removed tiles dependency

added better error handling for problems when loading webgoat properties

java/org/owasp/webgoat/HammerHead.java

@@ -245,7 +245,7 @@ public class HammerHead extends HttpServlet {
         logger.info("Initializing main webgoat servlet");
         httpDateFormat = new SimpleDateFormat("EEE, dd MMM yyyyy HH:mm:ss z", Locale.US);
         httpDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
-        propertiesPath = getServletContext().getRealPath("./WEB-INF/webgoat.properties");
+        propertiesPath = getServletContext().getRealPath("/WEB-INF/webgoat.properties");
         webgoatContext = new WebgoatContext(this);
     }
 

java/org/owasp/webgoat/session/Course.java

@@ -13,6 +13,8 @@ import javax.servlet.ServletContext;
 import org.owasp.webgoat.HammerHead;
 import org.owasp.webgoat.lessons.AbstractLesson;
 import org.owasp.webgoat.lessons.Category;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * *************************************************************************************************
@@ -49,6 +51,8 @@ import org.owasp.webgoat.lessons.Category;
  */
 public class Course {
 
+    final Logger logger = LoggerFactory.getLogger(WebgoatProperties.class);
+
     private List<AbstractLesson> lessons = new LinkedList<AbstractLesson>();
 
     private final static String PROPERTIES_FILENAME = HammerHead.propertiesPath;
@@ -63,8 +67,7 @@ public class Course {
         try {
             properties = new WebgoatProperties(PROPERTIES_FILENAME);
         } catch (IOException e) {
-            System.out.println("Error loading WebGoat properties");
+            logger.error("Error loading webgoat properties", e);
-            e.printStackTrace();
         }
     }
 

java/org/owasp/webgoat/session/WebgoatProperties.java

@@ -1,123 +1,119 @@
-
 package org.owasp.webgoat.session;
 
+import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.util.Properties;
+import org.owasp.webgoat.HammerHead;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
-
+/**
-/***************************************************************************************************
+ * *************************************************************************************************
- * 
+ *
- * 
+ *
- * This file is part of WebGoat, an Open Web Application Security Project utility. For details,
+ * This file is part of WebGoat, an Open Web Application Security Project
- * please see http://www.owasp.org/
+ * utility. For details, please see http://www.owasp.org/
- * 
+ *
  * Copyright (c) 2002 - 2007 Bruce Mayhew
- * 
+ *
- * This program is free software; you can redistribute it and/or modify it under the terms of the
+ * This program is free software; you can redistribute it and/or modify it under
- * GNU General Public License as published by the Free Software Foundation; either version 2 of the
+ * the terms of the GNU General Public License as published by the Free Software
- * License, or (at your option) any later version.
+ * Foundation; either version 2 of the License, or (at your option) any later
- * 
+ * version.
- * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
+ *
- * even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * This program is distributed in the hope that it will be useful, but WITHOUT
- * General Public License for more details.
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * 
+ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
- * You should have received a copy of the GNU General Public License along with this program; if
+ * details.
- * not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ *
- * 02111-1307, USA.
+ * You should have received a copy of the GNU General Public License along with
- * 
+ * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
+ * Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
  * Getting Source ==============
- * 
+ *
- * Source for this application is maintained at code.google.com, a repository for free software
+ * Source for this application is maintained at code.google.com, a repository
- * projects.
+ * for free software projects.
- * 
+ *
  * For details, please see http://code.google.com/p/webgoat/
  */
-public class WebgoatProperties extends Properties
+public class WebgoatProperties extends Properties {
-{
 
-	/**
+    /**
-	 * 
+     *
-	 */
+     */
-	private static final long serialVersionUID = 4351681705558227918L;
+    private static final long serialVersionUID = 4351681705558227918L;
+    final Logger logger = LoggerFactory.getLogger(WebgoatProperties.class);
 
-	public WebgoatProperties(String propertiesFileName) throws IOException
+    public WebgoatProperties(String propertiesFileName) throws IOException {
-	{
+        if (propertiesFileName == null) {
-		try
+            throw new IOException("Path to webgoat.properties is null, initialization must have failed");
-		{
+        }
-			FileInputStream in = new FileInputStream(propertiesFileName);
+        File propertiesFile = new File(propertiesFileName);
-			load(in);
+        if (propertiesFile.exists() == false) {
-		} catch (IOException e)
+            throw new IOException("Unable to locate webgoat.properties at: " + propertiesFileName);
-		{
+        }
-			System.out.println("Warning: Unable to open webgoat.properties file");
+        FileInputStream in = new FileInputStream(propertiesFile);
-		}
+        load(in);
-	}
+    }
 
-	public int getIntProperty(String key, int defaultValue)
+    public int getIntProperty(String key, int defaultValue) {
-	{
+        int value = defaultValue;
-		int value = defaultValue;
 
-		String s = getProperty(key);
+        String s = getProperty(key);
-		if (s != null)
+        if (s != null) {
-		{
+            value = Integer.parseInt(s);
-			value = Integer.parseInt(s);
+        }
-		}
 
-		return value;
+        return value;
-	}
+    }
 
-	public boolean getBooleanProperty(String key, boolean defaultValue)
+    public boolean getBooleanProperty(String key, boolean defaultValue) {
-	{
+        boolean value = defaultValue;
-		boolean value = defaultValue;
+        key = this.trimLesson(key);
-		key = this.trimLesson(key);
 
-		String s = getProperty(key);
+        String s = getProperty(key);
-		if (s != null)
+        if (s != null) {
-		{
+            if (s.equalsIgnoreCase("true")) {
-			if (s.equalsIgnoreCase("true"))
+                value = true;
-				value = true;
+            } else if (s.equalsIgnoreCase("yes")) {
-			else if (s.equalsIgnoreCase("yes"))
+                value = true;
-				value = true;
+            } else if (s.equalsIgnoreCase("on")) {
-			else if (s.equalsIgnoreCase("on"))
+                value = true;
-				value = true;
+            } else if (s.equalsIgnoreCase("false")) {
-			else if (s.equalsIgnoreCase("false"))
+                value = false;
-				value = false;
+            } else if (s.equalsIgnoreCase("no")) {
-			else if (s.equalsIgnoreCase("no"))
+                value = false;
-				value = false;
+            } else if (s.equalsIgnoreCase("off")) {
-			else if (s.equalsIgnoreCase("off")) value = false;
+                value = false;
-		}
+            }
+        }
 
-		return value;
+        return value;
-	}
+    }
 
-	private String trimLesson(String lesson)
+    private String trimLesson(String lesson) {
-	{
+        String result = "";
-		String result = "";
 
-		if (lesson.startsWith("org.owasp.webgoat.lessons."))
+        if (lesson.startsWith("org.owasp.webgoat.lessons.")) {
-		{
+            result = lesson.substring("org.owasp.webgoat.lessons.".length(), lesson.length());
-			result = lesson.substring("org.owasp.webgoat.lessons.".length(), lesson.length());
+        } else {
-		}
+            result = lesson;
-		else
+        }
-		{
-			result = lesson;
-		}
 
-		return result;
+        return result;
-	}
+    }
 
-	public static void main(String[] args)
+    public static void main(String[] args) {
-	{
+        WebgoatProperties properties = null;
-		WebgoatProperties properties = null;
+        try {
-		try
+            properties = new WebgoatProperties("C:\\webgoat.properties");
-		{
+        } catch (IOException e) {
-			properties = new WebgoatProperties("C:\\webgoat.properties");
+            System.out.println("Error loading properties");
-		} catch (IOException e)
+            e.printStackTrace();
-		{
+        }
-			System.out.println("Error loading properties");
+        System.out.println(properties.getProperty("CommandInjection.category"));
-			e.printStackTrace();
+    }
-		}
-		System.out.println(properties.getProperty("CommandInjection.category"));
-	}
 
 }

pom.xml

@@ -301,24 +301,6 @@
             <version>${tiles.version}</version>
             <type>jar</type>
         </dependency>
-        <dependency>
-            <groupId>org.apache.tiles</groupId>
-            <artifactId>tiles-template</artifactId>
-            <version>${tiles.version}</version>
-            <type>jar</type>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.tiles</groupId>
-            <artifactId>tiles-servlet</artifactId>
-            <version>${tiles.version}</version>
-            <type>jar</type>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.tiles</groupId>
-            <artifactId>tiles-jsp</artifactId>
-            <version>${tiles.version}</version>
-            <type>jar</type>
-        </dependency>
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-api</artifactId>