First attempt to remove JSP and move to Thymeleaf and update to Spring Boot. The Thymeleaf templates can be loaded as snippets which makes it more easy to move away from ECS and create normal HTML pages for a lesson.
This commit is contained in:
Nanne Baars
@ -1,59 +0,0 @@
|
||||
/*
|
||||
* To change this license header, choose License Headers in Project Properties.
|
||||
* To change this template file, choose Tools | Templates
|
||||
* and open the template in the editor.
|
||||
*/
|
||||
package org.owasp.webgoat.controller;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpSession;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
/**
|
||||
* <p>About class.</p>
|
||||
*
|
||||
* @author rlawson
|
||||
* @version $Id: $Id
|
||||
*/
|
||||
@Controller
|
||||
public class About {
|
||||
|
||||
final Logger logger = LoggerFactory.getLogger(About.class);
|
||||
private static final String WELCOMED = "welcomed";
|
||||
|
||||
/**
|
||||
* <p>welcome.</p>
|
||||
*
|
||||
* @param request a {@link javax.servlet.http.HttpServletRequest} object.
|
||||
* @param error a {@link java.lang.String} object.
|
||||
* @param logout a {@link java.lang.String} object.
|
||||
* @return a {@link org.springframework.web.servlet.ModelAndView} object.
|
||||
*/
|
||||
@RequestMapping(value = "about.mvc", method = RequestMethod.GET)
|
||||
public ModelAndView welcome(HttpServletRequest request,
|
||||
@RequestParam(value = "error", required = false) String error,
|
||||
@RequestParam(value = "logout", required = false) String logout) {
|
||||
|
||||
// set the welcome attribute
|
||||
// this is so the attack servlet does not also
|
||||
// send them to the welcome page
|
||||
HttpSession session = request.getSession();
|
||||
if (session.getAttribute(WELCOMED) == null) {
|
||||
session.setAttribute(WELCOMED, "true");
|
||||
}
|
||||
|
||||
//go ahead and send them to webgoat (skip the welcome page)
|
||||
ModelAndView model = new ModelAndView();
|
||||
//model.setViewName("welcome");
|
||||
//model.setViewName("main_new");
|
||||
model.setViewName("about");
|
||||
return model;
|
||||
}
|
||||
|
||||
}
|
||||
@ -5,44 +5,38 @@
|
||||
*/
|
||||
package org.owasp.webgoat.controller;
|
||||
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
/**
|
||||
* <p>Login class.</p>
|
||||
*
|
||||
* @author rlawson
|
||||
* @version $Id: $Id
|
||||
*/
|
||||
@Controller
|
||||
//@Controller
|
||||
public class Login {
|
||||
|
||||
/**
|
||||
* <p>login.</p>
|
||||
*
|
||||
* @param error a {@link java.lang.String} object.
|
||||
* @param logout a {@link java.lang.String} object.
|
||||
* @return a {@link org.springframework.web.servlet.ModelAndView} object.
|
||||
*/
|
||||
@RequestMapping(value = "login.mvc", method = RequestMethod.GET)
|
||||
public ModelAndView login(
|
||||
@RequestParam(value = "error", required = false) String error,
|
||||
@RequestParam(value = "logout", required = false) String logout) {
|
||||
|
||||
ModelAndView model = new ModelAndView();
|
||||
if (error != null) {
|
||||
model.addObject("error", "Invalid username and password!");
|
||||
}
|
||||
|
||||
if (logout != null) {
|
||||
model.addObject("msg", "You've been logged out successfully.");
|
||||
}
|
||||
model.setViewName("login");
|
||||
|
||||
return model;
|
||||
|
||||
}
|
||||
// /**
|
||||
// * <p>login.</p>
|
||||
// *
|
||||
// * @param error a {@link java.lang.String} object.
|
||||
// * @param logout a {@link java.lang.String} object.
|
||||
// * @return a {@link org.springframework.web.servlet.ModelAndView} object.
|
||||
// */
|
||||
// @RequestMapping(path = "login.mvc", method = RequestMethod.GET)
|
||||
// public ModelAndView login(
|
||||
// @RequestParam(value = "error", required = false) String error,
|
||||
// @RequestParam(value = "logout", required = false) String logout) {
|
||||
//
|
||||
// ModelAndView model = new ModelAndView();
|
||||
// if (error != null) {
|
||||
// model.addObject("error", "Invalid username and password!");
|
||||
// }
|
||||
//
|
||||
// if (logout != null) {
|
||||
// model.addObject("msg", "You've been logged out successfully.");
|
||||
// }
|
||||
// model.setViewName("login");
|
||||
//
|
||||
// return model;
|
||||
//
|
||||
// }
|
||||
}
|
||||
|
||||
@ -31,7 +31,7 @@ public class Logout {
|
||||
* @param logout a {@link java.lang.String} object.
|
||||
* @return a {@link org.springframework.web.servlet.ModelAndView} object.
|
||||
*/
|
||||
@RequestMapping(value = "logout.mvc", method = RequestMethod.GET)
|
||||
@RequestMapping(path = "logout.mvc", method = RequestMethod.GET)
|
||||
public ModelAndView logout(
|
||||
@RequestParam(value = "error", required = false) String error,
|
||||
@RequestParam(value = "logout", required = false) String logout) {
|
||||
|
||||
@ -5,10 +5,6 @@
|
||||
*/
|
||||
package org.owasp.webgoat.controller;
|
||||
|
||||
import java.util.Collection;
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpSession;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.owasp.webgoat.application.Application;
|
||||
import org.owasp.webgoat.session.WebSession;
|
||||
@ -20,9 +16,13 @@ import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpSession;
|
||||
import java.util.Collection;
|
||||
|
||||
/**
|
||||
* <p>Start class.</p>
|
||||
*
|
||||
@ -43,14 +43,10 @@ public class Start {
|
||||
* <p>start.</p>
|
||||
*
|
||||
* @param request a {@link javax.servlet.http.HttpServletRequest} object.
|
||||
* @param error a {@link java.lang.String} object.
|
||||
* @param logout a {@link java.lang.String} object.
|
||||
* @return a {@link org.springframework.web.servlet.ModelAndView} object.
|
||||
*/
|
||||
@RequestMapping(value = "start.mvc", method = {RequestMethod.GET, RequestMethod.POST})
|
||||
public ModelAndView start(HttpServletRequest request,
|
||||
@RequestParam(value = "error", required = false) String error,
|
||||
@RequestParam(value = "logout", required = false) String logout) {
|
||||
@RequestMapping(path = "start.mvc", method = {RequestMethod.GET, RequestMethod.POST})
|
||||
public ModelAndView start(HttpServletRequest request) {
|
||||
|
||||
ModelAndView model = new ModelAndView();
|
||||
// make sure session is set up correctly
|
||||
|
||||
@ -5,16 +5,14 @@
|
||||
*/
|
||||
package org.owasp.webgoat.controller;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpSession;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
/**
|
||||
* <p>Welcome class.</p>
|
||||
*
|
||||
@ -23,22 +21,17 @@ import org.springframework.web.servlet.ModelAndView;
|
||||
*/
|
||||
@Controller
|
||||
public class Welcome {
|
||||
|
||||
final Logger logger = LoggerFactory.getLogger(Welcome.class);
|
||||
|
||||
private static final String WELCOMED = "welcomed";
|
||||
|
||||
/**
|
||||
* <p>welcome.</p>
|
||||
*
|
||||
* @param request a {@link javax.servlet.http.HttpServletRequest} object.
|
||||
* @param error a {@link java.lang.String} object.
|
||||
* @param logout a {@link java.lang.String} object.
|
||||
* @return a {@link org.springframework.web.servlet.ModelAndView} object.
|
||||
*/
|
||||
@RequestMapping(value = "welcome.mvc", method = RequestMethod.GET)
|
||||
public ModelAndView welcome(HttpServletRequest request,
|
||||
@RequestParam(value = "error", required = false) String error,
|
||||
@RequestParam(value = "logout", required = false) String logout) {
|
||||
@RequestMapping(path = "welcome.mvc", method = RequestMethod.GET)
|
||||
public ModelAndView welcome(HttpServletRequest request) {
|
||||
|
||||
// set the welcome attribute
|
||||
// this is so the attack servlet does not also
|
||||
|
||||
Reference in New Issue
Block a user