e748aa0e90
git-svn-id: http://webgoat.googlecode.com/svn/trunk@109 4033779f-a91e-0410-96ef-6bf7bf53c507
36 lines
1.5 KiB
Plaintext
36 lines
1.5 KiB
Plaintext
===============================================================
|
|
Installing WebGoat WAR file into a Standard Tomcat Installation
|
|
|
|
Help: Mail List - http://lists.owasp.org/mailman/listinfo/owasp-webgoat
|
|
Email - webgoat@g2-inc.com
|
|
===============================================================
|
|
|
|
To do this, you'll need to configure server.xml and tomcat-users.xml a bit.
|
|
Basically, you'll want to change the port number in server.xml to 80 (or just stick with 8080).
|
|
WebGoat also has some specific users and roles that it uses which are defined in tomcat-users.xml.
|
|
|
|
- Add the following users and roles to tomcat-users.xml in tomcat/conf directory
|
|
|
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
<tomcat-users>
|
|
<role rolename="webgoat_basic"/>
|
|
<role rolename="webgoat_admin"/>
|
|
<role rolename="webgoat_user"/>
|
|
<role rolename="tomcat"/>
|
|
<user password="webgoat" roles="webgoat_admin" username="webgoat"/>
|
|
<user password="basic" roles="webgoat_user,webgoat_basic" username="basic"/>
|
|
<user password="tomcat" roles="tomcat" username="tomcat"/>
|
|
<user password="guest" roles="webgoat_user" username="guest"/>
|
|
</tomcat-users>
|
|
|
|
|
|
This is explained in the readme.txt file in the root directory.
|
|
|
|
If you do not rename the war file to WebGoat.war you will need to
|
|
browse to:
|
|
|
|
http://localhost/WebGoat-VERSION_NUM/attack
|
|
|
|
Let us know if you are still having problems at the WebGoat mailing list: http://lists.owasp.org/mailman/listinfo/owasp-webgoat
|
|
or by sending email to WebGoat@g2-inc.com
|