Add FAQ for running WebGoat on your host IP

git-svn-id: http://webgoat.googlecode.com/svn/trunk@118 4033779f-a91e-0410-96ef-6bf7bf53c507

webgoat/main/readme.txt

@@ -1,9 +1,10 @@
 **********          WebGoat 5.0
-**********          01.31.2007
+**********          03.09.2007
 **********
 **
 **  Source Code:  http://code.google.com/p/webgoat
 **  Download:     http://sourceforge.net/project/showfiles.php?group_id=64424&package_id=61824
+**  Download:     http://code.google.com/p/webgoat/downloads/list   (Does not have Windows release)
 **  User Guide:   http://www.owasp.org/index.php/WebGoat_User_and_Install_Guide_Table_of_Contents
 **  Home Page:    http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
 **  Contact Info: webgoat@g2-inc.com
@@ -111,10 +112,12 @@ Q. I put the OWASP downloaded war file in my tomcat/webapps directory and the
    http://localhost/WebGoat/attack url doesn't work.
 A. Rename the downloaded war file to WebGoat.war.  Delete the existing tomcat/webapps/*WebGoat* directories.
 
+
 Q. I dropped the WebGoat war file into my non-Tomcat application server and WebGoat doesn't seem to work.
 A. WebGoat uses some of the internal Tomcat classes for user management.  Unfortunately, this makes 
    WebGoat dependent on Tomcat.  Hopefully, this will be addressed in a future release.
 
+
 Q. Having problems with the ant file working properly. How do I configure my ant environment 
    so that I don't receive errors such as:
 	- "Specified VM install not found: type Standard VM, name j2sdk1.4.2.06"
@@ -128,11 +131,13 @@ A. This usually indicates an Eclipse environment setting misconfiguration. Here
 		- Click Apply, Click OK.
 		- Return to the Ant View and refresh.
 
+
 Q. When I start up WebGoat it dies very quickly.
 A. WebGoat is a Java application that runs on Tomcat using port 80.  If you have another 
    application listening on port 80 (like IIS), you will need to change WebGoat's port 
    (to 8080 or something) in the tomcat_root/conf/server.xml file.
 
+
 Q. When I deploy the war file to the Tomcat wepapps directory, I can't login to WebGoat
 A. You need to add the webgoat users and roles to tomcat/conf/tomcat-users.xml
 
@@ -149,4 +154,37 @@ A. You need to add the webgoat users and roles to tomcat/conf/tomcat-users.xml
     </tomcat-users>
 
 
+Q. How do I get configure WebGoat to run on an IP other then localhost?
+A. In the webgoat.bat file, in the root directory, the following lines
+   are executed: 
+
+      delete .\tomcat\conf\server.xml 
+      copy .\tomcat\conf\server_80.xml .\tomcat\conf\server.xml 
+
+   This will overwrite any changes you may have made to server.xml 
+   file that addressed this issue.... 
+
+   By changing the server_80.xml file (or by removing the above code
+   from webgoat.bat, after making your changes) you can reflect your
+   changes to the Tomcat configuration. You will need to change the IP
+   address in the server_80.xml file to be the IP of the host machine.
+
+   The following connectors should be modified
+      <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 --> 
+      <Connector address="10.20.20.123" port="80" 
+      ... 
+      <!-- Define a SSL HTTP/1.1 Connector on port 8443 --> 
+      <Connector address="10.20.20.123" port="443" 
+      .... 
+
+   where the 127.0.0.1 will be replaced by your IP. In this case
+   10.20.20.123
+
+
+Q. How do I solve lesson X?
+A. Subscribe to the WebGoat mailing list at owasp-webgoat@lists.owasp.org.
+   Post your question to owasp-webgoat@lists.owasp.org
+
+	
+
 Please send questions, comments, suggestions, bugs, etc to webgoat@g2-inc.com