
@ -28,10 +28,6 @@
|
||||
<artifactId>commons-io</artifactId>
|
||||
<version>${commons-io.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-cache</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-security</artifactId>
|
||||
@ -114,6 +110,17 @@
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-maven-plugin</artifactId>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-surefire-plugin</artifactId>
|
||||
<version>${maven-surefire-plugin.version}</version>
|
||||
<configuration>
|
||||
<forkMode>never</forkMode>
|
||||
<argLine>
|
||||
--illegal-access=permit
|
||||
</argLine>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user