Start process of moving shared data to a single place

Shared fields like the database connection details will be stored in a new class WebgoatContext. For the moment, we create this object anew each time, but we will eventually create it once, and pass it to the constructor of WebSession, to provide initial values for each user. git-svn-id: http://webgoat.googlecode.com/svn/trunk@137 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-07-10 11:49:57 +00:00 · 2007-07-10 11:49:57 +00:00 · c4d24dff3a
commit c4d24dff3a
parent c3a5ec5ca8
3 changed files with 99 additions and 91 deletions
--- a/webgoat/main/project/JavaSource/org/owasp/webgoat/session/DatabaseUtilities.java
+++ b/webgoat/main/project/JavaSource/org/owasp/webgoat/session/DatabaseUtilities.java
@ -63,14 +63,14 @@ public class DatabaseUtilities
    public static Connection makeConnection(WebSession s)
 	    throws ClassNotFoundException, SQLException
    {
-	Class.forName(s.getDatabaseDriver());
+	Class.forName(s.getWebgoatContext().getDatabaseDriver());

-	String password = s.getDatabasePassword(); 
+	String password = s.getWebgoatContext().getDatabasePassword();
+	String conn = s.getWebgoatContext().getDatabaseConnectionString();
 	if (password == null || password.equals("")) {
-	return (DriverManager.getConnection(s.getDatabaseConnectionString()));
+		return (DriverManager.getConnection(conn));
 	} else {
-		String conn = s.getDatabaseConnectionString();
-		String user = s.getDatabaseUser();
+		String user = s.getWebgoatContext().getDatabaseUser();
 		return DriverManager.getConnection(conn, user, password);
 	}
    }
--- a/webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java
+++ b/webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java
@ -86,26 +86,6 @@ public class WebSession
 	 */
 	public final static String COLOR = "color";

-	/**
-	 * Description of the Field
-	 */
-	public final static String DATABASE_CONNECTION_STRING = "DatabaseConnectionString";
-
-	/**
-	 * Description of the Field
-	 */
-	public final static String DATABASE_DRIVER = "DatabaseDriver";
-
-	/**
-	 * Description of the Field
-	 */
-	public final static String DATABASE_USER = "DatabaseUser";
-
-	/**
-	 * Description of the Field
-	 */
-	public final static String DATABASE_PASSWORD = "DatabasePassword";
-
 	/**
 	 * Description of the Field
 	 */
@ -203,6 +183,8 @@ public class WebSession
 	 */
 	public final static int WELCOME = -1;

+	private WebgoatContext webgoatContext;
+	
 	private ServletContext context = null;

 	private Course course;
@ -213,14 +195,6 @@ public class WebSession

 	private static boolean databaseBuilt = false;

-	private String databaseConnectionString;
-
-	private String databaseDriver;
-	
-	private String databaseUser;
-
-	private String databasePassword;
-
 	private static Connection connection = null;

 	private int hintNum = -1;
@ -275,6 +249,7 @@ public class WebSession
 	 */
 	public WebSession( HttpServlet servlet, ServletContext context )
 	{
+		webgoatContext = new WebgoatContext(servlet);
 		// initialize from web.xml
 		showParams = "true".equals( servlet.getInitParameter( SHOWPARAMS ) );
 		showCookies = "true".equals( servlet.getInitParameter( SHOWCOOKIES ) );
@ -285,10 +260,6 @@ public class WebSession
 				.getInitParameter( FEEDBACK_ADDRESS ) : feedbackAddress;
 		showRequest = "true".equals( servlet.getInitParameter( SHOWREQUEST ) );
 		isDebug = "true".equals( servlet.getInitParameter( DEBUG ) );
-		databaseConnectionString = servlet.getInitParameter( DATABASE_CONNECTION_STRING );
-		databaseDriver = servlet.getInitParameter( DATABASE_DRIVER );
-		databaseUser = servlet.getInitParameter(DATABASE_USER);
-		databasePassword = servlet.getInitParameter(DATABASE_PASSWORD);
 		servletName = servlet.getServletName();
 		this.context = context;
 		course = new Course();
@ -448,60 +419,6 @@ public class WebSession
 		currentScreen = screen;
 	}

-	/**
-	 * returns the connection string with the real path to the database directory inserted at the
-	 * word PATH
-	 * 
-	 * @return The databaseConnectionString value
-	 */
-	public String getDatabaseConnectionString()
-	{
-		try
-		{
-			String path = context.getRealPath( "/database" ).replace( '\\', '/' );
-			System.out.println( "PATH: " + path );
-			String realConnectionString = databaseConnectionString.replaceAll( "PATH", path );
-			System.out.println( "Database Connection String: " + realConnectionString );
-
-			return realConnectionString;
-		}
-		catch ( Exception e )
-		{
-			System.out.println( "Couldn't open database: check web.xml database parameters" );
-			e.printStackTrace();
-		}
-
-		return null;
-	}
-
-	/**
-	 * Gets the databaseDriver attribute of the WebSession object
-	 * 
-	 * @return The databaseDriver value
-	 */
-	public String getDatabaseDriver()
-	{
-		return ( databaseDriver );
-	}
-	
-	/**
-	 * Gets the databaseUser attribute of the WebSession object
-	 * 
-	 * @return The databaseUser value
-	 */
-	public String getDatabaseUser() {
-		return (databaseUser);
-	}
-
-	/**
-	 * Gets the databasePassword attribute of the WebSession object
-	 * 
-	 * @return The databasePassword value
-	 */
-	public String getDatabasePassword() {
-		return (databasePassword);
-	}
-	       
 	public String getRestartLink()
 	{
 		List<String> parameters = new ArrayList<String>();
@ -1248,4 +1165,8 @@ public class WebSession
 		
 		return ParameterParser.htmlEncode(s);
 	}
+
+	public WebgoatContext getWebgoatContext() {
+		return webgoatContext;
+	}
 }
--- a/webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebgoatContext.java
+++ b/webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebgoatContext.java
@ -0,0 +1,87 @@
+package org.owasp.webgoat.session;
+
+import javax.servlet.http.HttpServlet;
+
+public class WebgoatContext {
+
+	public final static String DATABASE_CONNECTION_STRING = "DatabaseConnectionString";
+
+	public final static String DATABASE_DRIVER = "DatabaseDriver";
+
+	public final static String DATABASE_USER = "DatabaseUser";
+
+	public final static String DATABASE_PASSWORD = "DatabasePassword";
+
+	private String databaseConnectionString;
+
+	private String realConnectionString = null;
+
+	private String databaseDriver;
+
+	private String databaseUser;
+
+	private String databasePassword;
+
+	private HttpServlet servlet;
+
+	public WebgoatContext(HttpServlet servlet) {
+		this.servlet = servlet;
+		databaseConnectionString = servlet
+				.getInitParameter(DATABASE_CONNECTION_STRING);
+		databaseDriver = servlet.getInitParameter(DATABASE_DRIVER);
+		databaseUser = servlet.getInitParameter(DATABASE_USER);
+		databasePassword = servlet.getInitParameter(DATABASE_PASSWORD);
+	}
+
+	/**
+	 * returns the connection string with the real path to the database
+	 * directory inserted at the word PATH
+	 * 
+	 * @return The databaseConnectionString value
+	 */
+	public String getDatabaseConnectionString() {
+		if (realConnectionString == null)
+			try {
+				String path = servlet.getServletContext().getRealPath(
+						"/database").replace('\\', '/');
+				System.out.println("PATH: " + path);
+				realConnectionString = databaseConnectionString.replaceAll(
+						"PATH", path);
+				System.out.println("Database Connection String: "
+						+ realConnectionString);
+			} catch (Exception e) {
+				System.out
+						.println("Couldn't open database: check web.xml database parameters");
+				e.printStackTrace();
+			}
+		return realConnectionString;
+	}
+
+	/**
+	 * Gets the databaseDriver attribute of the WebSession object
+	 * 
+	 * @return The databaseDriver value
+	 */
+	public String getDatabaseDriver() {
+		return (databaseDriver);
+	}
+
+	/**
+	 * Gets the databaseUser attribute of the WebSession object
+	 * 
+	 * @return The databaseUser value
+	 */
+	public String getDatabaseUser() {
+		return (databaseUser);
+	}
+
+	/**
+	 * Gets the databasePassword attribute of the WebSession object
+	 * 
+	 * @return The databasePassword value
+	 */
+	public String getDatabasePassword() {
+		return (databasePassword);
+	}
+
+}