crypto-and-injection-project /
# Jetty With The Works

The intention here is to have a self-contained project that has:

* Servlet support.
* Filter support.
* Annotation based configuration for servlets and filters.
* JSP support.
* JSP fragment support.
* An embedded H2 database.
* An embedded Jetty server that runs the entire application from a `main` method.
* Generation of a WAR file that can be deployed to Tomcat if necessary.
* Everything can be done via Gradle.

Basically, anything that we are likely to need for COMP210 and injection flaw demos.

The example application has simple form-based authentication and path-based authorisation via a filter.  It currently
has intentional SQL injection flaws.

## Running

Run with:

> gradle run

The application defaults to a context path of `/shop`.  The database is deployed in the WAR, so should be considered 
to be a disposable copy of the original database (the WAR is extracted into `${TEMP}`, so you can actually get
at the deployed database file if really necessary).

The main method will start the H2 console for the deployed database.

## Generate WAR file

The WAR file is actually being used when running the embedded server, but if you only want the WAR you can use:

> gradle war

It is generated in `build/libs`

The application should use whatever context path it ends up with once deployed.

## Database Access

The deployed DB will be opened in the H2 web console by default.  As mentioned, this is a copy of the original DB that
was embedded in the WAR file.

To work on the original version of the database (in the `db/db` directory of the project) you can run the following:

> gradle db