diff --git a/ webgoat/HOW TO create the WebGoat workspace.txt b/ webgoat/HOW TO create the WebGoat workspace.txt new file mode 100644 index 000000000..99043e5f9 --- /dev/null +++ b/ webgoat/HOW TO create the WebGoat workspace.txt @@ -0,0 +1,166 @@ +*************************************** + +Eclipse startup and dependency removal + +*************************************** + +Change paths in eclipse.bat to reflect your environment + + edit /eclipse.bat + Change JAVAHOME to directory where java is installed. + ex: This may be .\java or "C:\Program Files\Java\jdk1.5.0_08" + + Change ECLIPSE_HOME to directory where eclipse is installed + ex: This may be .\eclipse or "C:\Program Files\eclipse" + Note: WebGoat requires eclipse with WTP project + + +Run eclipse using the eclipse.bat file + + located at /eclipse.bat + +Remove eclipse dependencies + + Delete all files and directories beginning + with a period. ex) .settings, .project, etc... + Note: These files probably do not exist unless you have + previously tried to build a WebGoat eclipse project + + +Eclipse will start up in the default state +Click arrow at top right to load the eclipse workbench + + +*************************************** + +Verify tomcat directory is read/write access + +*************************************** + +*************************************** + +Initial Setup of Development Enviroment + +*************************************** + +Step 1) Add the WebGoat JDK + +window->preferences-> + java->installed JREs + + add + Name: WebGoat JDK 1.5 + Directory: java + OK + + select new JDK as default + remove previous JDK if exists + OK + +window->preferences + server->Installed Runtime + + ADD + apache + tomcat v5.5 + NEXT + directory: use browse button to locate /tomcat (e.g. C:\P4\BUILD\depot\WebGoat\J2EE\main\tomcat) + JRE: WebGoat JDK 1.5 + FINISH + select apache tomcat v5.5 as default + OK + +window->open perspective + other + J2EE + +in Project Explorer + right click->New->New Dynamic Web Project + + Name: WebGoat + Deselect "use default" + Browse to /project (e.g. C:\P4\BUILD\depot\WebGoat\J2EE\main\project) + NEXT + NEXT + change Java Source Directory: JavaSource + FINISH + Click "I Agree" if dialog appears (will appear after build completes) + +From "Servers" View - Should be in bottom view + right click->New->Server (Tomcat 5.5 should be default selected) + NEXT + select WebGoat + ADD + FINISH + +From a Windows file explorer window + Copy the .keystore to eclipse workspace directory + \J2EE\main\workspace\.metadata\.plugins\org.eclipse.wst.server.core\tmp0\.keystore + +From Servers view + + double click Tomcat v 5.5 Server @ locahost + +in "Server Overview" window + + Uncheck "Run modules directly from the workspace" + SAVE (ctrl-s) + + +Rename the web.xml file: + + a. Delete the web.xml file located at + /project/WebContent/WEB-INF/web.xml + + b. Copy the appropriate web-*.xml as the new web.xml + + Windows: + + copy /project/WebContent/WEB-INF/web-windows.xml to + /project/WebContent/WEB-INF/web.xml + + + Unix: + + copy /project/WebContent/WEB-INF/web-unix.xml to + /project/WebContent/WEB-INF/web.xml + + +Right click on Tomcat v5.5 Sever@localhost ->Start + +Browse to http://localhost/WebGoat/attack + + +*************************************** + +Deploying to Tomcat + +*************************************** + +From Servers view + + double click Tomcat v 5.5 Server @ locahost + +in "Server Overview" window + + Uncheck "Run modules directly from the workspace" + SAVE (ctrl-s) + +From Servers view + + right click->Publish + +Using file system + copy JavaSource directory into /webapps/WebGoat/ + + +*************************************** + +Configuring Webgoat.properties for +your environment. + i.e. How to manage the menus + +*************************************** + +Edit /project/WebContent/WEB-INF/webgoat.properties + - Turn off/on the desired lessons