New version number

Wrong image name mentioned in lesson for WebWolf
By default binds to ALL network interfaces #431
2018-04-11 20:45:12 +02:00 · 2018-04-11 20:22:19 +02:00 · 2018-01-30 07:18:05 +01:00 · 2018-01-29 15:43:19 +01:00 · 2018-01-29 15:32:02 +01:00 · 2018-01-29 15:29:48 +01:00
48 changed files with 105 additions and 74 deletions
--- a/pom.xml
+++ b/pom.xml
@ -5,7 +5,7 @@
    <groupId>org.owasp.webgoat</groupId>
    <artifactId>webgoat-parent</artifactId>
    <packaging>pom</packaging>
-    <version>8.0.0.M3</version>
+    <version>v8.0.0.M14</version>

    <name>WebGoat Parent Pom</name>
    <description>Parent Pom for the WebGoat Project. A deliberately insecure Web Application</description>
--- a/scripts/deploy-webgoat.sh
+++ b/scripts/deploy-webgoat.sh
@ -17,6 +17,24 @@ elif [ ! -z "${TRAVIS_TAG}" ]; then
 #elif [ "${BRANCH}" == "develop" ]; then
 #  docker build -f Dockerfile -t $REPO:snapshot .
 #  docker push $REPO
+else
+  echo "Skipping releasing to DockerHub because it is a build of branch ${BRANCH}"
+fi
+
+
+export REPO=webgoat/webwolf
+cd ..
+cd webwolf
+ls target/
+
+if [ "${BRANCH}" == "master" ] && [ ! -z "${TRAVIS_TAG}" ]; then
+  # If we push a tag to master this will update the LATEST Docker image and tag with the version number
+  docker build --build-arg webwolf_version=${TRAVIS_TAG:1} -f Dockerfile -t $REPO:latest -t $REPO:${TRAVIS_TAG} .
+  docker push $REPO
+elif [ ! -z "${TRAVIS_TAG}" ]; then
+  # Creating a tag build we push it to Docker with that tag
+  docker build --build-arg webwolf_version=${TRAVIS_TAG:1} -f Dockerfile -t $REPO:${TRAVIS_TAG} -t $REPO:latest .
+  docker push $REPO
 else
  echo "Skipping releasing to DockerHub because it is a build of branch ${BRANCH}"
 fi
--- a/webgoat-container/pom.xml
+++ b/webgoat-container/pom.xml
@ -10,7 +10,7 @@
    <parent>
        <groupId>org.owasp.webgoat</groupId>
        <artifactId>webgoat-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>

    <profiles>
--- a/webgoat-container/src/main/java/org/owasp/webgoat/assignments/AssignmentEndpoint.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/assignments/AssignmentEndpoint.java
@ -55,7 +55,7 @@ public abstract class AssignmentEndpoint extends Endpoint {

 	//// TODO: 11/13/2016 events better fit?
    protected AttackResult trackProgress(AttackResult attackResult) {
-        UserTracker userTracker = userTrackerRepository.findOne(webSession.getUserName());
+        UserTracker userTracker = userTrackerRepository.findByUser(webSession.getUserName());
        if (userTracker == null) {
            userTracker = new UserTracker(webSession.getUserName());
        }
--- a/webgoat-container/src/main/java/org/owasp/webgoat/lessons/Assignment.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/lessons/Assignment.java
@ -1,11 +1,9 @@
 package org.owasp.webgoat.lessons;

+import com.google.common.collect.Lists;
 import lombok.*;

-import javax.persistence.Entity;
-import javax.persistence.Id;
-import javax.persistence.OneToMany;
-import javax.persistence.Transient;
+import javax.persistence.*;
 import java.util.List;

 /**
@ -37,19 +35,30 @@ import java.util.List;
 * @version $Id: $Id
 * @since November 25, 2016
 */
-@AllArgsConstructor
-@RequiredArgsConstructor
-@NoArgsConstructor
@Getter
@EqualsAndHashCode
@Entity
 public class Assignment {
-    @NonNull
+
    @Id
+    @GeneratedValue(strategy = GenerationType.AUTO)
+    private Long id;
    private String name;
-    @NonNull
    private String path;
    @Transient
    private List<String> hints;

+    private Assignment() {
+        //Hibernate
+    }
+
+    public Assignment(String name, String path) {
+        this(name, path, Lists.newArrayList());
+    }
+
+    public Assignment(String name, String path, List<String> hints) {
+        this.name = name;
+        this.path = path;
+        this.hints = hints;
+    }
 }
--- a/webgoat-container/src/main/java/org/owasp/webgoat/service/LessonMenuService.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/service/LessonMenuService.java
@ -73,7 +73,7 @@ public class LessonMenuService {
    List<LessonMenuItem> showLeftNav() {
        List<LessonMenuItem> menu = new ArrayList<>();
        List<Category> categories = course.getCategories();
-        UserTracker userTracker = userTrackerRepository.findOne(webSession.getUserName());
+        UserTracker userTracker = userTrackerRepository.findByUser(webSession.getUserName());

        for (Category category : categories) {
            LessonMenuItem categoryItem = new LessonMenuItem();
--- a/webgoat-container/src/main/java/org/owasp/webgoat/service/LessonProgressService.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/service/LessonProgressService.java
@ -40,7 +40,7 @@ public class LessonProgressService {
    @RequestMapping(value = "/service/lessonprogress.mvc", produces = "application/json")
    @ResponseBody
    public Map getLessonInfo() {
-        UserTracker userTracker = userTrackerRepository.findOne(webSession.getUserName());
+        UserTracker userTracker = userTrackerRepository.findByUser(webSession.getUserName());
        LessonTracker lessonTracker = userTracker.getLessonTracker(webSession.getCurrentLesson());
        Map json = Maps.newHashMap();
        String successMessage = "";
@ -63,7 +63,7 @@ public class LessonProgressService {
    @RequestMapping(value = "/service/lessonoverview.mvc", produces = "application/json")
    @ResponseBody
    public List<LessonOverview> lessonOverview() {
-        UserTracker userTracker = userTrackerRepository.findOne(webSession.getUserName());
+        UserTracker userTracker = userTrackerRepository.findByUser(webSession.getUserName());
        AbstractLesson currentLesson = webSession.getCurrentLesson();
        List<LessonOverview> result = Lists.newArrayList();
        if ( currentLesson != null ) {
--- a/webgoat-container/src/main/java/org/owasp/webgoat/service/ReportCardService.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/service/ReportCardService.java
@ -64,7 +64,7 @@ public class ReportCardService {
    @GetMapping(path = "/service/reportcard.mvc", produces = "application/json")
    @ResponseBody
    public ReportCard reportCard() {
-        UserTracker userTracker = userTrackerRepository.findOne(webSession.getUserName());
+        UserTracker userTracker = userTrackerRepository.findByUser(webSession.getUserName());
        List<AbstractLesson> lessons = course.getLessons();
        ReportCard reportCard = new ReportCard();
        reportCard.setTotalNumberOfLessons(course.getTotalOfLessons());
--- a/webgoat-container/src/main/java/org/owasp/webgoat/service/RestartLessonService.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/service/RestartLessonService.java
@ -59,7 +59,7 @@ public class RestartLessonService {
        AbstractLesson al = webSession.getCurrentLesson();
        log.debug("Restarting lesson: " + al);

-        UserTracker userTracker = userTrackerRepository.findOne(webSession.getUserName());
+        UserTracker userTracker = userTrackerRepository.findByUser(webSession.getUserName());
        userTracker.reset(al);
        userTrackerRepository.save(userTracker);
    }
--- a/webgoat-container/src/main/java/org/owasp/webgoat/users/LessonTracker.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/users/LessonTracker.java
@ -47,8 +47,11 @@ import java.util.stream.Collectors;
 */
@Entity
 public class LessonTracker {
-    @Getter
+
    @Id
+    @GeneratedValue(strategy = GenerationType.AUTO)
+    private Long id;
+    @Getter
    private String lessonName;
    @OneToMany(cascade = CascadeType.ALL, fetch = FetchType.EAGER)
    private final Set<Assignment> solvedAssignments = Sets.newHashSet();
--- a/webgoat-container/src/main/java/org/owasp/webgoat/users/Scoreboard.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/users/Scoreboard.java
@ -38,7 +38,7 @@ public class Scoreboard {
        List<WebGoatUser> allUsers = userRepository.findAll();
        List<Ranking> rankings = Lists.newArrayList();
        for (WebGoatUser user : allUsers) {
-            UserTracker userTracker = userTrackerRepository.findOne(user.getUsername());
+            UserTracker userTracker = userTrackerRepository.findByUser(user.getUsername());
            rankings.add(new Ranking(user.getUsername(), challengesSolved(userTracker)));
        }
        return rankings;
--- a/webgoat-container/src/main/java/org/owasp/webgoat/users/UserTracker.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/users/UserTracker.java
@ -50,6 +50,8 @@ import java.util.stream.Collectors;
 public class UserTracker {

    @Id
+    @GeneratedValue(strategy = GenerationType.AUTO)
+    private Long id;
    private String user;
    @OneToMany(cascade = CascadeType.ALL, fetch = FetchType.EAGER)
    private Set<LessonTracker> lessonTrackers = Sets.newHashSet();
--- a/webgoat-container/src/main/java/org/owasp/webgoat/users/UserTrackerRepository.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/users/UserTrackerRepository.java
@ -8,5 +8,6 @@ import org.springframework.data.jpa.repository.JpaRepository;
 */
 public interface UserTrackerRepository extends JpaRepository<UserTracker, String> {

+    UserTracker findByUser(String user);

 }
--- a/webgoat-container/src/main/resources/application.properties
+++ b/webgoat-container/src/main/resources/application.properties
@ -3,6 +3,7 @@ server.error.path=/error.html
 server.session.timeout=600
 server.contextPath=/WebGoat
 server.port=8080
+server.address=127.0.0.1

 spring.datasource.url=jdbc:hsqldb:file:${webgoat.server.directory}/data/webgoat
 spring.jpa.hibernate.ddl-auto=update
@ -20,8 +21,8 @@ spring.resources.cache-period=0
 spring.thymeleaf.cache=false

 webgoat.clean=false
-webgoat.server.directory=${user.home}/.webgoat/
-webgoat.user.directory=${user.home}/.webgoat/
+webgoat.server.directory=${user.home}/.webgoat-${webgoat.build.version}/
+webgoat.user.directory=${user.home}/.webgoat-${webgoat.build.version}/
 webgoat.build.version=@project.version@
 webgoat.build.number=@build.number@
 webgoat.email=webgoat@owasp.org
--- a/webgoat-container/src/test/java/org/owasp/webgoat/assignments/AssignmentEndpointTest.java
+++ b/webgoat-container/src/test/java/org/owasp/webgoat/assignments/AssignmentEndpointTest.java
@ -62,7 +62,7 @@ public class AssignmentEndpointTest {

    public void init(AssignmentEndpoint a) {
        messages.setBasenames("classpath:/i18n/messages", "classpath:/i18n/WebGoatLabels");
-        when(userTrackerRepository.findOne(anyString())).thenReturn(userTracker);
+        when(userTrackerRepository.findByUser(anyString())).thenReturn(userTracker);
        ReflectionTestUtils.setField(a, "userTrackerRepository", userTrackerRepository);
        ReflectionTestUtils.setField(a, "userSessionData", userSessionData);
        ReflectionTestUtils.setField(a, "webSession", webSession);
--- a/webgoat-container/src/test/java/org/owasp/webgoat/service/LessonMenuServiceTest.java
+++ b/webgoat-container/src/test/java/org/owasp/webgoat/service/LessonMenuServiceTest.java
@ -63,7 +63,7 @@ public class LessonMenuServiceTest {
        when(course.getLessons(any())).thenReturn(Lists.newArrayList(l1, l2));
        when(course.getCategories()).thenReturn(Lists.newArrayList(Category.ACCESS_CONTROL));
        when(userTracker.getLessonTracker(any(AbstractLesson.class))).thenReturn(lessonTracker);
-        when(userTrackerRepository.findOne(anyString())).thenReturn(userTracker);
+        when(userTrackerRepository.findByUser(anyString())).thenReturn(userTracker);

        mockMvc.perform(MockMvcRequestBuilders.get(URL_LESSONMENU_MVC))
                .andExpect(status().isOk())
@ -81,7 +81,7 @@ public class LessonMenuServiceTest {
        when(course.getLessons(any())).thenReturn(Lists.newArrayList(l1));
        when(course.getCategories()).thenReturn(Lists.newArrayList(Category.ACCESS_CONTROL));
        when(userTracker.getLessonTracker(any(AbstractLesson.class))).thenReturn(lessonTracker);
-        when(userTrackerRepository.findOne(anyString())).thenReturn(userTracker);
+        when(userTrackerRepository.findByUser(anyString())).thenReturn(userTracker);


        mockMvc.perform(MockMvcRequestBuilders.get(URL_LESSONMENU_MVC))
--- a/webgoat-container/src/test/java/org/owasp/webgoat/service/LessonProgressServiceTest.java
+++ b/webgoat-container/src/test/java/org/owasp/webgoat/service/LessonProgressServiceTest.java
@ -72,7 +72,7 @@ public class LessonProgressServiceTest {
    @Before
    public void setup() {
        Assignment assignment = new Assignment("test", "test");
-        when(userTrackerRepository.findOne(anyString())).thenReturn(userTracker);
+        when(userTrackerRepository.findByUser(anyString())).thenReturn(userTracker);
        when(userTracker.getLessonTracker(any(AbstractLesson.class))).thenReturn(lessonTracker);
        when(websession.getCurrentLesson()).thenReturn(lesson);
        when(lessonTracker.getLessonOverview()).thenReturn(Maps.newHashMap(assignment, true));
--- a/webgoat-container/src/test/java/org/owasp/webgoat/service/ReportCardServiceTest.java
+++ b/webgoat-container/src/test/java/org/owasp/webgoat/service/ReportCardServiceTest.java
@ -53,7 +53,7 @@ public class ReportCardServiceTest {
        when(course.getTotalOfLessons()).thenReturn(1);
        when(course.getTotalOfAssignments()).thenReturn(10);
        when(course.getLessons()).thenReturn(Lists.newArrayList(lesson));
-        when(userTrackerRepository.findOne(anyString())).thenReturn(userTracker);
+        when(userTrackerRepository.findByUser(anyString())).thenReturn(userTracker);
        when(userTracker.getLessonTracker(any(AbstractLesson.class))).thenReturn(lessonTracker);
        mockMvc.perform(MockMvcRequestBuilders.get("/service/reportcard.mvc"))
                .andExpect(status().isOk())
--- a/webgoat-container/src/test/java/org/owasp/webgoat/users/UserTrackerRepositoryTest.java
+++ b/webgoat-container/src/test/java/org/owasp/webgoat/users/UserTrackerRepositoryTest.java
@ -62,7 +62,7 @@ public class UserTrackerRepositoryTest {

        userTrackerRepository.save(userTracker);

-        userTracker = userTrackerRepository.findOne("test");
+        userTracker = userTrackerRepository.findByUser("test");
        Assertions.assertThat(userTracker.getLessonTracker("test")).isNotNull();
    }

@ -77,7 +77,7 @@ public class UserTrackerRepositoryTest {

        userTrackerRepository.saveAndFlush(userTracker);

-        userTracker = userTrackerRepository.findOne("test");
+        userTracker = userTrackerRepository.findByUser("test");
        Assertions.assertThat(userTracker.numberOfAssignmentsSolved()).isEqualTo(1);
    }

@ -90,7 +90,7 @@ public class UserTrackerRepositoryTest {
        userTracker.assignmentFailed(lesson);
        userTrackerRepository.saveAndFlush(userTracker);

-        userTracker = userTrackerRepository.findOne("test");
+        userTracker = userTrackerRepository.findByUser("test");
        userTracker.assignmentFailed(lesson);
        userTracker.assignmentFailed(lesson);
        userTrackerRepository.saveAndFlush(userTracker);
--- a/webgoat-lessons/auth-bypass/pom.xml
+++ b/webgoat-lessons/auth-bypass/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>

 </project>
--- a/webgoat-lessons/bypass-restrictions/pom.xml
+++ b/webgoat-lessons/bypass-restrictions/pom.xml
@ -6,6 +6,6 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>
 </project>
--- a/webgoat-lessons/challenge/pom.xml
+++ b/webgoat-lessons/challenge/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>


--- a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Flag.java
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Flag.java
@ -46,7 +46,6 @@ public class Flag extends Endpoint {
    @PostConstruct
    public void initFlags() {
        IntStream.range(1, 10).forEach(i -> FLAGS.put(i, UUID.randomUUID().toString()));
-        FLAGS.entrySet().stream().forEach(e -> log.debug("Flag {} {}", e.getKey(), e.getValue()));
    }

    @Override
--- a/webgoat-lessons/client-side-filtering/pom.xml
+++ b/webgoat-lessons/client-side-filtering/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>

 </project>
--- a/webgoat-lessons/cross-site-scripting/pom.xml
+++ b/webgoat-lessons/cross-site-scripting/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>
    <build>
       <plugins>
--- a/webgoat-lessons/csrf/pom.xml
+++ b/webgoat-lessons/csrf/pom.xml
@ -6,6 +6,6 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>
 </project>
--- a/webgoat-lessons/csrf/src/main/java/org/owasp/webgoat/plugin/CSRFLogin.java
+++ b/webgoat-lessons/csrf/src/main/java/org/owasp/webgoat/plugin/CSRFLogin.java
@ -33,7 +33,7 @@ public class CSRFLogin extends AssignmentEndpoint {
    }

    private void markAssignmentSolvedWithRealUser(String username) {
-        UserTracker userTracker = userTrackerRepository.findOne(username);
+        UserTracker userTracker = userTrackerRepository.findByUser(username);
        userTracker.assignmentSolved(getWebSession().getCurrentLesson(), this.getClass().getSimpleName());
        userTrackerRepository.save(userTracker);
    }
--- a/webgoat-lessons/html-tampering/pom.xml
+++ b/webgoat-lessons/html-tampering/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>

    <dependencies>
--- a/webgoat-lessons/http-basics/pom.xml
+++ b/webgoat-lessons/http-basics/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>

 </project>
--- a/webgoat-lessons/http-proxies/pom.xml
+++ b/webgoat-lessons/http-proxies/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>

    <dependencies>
--- a/webgoat-lessons/idor/pom.xml
+++ b/webgoat-lessons/idor/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>

 </project>
--- a/webgoat-lessons/insecure-login/pom.xml
+++ b/webgoat-lessons/insecure-login/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>

    <dependencies>
--- a/webgoat-lessons/jwt/pom.xml
+++ b/webgoat-lessons/jwt/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>

 </project>
--- a/webgoat-lessons/missing-function-ac/pom.xml
+++ b/webgoat-lessons/missing-function-ac/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>

 </project>
--- a/webgoat-lessons/pom.xml
+++ b/webgoat-lessons/pom.xml
@ -5,12 +5,12 @@
    <groupId>org.owasp.webgoat.lesson</groupId>
    <artifactId>webgoat-lessons-parent</artifactId>
    <packaging>pom</packaging>
-    <version>8.0.0.M3</version>
+    <version>v8.0.0.M14</version>

    <parent>
        <groupId>org.owasp.webgoat</groupId>
        <artifactId>webgoat-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>

    <modules>
--- a/webgoat-lessons/sql-injection/pom.xml
+++ b/webgoat-lessons/sql-injection/pom.xml
@ -6,6 +6,6 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>
 </project>
--- a/webgoat-lessons/vulnerable-components/pom.xml
+++ b/webgoat-lessons/vulnerable-components/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>
    <dependencies>
        <dependency>
--- a/webgoat-lessons/webgoat-introduction/pom.xml
+++ b/webgoat-lessons/webgoat-introduction/pom.xml
@ -6,6 +6,6 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>
 </project>
--- a/webgoat-lessons/webwolf-introduction/pom.xml
+++ b/webgoat-lessons/webwolf-introduction/pom.xml
@ -6,6 +6,6 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>
 </project>
--- a/webgoat-lessons/webwolf-introduction/src/main/resources/lessonPlans/en/IntroductionWebWolf.adoc
+++ b/webgoat-lessons/webwolf-introduction/src/main/resources/lessonPlans/en/IntroductionWebWolf.adoc
@ -23,7 +23,7 @@ java -jar webwolf-<<version>>.jar
 WebWolf is also available as a Docker container:

 ```
-docker pull webwolf/webwolf-8.0
+docker pull webgoat/webwolf
 docker run -it 8081:8081 /home/webwolf/run.sh
 ```

--- a/webgoat-lessons/xxe/pom.xml
+++ b/webgoat-lessons/xxe/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat.lesson</groupId>
        <artifactId>webgoat-lessons-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>

    <dependencies>
--- a/webgoat-server/Dockerfile
+++ b/webgoat-server/Dockerfile
@ -2,13 +2,14 @@ FROM openjdk:8-jre-slim

 ARG webgoat_version=8.0-SNAPSHOT

-RUN useradd --home-dir /home/webgoat --create-home -U webgoat
-
-RUN apt-get update; apt-get install curl -y
-
-COPY start.sh /home/webgoat/start.sh
-RUN chmod +x /home/webgoat/start.sh
+RUN \
+  apt-get update && apt-get install && \
+  useradd --home-dir /home/webgoat --create-home -U webgoat && \
+  cd /home/webgoat/; mkdir -p .webgoat

 USER webgoat
-RUN cd /home/webgoat/; mkdir -p .webgoat
 COPY target/webgoat-server-${webgoat_version}.jar /home/webgoat/webgoat.jar
+
+ENTRYPOINT ["java", "-Djava.security.egd=file:/dev/./urandom", "-jar", "/home/webgoat/webgoat.jar", "--server.address=0.0.0.0"]
+
+EXPOSE 8080
--- a/webgoat-server/pom.xml
+++ b/webgoat-server/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat</groupId>
        <artifactId>webgoat-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>

    <properties>
--- a/webgoat-server/start.sh
+++ b/webgoat-server/start.sh
@ -1,3 +0,0 @@
-#!/bin/sh
-
-java -jar -Djava.security.egd=file:/dev/./urandom /home/webgoat/webgoat.jar
--- a/webwolf/Dockerfile
+++ b/webwolf/Dockerfile
@ -2,12 +2,13 @@ FROM openjdk:8-jre-slim

 ARG webwolf_version=8.0-SNAPSHOT

-RUN useradd --home-dir /home/webwolf --create-home -U webwolf
-
-RUN apt-get update; apt-get install curl -y
-
-COPY start.sh /home/webwolf/start.sh
-RUN chmod +x /home/webwolf/start.sh
+RUN \
+  apt-get update && apt-get install && \
+  useradd --home-dir /home/webwolf --create-home -U webwolf

 USER webwolf
 COPY target/webwolf-${webwolf_version}.jar /home/webwolf/webwolf.jar
+
+ENTRYPOINT ["java", "-Djava.security.egd=file:/dev/./urandom", "-jar", "/home/webwolf/webwolf.jar", "--server.address=0.0.0.0"]
+
+EXPOSE 8081
--- a/webwolf/pom.xml
+++ b/webwolf/pom.xml
@ -6,7 +6,7 @@
    <parent>
        <groupId>org.owasp.webgoat</groupId>
        <artifactId>webgoat-parent</artifactId>
-        <version>8.0.0.M3</version>
+        <version>v8.0.0.M14</version>
    </parent>

    <dependencies>
--- a/webwolf/src/main/resources/application.properties
+++ b/webwolf/src/main/resources/application.properties
@ -3,6 +3,7 @@ server.error.path=/error.html
 server.session.timeout=6000
 #server.contextPath=/WebWolf
 server.port=8081
+server.address=127.0.0.1
 server.session.cookie.name = WEBWOLFSESSION

 spring.datasource.url=jdbc:hsqldb:file:${webgoat.server.directory}/data/webwolf
@ -29,7 +30,8 @@ multipart.location=${java.io.tmpdir}
 multipart.max-file-size=1Mb
 multipart.max-request-size=1Mb

-webgoat.server.directory=${user.home}/.webgoat/
+webgoat.build.version=@project.version@
+webgoat.server.directory=${user.home}/.webgoat-${webgoat.build.version}/
 webwolf.fileserver.location=${java.io.tmpdir}/webwolf-fileserver

 spring.jackson.serialization.indent_output=true
--- a/webwolf/start.sh
+++ b/webwolf/start.sh
@ -1,3 +0,0 @@
-#!/bin/sh
-
-java -jar -Djava.security.egd=file:/dev/./urandom /home/webwolf/webwolf.jar
Author	SHA1	Message	Date
Nanne Baars	f30db3abfc	New version number	2018-04-11 20:45:12 +02:00
Nanne Baars	58d4b81df2	Wrong image name mentioned in lesson for WebWolf	2018-04-11 20:22:19 +02:00
nbaars	2ae1b4955f	By default binds to ALL network interfaces #431 Fix for Docker not binding to any address by default	2018-01-30 07:18:05 +01:00
nbaars	13a4b69cbe	All lesson flags are displayed while running webgoat 8.0 standalone java file #430	2018-01-29 15:43:19 +01:00
nbaars	98efc1235f	By default binds to ALL network interfaces #431	2018-01-29 15:32:02 +01:00
nbaars	b99b554522	Version: docker 8.0.0.M9 Multiple users can't finalize the same lesson #432	2018-01-29 15:29:48 +01:00
nbaars	04ccf9a422	New release should create a new webgoat directory with version tag inside #423	2018-01-21 17:46:43 +01:00