diff --git a/.gitignore b/.gitignore index ca73a7e10..c785967b3 100644 --- a/.gitignore +++ b/.gitignore @@ -32,4 +32,6 @@ classes/* /*.iml .extract/* -UserDatabase.mv.db \ No newline at end of file +UserDatabase.mv.db +webgoat-container/src/main/webapp/users/guest.org.owasp.webgoat.plugin.*.props +webgoat-container/src/main/webapp/plugin_lessons/dist-*.pom \ No newline at end of file diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginsLoader.java b/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginsLoader.java index cdea39ee2..1a02be5fd 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginsLoader.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginsLoader.java @@ -8,7 +8,6 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import java.io.IOException; -import java.net.URISyntaxException; import java.net.URL; import java.nio.file.FileVisitResult; import java.nio.file.Files; @@ -17,6 +16,11 @@ import java.nio.file.Paths; import java.nio.file.SimpleFileVisitor; import java.nio.file.attribute.BasicFileAttributes; import java.util.List; +import java.util.concurrent.Callable; +import java.util.concurrent.CompletionService; +import java.util.concurrent.ExecutorCompletionService; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; public class PluginsLoader implements Runnable { @@ -35,7 +39,7 @@ public class PluginsLoader implements Runnable { } public List loadPlugins(final boolean reload) { - final PluginClassLoader cl = (PluginClassLoader)Thread.currentThread().getContextClassLoader(); + final PluginClassLoader cl = (PluginClassLoader) Thread.currentThread().getContextClassLoader(); List plugins = Lists.newArrayList(); try { @@ -43,7 +47,7 @@ public class PluginsLoader implements Runnable { List jars = listJars(); cl.addURL(jars); plugins = processPlugins(jars, reload); - } catch (IOException | URISyntaxException e) { + } catch (Exception e) { logger.error("Loading plugins failed", e); } return plugins; @@ -64,13 +68,18 @@ public class PluginsLoader implements Runnable { return jars; } - private List processPlugins(List jars, boolean reload) throws URISyntaxException, IOException { + private List processPlugins(List jars, boolean reload) throws Exception { final List plugins = Lists.newArrayList(); - for (URL jar : jars) { - - PluginExtractor extractor = new PluginExtractor(Paths.get(jar.toURI())); - extractor.extract(pluginTarget); + final ExecutorService executorService = Executors.newFixedThreadPool(20); + final CompletionService completionService = new ExecutorCompletionService<>(executorService); + final List> callables = extractJars(jars); + for (Callable s : callables) { + completionService.submit(s); + } + int n = callables.size(); + for (int i = 0; i < n; i++) { + PluginExtractor extractor = completionService.take().get(); Plugin plugin = new Plugin(pluginTarget, extractor.getClasses()); if (plugin.getLesson().isPresent()) { PluginFileUtils.createDirsIfNotExists(pluginTarget); @@ -83,6 +92,22 @@ public class PluginsLoader implements Runnable { return plugins; } + private List> extractJars(List jars) { + List> extractorCallables = Lists.newArrayList(); + for (final URL jar : jars) { + extractorCallables.add(new Callable() { + + @Override + public PluginExtractor call() throws Exception { + PluginExtractor extractor = new PluginExtractor(Paths.get(jar.toURI())); + extractor.extract(pluginTarget); + return extractor; + } + }); + } + return extractorCallables; + } + @Override public void run() { loadPlugins(true); diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/session/WebSession.java b/webgoat-container/src/main/java/org/owasp/webgoat/session/WebSession.java index b479a3d7e..879c3af03 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/session/WebSession.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/session/WebSession.java @@ -842,13 +842,17 @@ public class WebSession { } else if (al instanceof RandomLessonAdapter) { try { RandomLessonAdapter rla = (RandomLessonAdapter) al; - int stage = myParser.getIntParameter(STAGE) - 1; - String[] stages = rla.getStages(); - if (stages == null) { - stages = new String[0]; - } - if (stage >= 0 && stage < stages.length) { - rla.setStage(this, stages[stage]); + if (!myParser.getRawParameter(STAGE).equals("null")) { + int stage = myParser.getIntParameter(STAGE) - 1; + String[] stages = rla.getStages(); + if (stages == null) { + stages = new String[0]; + } + if (stage >= 0 && stage < stages.length) { + rla.setStage(this, stages[stage]); + } + } else { + rla.setStage(this, null); } } catch (ParameterNotFoundException pnfe) { } diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/util/LabelProvider.java b/webgoat-container/src/main/java/org/owasp/webgoat/util/LabelProvider.java index 5aa3a85c8..4c1192c52 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/util/LabelProvider.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/util/LabelProvider.java @@ -2,12 +2,13 @@ package org.owasp.webgoat.util; import org.springframework.context.support.ReloadableResourceBundleMessageSource; -import org.springframework.core.io.FileSystemResource; import org.springframework.core.io.Resource; import org.springframework.core.io.ResourceLoader; +import org.springframework.core.io.UrlResource; import org.springframework.stereotype.Component; import javax.inject.Singleton; +import java.net.MalformedURLException; import java.nio.file.Path; import java.util.Arrays; import java.util.List; @@ -66,7 +67,11 @@ public class LabelProvider { pluginLabels.setResourceLoader(new ResourceLoader() { @Override public Resource getResource(String location) { - return new FileSystemResource(propertyFile.toFile()); + try { + return new UrlResource(propertyFile.toUri()); + } catch (MalformedURLException e) { + throw new RuntimeException(e); + } } @Override