dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixing can't login to webgoat #307

Browse Source
This commit is contained in:
Nanne Baars 2017-01-15 16:28:19 +01:00
parent 5d6ad6852a
commit badbabd439
4 changed files with 18 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
webgoat-container/src/main/java/org/owasp/webgoat/WebGoat.java
View File

@ -103,9 +103,8 @@ public class WebGoat extends SpringBootServletInitializer {
@Bean @Bean
@Scope(value = "session", proxyMode = ScopedProxyMode.TARGET_CLASS) @Scope(value = "session", proxyMode = ScopedProxyMode.TARGET_CLASS)
@SneakyThrows @SneakyThrows
public UserTracker userTracker(@Value("${webgoat.user.directory}") final String webgoatHome, public UserTracker userTracker(@Value("${webgoat.user.directory}") final String webgoatHome, WebSession webSession) {
@Value("${webgoat.tracker.overwrite:false}") final boolean overwrite, WebSession webSession) { UserTracker userTracker = new UserTracker(webgoatHome, webSession.getUserName());
UserTracker userTracker = new UserTracker(webgoatHome, webSession.getUserName(), overwrite);
userTracker.load(); userTracker.load();
return userTracker; return userTracker;
} }

16
webgoat-container/src/main/java/org/owasp/webgoat/session/UserTracker.java
View File

@ -3,6 +3,7 @@ package org.owasp.webgoat.session;
import com.google.common.collect.Maps; import com.google.common.collect.Maps;
import lombok.SneakyThrows; import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;
import org.owasp.webgoat.lessons.AbstractLesson; import org.owasp.webgoat.lessons.AbstractLesson;
import org.owasp.webgoat.lessons.Assignment; import org.owasp.webgoat.lessons.Assignment;
import org.springframework.util.FileCopyUtils; import org.springframework.util.FileCopyUtils;
@ -44,17 +45,16 @@ import java.util.stream.Collectors;
* @version $Id: $Id * @version $Id: $Id
* @since October 29, 2003 * @since October 29, 2003
*/ */
@Slf4j
public class UserTracker { public class UserTracker {
private final String webgoatHome; private final String webgoatHome;
private final String user; private final String user;
private final boolean overwrite;
private Map<String, LessonTracker> storage = new HashMap<>(); private Map<String, LessonTracker> storage = new HashMap<>();
public UserTracker(final String webgoatHome, final String user, final boolean overwrite) { public UserTracker(final String webgoatHome, final String user) {
this.webgoatHome = webgoatHome; this.webgoatHome = webgoatHome;
this.user = user; this.user = user;
this.overwrite = overwrite;
} }
/** /**
@ -85,13 +85,15 @@ public class UserTracker {
save(); save();
} }
@SneakyThrows
public void load() { public void load() {
File file = new File(webgoatHome, user + ".progress"); File file = new File(webgoatHome, user + ".progress");
if (overwrite) { if (file.exists() && file.isFile()) {
this.storage = Maps.newHashMap(); try {
} else if (file.exists() && file.isFile()) {
this.storage = (Map<String, LessonTracker>) SerializationUtils.deserialize(FileCopyUtils.copyToByteArray(file)); this.storage = (Map<String, LessonTracker>) SerializationUtils.deserialize(FileCopyUtils.copyToByteArray(file));
} catch (Exception e) {
log.error("Unable to read the progress file, creating a new one...");
this.storage = Maps.newHashMap();
}
} }
} }

2
webgoat-container/src/main/resources/application.properties
View File

@ -15,8 +15,6 @@ security.enable-csrf=false
spring.devtools.restart.enabled=false spring.devtools.restart.enabled=false
spring.resources.cache-period=0 spring.resources.cache-period=0
webgoat.tracker.overwrite=false
webgoat.user.directory=${user.home}/.webgoat/ webgoat.user.directory=${user.home}/.webgoat/
webgoat.build.version=@project.version@ webgoat.build.version=@project.version@
webgoat.build.number=@build.number@ webgoat.build.number=@build.number@

10
webgoat-container/src/test/java/org/owasp/webgoat/session/UserTrackerTest.java
View File

@ -55,20 +55,20 @@ public class UserTrackerTest {
@Test @Test
public void writeAndRead() { public void writeAndRead() {
UserTracker userTracker = new UserTracker(home.getParent(), "test", false); UserTracker userTracker = new UserTracker(home.getParent(), "test");
AbstractLesson lesson = mock(AbstractLesson.class); AbstractLesson lesson = mock(AbstractLesson.class);
when(lesson.getAssignments()).thenReturn(Lists.newArrayList(new Assignment("assignment", "assignment"))); when(lesson.getAssignments()).thenReturn(Lists.newArrayList(new Assignment("assignment", "assignment")));
userTracker.getLessonTracker(lesson); userTracker.getLessonTracker(lesson);
userTracker.assignmentSolved(lesson, lesson.getAssignments().get(0).getName()); userTracker.assignmentSolved(lesson, lesson.getAssignments().get(0).getName());
userTracker = new UserTracker(home.getParent(), "test", false); userTracker = new UserTracker(home.getParent(), "test");
userTracker.load(); userTracker.load();
assertThat(userTracker.getLessonTracker(lesson).isLessonSolved()).isTrue(); assertThat(userTracker.getLessonTracker(lesson).isLessonSolved()).isTrue();
} }
@Test @Test
public void assignmentFailedShouldIncrementAttempts() { public void assignmentFailedShouldIncrementAttempts() {
UserTracker userTracker = new UserTracker(home.getParent(), "test", false); UserTracker userTracker = new UserTracker(home.getParent(), "test");
AbstractLesson lesson = mock(AbstractLesson.class); AbstractLesson lesson = mock(AbstractLesson.class);
when(lesson.getAssignments()).thenReturn(Lists.newArrayList(new Assignment("assignment", "assignment"))); when(lesson.getAssignments()).thenReturn(Lists.newArrayList(new Assignment("assignment", "assignment")));
userTracker.getLessonTracker(lesson); userTracker.getLessonTracker(lesson);
@ -80,7 +80,7 @@ public class UserTrackerTest {
@Test @Test
public void resetShouldClearSolvedAssignment() { public void resetShouldClearSolvedAssignment() {
UserTracker userTracker = new UserTracker(home.getParent(), "test", false); UserTracker userTracker = new UserTracker(home.getParent(), "test");
AbstractLesson lesson = mock(AbstractLesson.class); AbstractLesson lesson = mock(AbstractLesson.class);
when(lesson.getAssignments()).thenReturn(Lists.newArrayList(new Assignment("assignment", "assignment"))); when(lesson.getAssignments()).thenReturn(Lists.newArrayList(new Assignment("assignment", "assignment")));
userTracker.assignmentSolved(lesson, "assignment"); userTracker.assignmentSolved(lesson, "assignment");
@ -92,7 +92,7 @@ public class UserTrackerTest {
@Test @Test
public void totalAssignmentsSolved() { public void totalAssignmentsSolved() {
UserTracker userTracker = new UserTracker(home.getParent(), "test", false); UserTracker userTracker = new UserTracker(home.getParent(), "test");
AbstractLesson lesson = mock(AbstractLesson.class); AbstractLesson lesson = mock(AbstractLesson.class);
when(lesson.getAssignments()).thenReturn(Lists.newArrayList(new Assignment("assignment", "assignment"))); when(lesson.getAssignments()).thenReturn(Lists.newArrayList(new Assignment("assignment", "assignment")));
userTracker.assignmentSolved(lesson, "assignment"); userTracker.assignmentSolved(lesson, "assignment");