Jetty with Servlets and JSP.
db/ db | 3 years ago | ||
gradle/ wrapper | 3 years ago | ||
src/ main | 3 years ago | ||
.gitignore | 3 years ago | ||
README.md | 3 years ago | ||
build.gradle | 2 years ago | ||
gradlew | 3 years ago | ||
gradlew.bat | 3 years ago | ||
injections.txt | 3 years ago | ||
schema.sql | 3 years ago |
The intention here is to have a self-contained project that has:
main
method.Basically, anything that we are likely to need for COMP210 and injection flaw demos.
The example application has simple form-based authentication and path-based authorisation via a filter. It currently has intentional SQL injection flaws.
Run with:
> gradle run
The application defaults to a context path of /shop
. The database is deployed in the WAR, so should be considered to be a disposable copy of the original database (the WAR is extracted into ${TEMP}
, so you can actually get at the deployed database file if really necessary).
The main method will start the H2 console for the deployed database.
The WAR file is actually being used when running the embedded server, but if you only want the WAR you can use:
> gradle war
It is generated in build/libs
The application should use whatever context path it ends up with once deployed.
The deployed DB will be opened in the H2 web console by default. As mentioned, this is a copy of the original DB that was embedded in the WAR file.
To work on the original version of the database (in the db/db
directory of the project) you can run the following:
> gradle db