Previously we would just get a connection to the same database, regardless
of the user specified in the connect string. Trying to create
HSQLDB users did not seem to work. Non-ADMIN users don't have
CREATE TABLE privileges, it seems, and I couldn't find docs that
describe how to GRANT CREATE TABLE privileges. Go figure.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@192 4033779f-a91e-0410-96ef-6bf7bf53c507
This creates the infrastructure to allow WebGoat to create per-user
databases, so that any modifications made by one user do not affect
other users. Some lessons may have made provision for this internally
(e.g. CrossSiteScripting lesson), but this simplifies things generally.
This also switches the default database from Access on windows, and
Enhydra on Unix/other platforms to using HSQLDB, in an "in-memory"
configuration. We may get performance problems from having too many
instances of the database in memory at once at sites that have 10's
of users banging on a central WebGoat. Only time will tell.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@190 4033779f-a91e-0410-96ef-6bf7bf53c507
Rather than constructing URL's manually all the time, rather
make use of existing mechanisms to create the URL, and use
it consistently.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@184 4033779f-a91e-0410-96ef-6bf7bf53c507
While we are about it, make AbstractLesson.getLink() include
the category (i.e. menu), so that the menu selection script
will still work.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@183 4033779f-a91e-0410-96ef-6bf7bf53c507
We provide an automatic message on completion, which is easy to override.
Simply call setMessage() AFTER calling setStageComplete().
git-svn-id: http://webgoat.googlecode.com/svn/trunk@180 4033779f-a91e-0410-96ef-6bf7bf53c507
I don't know how to get back to the point in the SVN history
to fix this so that the build will actually work. I guess
I'd better just apply it here.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@177 4033779f-a91e-0410-96ef-6bf7bf53c507
Since the webservices lessons are also created automatically by
Axis, which obviously does not have a reference to WebgoatContext,
and wouldn't call setWebgoatContext even if it did, we need to ensure
that each lesson created can still get to WebgoatContext.
Do this by maintaining a static reference to WebgoatContext that
all instances of the class can use.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@165 4033779f-a91e-0410-96ef-6bf7bf53c507
Also update the signature of DefaultLessonAction's constructor to take a GoatHillsFinancial,
rather than an AbstractLesson
git-svn-id: http://webgoat.googlecode.com/svn/trunk@156 4033779f-a91e-0410-96ef-6bf7bf53c507
Each lesson simply overrides registerActions(classname) to do the necessary.
Also delete Actions which already exist in the base class package
git-svn-id: http://webgoat.googlecode.com/svn/trunk@154 4033779f-a91e-0410-96ef-6bf7bf53c507
This "lesson" is to be used as a base for the rest of the
LAB lessons. This should help to reduce the amount of
duplication across the lessons.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@150 4033779f-a91e-0410-96ef-6bf7bf53c507
