diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/HammerHead.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/HammerHead.java
index 51997f810..7792254bd 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/HammerHead.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/HammerHead.java	
@@ -307,9 +307,6 @@ public class HammerHead extends HttpServlet
 					
 					s.setHasHackableAdmin( screen.getRole() );
 					
-					//More bookkeeping here to see if the user was able to force browse to the
-					//config URL.
-					s.setHasHackableConfig( s.getRequest().getRequestURI());
 					lesson.handleRequest( s );
 					s.setCurrentMenu( lesson.getCategory().getRanking() );
 				}
diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/ForcedBrowsing.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/ForcedBrowsing.java
index 5bbe60c05..55c2cb258 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/ForcedBrowsing.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/ForcedBrowsing.java	
@@ -6,7 +6,16 @@ import java.util.List;
 import org.apache.ecs.Element;
 import org.apache.ecs.ElementContainer;
 import org.apache.ecs.StringElement;
+import org.apache.ecs.html.B;
+import org.apache.ecs.html.BR;
+import org.apache.ecs.html.H1;
+import org.apache.ecs.html.Input;
+import org.apache.ecs.html.TD;
+import org.apache.ecs.html.TH;
+import org.apache.ecs.html.TR;
+import org.apache.ecs.html.Table;
 
+import org.owasp.webgoat.session.ECSFactory;
 import org.owasp.webgoat.session.WebSession;
 
 /**
@@ -20,7 +29,7 @@ import org.owasp.webgoat.session.WebSession;
  */
 public class ForcedBrowsing extends LessonAdapter
 {
-
+	private final static String SUCCEEDED = "succeeded";
 	/**
 	 *  Description of the Method
 	 *
@@ -30,9 +39,31 @@ public class ForcedBrowsing extends LessonAdapter
 	protected Element createContent( WebSession s )
 	{
 		ElementContainer ec = new ElementContainer();
-
-		if ( s.completedHackableConfig() )
+		String success = new String( s.getParser().getStringParameter( SUCCEEDED, "" ) );
+		if ( success.length()!= 0 && success.equals("yes") )
 		{				
+			ec.addElement( new BR().addElement (new H1().addElement( "Welcome to WebGoat Configuration Page")));
+			ec.addElement( new BR());
+			Table t1 = new Table().setCellSpacing(0).setCellPadding(0).setBorder(0).setWidth("90%").setAlign("center");
+			
+			TR tr = new TR();			
+			tr.addElement( new TD( new StringElement( "Set Admin Privileges for: " ) ));		
+			
+			Input input1 = new Input( Input.TEXT, "", "" );
+			tr.addElement( new TD( input1 ) );
+			t1.addElement( tr );
+			
+			tr = new TR();
+			tr.addElement( new TD( new StringElement ( "Set Admin Password:" )));
+			
+			input1 = new Input( Input.PASSWORD, "", "");
+			tr.addElement( new TD(input1));
+			t1.addElement( tr );
+			
+			Element b = ECSFactory.makeButton( "Submit" );
+			t1.addElement( new TR( new TD( b ).setColSpan(2).setAlign("right") ) );
+			ec.addElement(t1);			
+			
 			makeSuccess( s );		
 		}
 		else 
diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java
index ec0625ceb..82d146ef9 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java	
@@ -226,8 +226,6 @@ public class WebSession
 
 	private boolean completedHackableAdmin = false;
 	
-	private boolean completedHackableConfig = false;
-
 	private int currentMenu;
 
 	/**
@@ -726,16 +724,6 @@ public class WebSession
 		return ( completedHackableAdmin );
 	}
 
-	/**
-	 * Has the user ever hacked the hackable config URL
-	 * 
-	 * @return The hackable config value
-	 */
-	public boolean completedHackableConfig()
-	{
-		return ( completedHackableConfig );
-	}
-		
 	/**
 	 * Gets the authenticated attribute of the WebSession object
 	 * 
@@ -1114,14 +1102,6 @@ public class WebSession
 			completedHackableAdmin = true;
 		}
 	}
-
-	public void setHasHackableConfig ( String url)
-	{
-		if ( url.indexOf("config") >= 0)
-		{
-			completedHackableConfig = true;
-		}	
-	}
 	
 	/**
 	 * @return Returns the isDebug.
diff --git a/ webgoat/main/project/WebContent/WEB-INF/web.xml b/ webgoat/main/project/WebContent/WEB-INF/web.xml
index f595a0d4c..eafb034d3 100644
--- a/ webgoat/main/project/WebContent/WEB-INF/web.xml	
+++ b/ webgoat/main/project/WebContent/WEB-INF/web.xml	
@@ -124,7 +124,7 @@
 
       <init-param>
             <param-name>DefuseOSCommands</param-name>
-            <param-value>true</param-value>
+            <param-value>false</param-value>
       </init-param>
       
       <init-param>
@@ -174,7 +174,15 @@
       </description>
       <servlet-class>org.owasp.webgoat.LessonSource</servlet-class>
     </servlet>
-
+	<servlet>
+		<servlet-name>validate</servlet-name>
+		<servlet-class>org.owasp.webgoat.servlets.ValidateServlet</servlet-class>
+	</servlet>
+	<servlet>
+	     <servlet-name>config</servlet-name>
+	     <jsp-file>/lessons/ConfManagement/config.jsp</jsp-file>
+	</servlet>
+	
     <!-- Define mappings that are used by the servlet container to
          translate a particular request URI (context-relative) to a
          particular servlet.  The examples below correspond to the
@@ -226,11 +234,16 @@
       <servlet-name>WebGoat</servlet-name>
       <url-pattern>/attack</url-pattern>
     </servlet-mapping>
+
+	<servlet-mapping>
+	     <servlet-name>config</servlet-name>
+	     <url-pattern>/config</url-pattern>
+	</servlet-mapping>
     
-    <servlet-mapping>
-      <servlet-name>WebGoat</servlet-name>
-      <url-pattern>/config</url-pattern>    
-    </servlet-mapping>
+	<servlet-mapping>
+	     <servlet-name>validate</servlet-name>
+	     <url-pattern>/validate</url-pattern>
+	</servlet-mapping>
 
     <servlet-mapping>
       <servlet-name>LessonSource</servlet-name>