From c4d24dff3a919f41cd8a3709d10908f646e3ef33 Mon Sep 17 00:00:00 2001
From: "rogan.dawes" <rogan.dawes@4033779f-a91e-0410-96ef-6bf7bf53c507>
Date: Tue, 10 Jul 2007 11:49:57 +0000
Subject: [PATCH] Start process of moving shared data to a single place

Shared fields like the database connection details will be
stored in a new class WebgoatContext.

For the moment, we create this object anew each time, but
we will eventually create it once, and pass it to the
constructor of WebSession, to provide initial values for
each user.


git-svn-id: http://webgoat.googlecode.com/svn/trunk@137 4033779f-a91e-0410-96ef-6bf7bf53c507
---
 .../webgoat/session/DatabaseUtilities.java    | 10 +-
 .../org/owasp/webgoat/session/WebSession.java | 93 ++-----------------
 .../owasp/webgoat/session/WebgoatContext.java | 87 +++++++++++++++++
 3 files changed, 99 insertions(+), 91 deletions(-)
 create mode 100755  webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebgoatContext.java

diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/DatabaseUtilities.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/DatabaseUtilities.java
index c63e5a2be..5dfec7157 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/DatabaseUtilities.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/DatabaseUtilities.java	
@@ -63,14 +63,14 @@ public class DatabaseUtilities
     public static Connection makeConnection(WebSession s)
 	    throws ClassNotFoundException, SQLException
     {
-	Class.forName(s.getDatabaseDriver());
+	Class.forName(s.getWebgoatContext().getDatabaseDriver());
 
-	String password = s.getDatabasePassword(); 
+	String password = s.getWebgoatContext().getDatabasePassword();
+	String conn = s.getWebgoatContext().getDatabaseConnectionString();
 	if (password == null || password.equals("")) {
-	return (DriverManager.getConnection(s.getDatabaseConnectionString()));
+		return (DriverManager.getConnection(conn));
 	} else {
-		String conn = s.getDatabaseConnectionString();
-		String user = s.getDatabaseUser();
+		String user = s.getWebgoatContext().getDatabaseUser();
 		return DriverManager.getConnection(conn, user, password);
 	}
     }
diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java
index 4bbf5034e..6886aa117 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java	
@@ -86,26 +86,6 @@ public class WebSession
 	 */
 	public final static String COLOR = "color";
 
-	/**
-	 * Description of the Field
-	 */
-	public final static String DATABASE_CONNECTION_STRING = "DatabaseConnectionString";
-
-	/**
-	 * Description of the Field
-	 */
-	public final static String DATABASE_DRIVER = "DatabaseDriver";
-
-	/**
-	 * Description of the Field
-	 */
-	public final static String DATABASE_USER = "DatabaseUser";
-
-	/**
-	 * Description of the Field
-	 */
-	public final static String DATABASE_PASSWORD = "DatabasePassword";
-
 	/**
 	 * Description of the Field
 	 */
@@ -203,6 +183,8 @@ public class WebSession
 	 */
 	public final static int WELCOME = -1;
 
+	private WebgoatContext webgoatContext;
+	
 	private ServletContext context = null;
 
 	private Course course;
@@ -213,14 +195,6 @@ public class WebSession
 
 	private static boolean databaseBuilt = false;
 
-	private String databaseConnectionString;
-
-	private String databaseDriver;
-	
-	private String databaseUser;
-
-	private String databasePassword;
-
 	private static Connection connection = null;
 
 	private int hintNum = -1;
@@ -275,6 +249,7 @@ public class WebSession
 	 */
 	public WebSession( HttpServlet servlet, ServletContext context )
 	{
+		webgoatContext = new WebgoatContext(servlet);
 		// initialize from web.xml
 		showParams = "true".equals( servlet.getInitParameter( SHOWPARAMS ) );
 		showCookies = "true".equals( servlet.getInitParameter( SHOWCOOKIES ) );
@@ -285,10 +260,6 @@ public class WebSession
 				.getInitParameter( FEEDBACK_ADDRESS ) : feedbackAddress;
 		showRequest = "true".equals( servlet.getInitParameter( SHOWREQUEST ) );
 		isDebug = "true".equals( servlet.getInitParameter( DEBUG ) );
-		databaseConnectionString = servlet.getInitParameter( DATABASE_CONNECTION_STRING );
-		databaseDriver = servlet.getInitParameter( DATABASE_DRIVER );
-		databaseUser = servlet.getInitParameter(DATABASE_USER);
-		databasePassword = servlet.getInitParameter(DATABASE_PASSWORD);
 		servletName = servlet.getServletName();
 		this.context = context;
 		course = new Course();
@@ -448,60 +419,6 @@ public class WebSession
 		currentScreen = screen;
 	}
 
-	/**
-	 * returns the connection string with the real path to the database directory inserted at the
-	 * word PATH
-	 * 
-	 * @return The databaseConnectionString value
-	 */
-	public String getDatabaseConnectionString()
-	{
-		try
-		{
-			String path = context.getRealPath( "/database" ).replace( '\\', '/' );
-			System.out.println( "PATH: " + path );
-			String realConnectionString = databaseConnectionString.replaceAll( "PATH", path );
-			System.out.println( "Database Connection String: " + realConnectionString );
-
-			return realConnectionString;
-		}
-		catch ( Exception e )
-		{
-			System.out.println( "Couldn't open database: check web.xml database parameters" );
-			e.printStackTrace();
-		}
-
-		return null;
-	}
-
-	/**
-	 * Gets the databaseDriver attribute of the WebSession object
-	 * 
-	 * @return The databaseDriver value
-	 */
-	public String getDatabaseDriver()
-	{
-		return ( databaseDriver );
-	}
-	
-	/**
-	 * Gets the databaseUser attribute of the WebSession object
-	 * 
-	 * @return The databaseUser value
-	 */
-	public String getDatabaseUser() {
-		return (databaseUser);
-	}
-
-	/**
-	 * Gets the databasePassword attribute of the WebSession object
-	 * 
-	 * @return The databasePassword value
-	 */
-	public String getDatabasePassword() {
-		return (databasePassword);
-	}
-	       
 	public String getRestartLink()
 	{
 		List<String> parameters = new ArrayList<String>();
@@ -1248,4 +1165,8 @@ public class WebSession
 		
 		return ParameterParser.htmlEncode(s);
 	}
+
+	public WebgoatContext getWebgoatContext() {
+		return webgoatContext;
+	}
 }
diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebgoatContext.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebgoatContext.java
new file mode 100755
index 000000000..cde9fd9ed
--- /dev/null
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebgoatContext.java	
@@ -0,0 +1,87 @@
+package org.owasp.webgoat.session;
+
+import javax.servlet.http.HttpServlet;
+
+public class WebgoatContext {
+
+	public final static String DATABASE_CONNECTION_STRING = "DatabaseConnectionString";
+
+	public final static String DATABASE_DRIVER = "DatabaseDriver";
+
+	public final static String DATABASE_USER = "DatabaseUser";
+
+	public final static String DATABASE_PASSWORD = "DatabasePassword";
+
+	private String databaseConnectionString;
+
+	private String realConnectionString = null;
+
+	private String databaseDriver;
+
+	private String databaseUser;
+
+	private String databasePassword;
+
+	private HttpServlet servlet;
+
+	public WebgoatContext(HttpServlet servlet) {
+		this.servlet = servlet;
+		databaseConnectionString = servlet
+				.getInitParameter(DATABASE_CONNECTION_STRING);
+		databaseDriver = servlet.getInitParameter(DATABASE_DRIVER);
+		databaseUser = servlet.getInitParameter(DATABASE_USER);
+		databasePassword = servlet.getInitParameter(DATABASE_PASSWORD);
+	}
+
+	/**
+	 * returns the connection string with the real path to the database
+	 * directory inserted at the word PATH
+	 * 
+	 * @return The databaseConnectionString value
+	 */
+	public String getDatabaseConnectionString() {
+		if (realConnectionString == null)
+			try {
+				String path = servlet.getServletContext().getRealPath(
+						"/database").replace('\\', '/');
+				System.out.println("PATH: " + path);
+				realConnectionString = databaseConnectionString.replaceAll(
+						"PATH", path);
+				System.out.println("Database Connection String: "
+						+ realConnectionString);
+			} catch (Exception e) {
+				System.out
+						.println("Couldn't open database: check web.xml database parameters");
+				e.printStackTrace();
+			}
+		return realConnectionString;
+	}
+
+	/**
+	 * Gets the databaseDriver attribute of the WebSession object
+	 * 
+	 * @return The databaseDriver value
+	 */
+	public String getDatabaseDriver() {
+		return (databaseDriver);
+	}
+
+	/**
+	 * Gets the databaseUser attribute of the WebSession object
+	 * 
+	 * @return The databaseUser value
+	 */
+	public String getDatabaseUser() {
+		return (databaseUser);
+	}
+
+	/**
+	 * Gets the databasePassword attribute of the WebSession object
+	 * 
+	 * @return The databasePassword value
+	 */
+	public String getDatabasePassword() {
+		return (databasePassword);
+	}
+
+}