Skip to content

Spring PetClinic modified to include vulnerabilities for the purpose of demonstrating the power of IAST and RASP.

Notifications You must be signed in to change notification settings

contrast-community/spring-petclinic

 
 

Repository files navigation

Vulnerable version of the venerable PetClinic

DepShield Badge

Spring PetClinic Sample Application Build Status

Understanding the Spring Petclinic application with a few diagrams

See the presentation here

Running petclinic locally

	git clone https://github.com/spring-projects/spring-petclinic.git
	cd spring-petclinic
	./mvnw spring-boot:run

You can then access petclinic here: http://localhost:8080/

petclinic-screenshot

In case you find a bug/suggested improvement for Spring Petclinic

Our issue tracker is available here: https://github.com/spring-projects/spring-petclinic/issues

Database configuration

In its default configuration, Petclinic uses an in-memory database (HSQLDB) which gets populated at startup with data. A similar setup is provided for MySql in case a persistent database configuration is needed. Note that whenever the database type is changed, the data-access.properties file needs to be updated and the mysql-connector-java artifact from the pom.xml needs to be uncommented.

You could start a MySql database with docker:

docker run -e MYSQL_ROOT_PASSWORD=petclinic -e MYSQL_DATABASE=petclinic -p 3306:3306 mysql:5.7.8

Working with Petclinic in Eclipse/STS

prerequisites

The following items should be installed in your system:

Note: when m2e is available, there is an m2 icon in Help -> About dialog. If m2e is not there, just follow the install process here: http://eclipse.org/m2e/download/

Steps:

  1. In the command line
git clone https://github.com/spring-projects/spring-petclinic.git
  1. Inside Eclipse
File -> Import -> Maven -> Existing Maven project

Looking for something in particular?

Spring Boot Configuration Class or Java property files
The Main Class PetClinicApplication
Properties Files application.properties
Caching CacheConfig

Interesting Spring Petclinic branches and forks

The Spring Petclinic master branch in the main spring-projects GitHub org is the "canonical" implementation, currently based on Spring Boot and Thymeleaf. There are quite a few forks in a special GitHub org spring-petclinic. If you have a special interest in a different technology stack that could be used to implement the Pet Clinic then please join the community there.

Link Main technologies
spring-framework-petclinic Spring Framework XML configuration, JSP pages, 3 persistence layers: JDBC, JPA and Spring Data JPA
javaconfig branch Same frameworks as the spring-framework-petclinic but with Java Configuration instead of XML
spring-petclinic-angularjs AngularJS 1.x, Spring Boot and Spring Data JPA
spring-petclinic-angular Angular 4 front-end of the Petclinic REST API [spring-petclinic-rest][]
spring-petclinic-microservices Distributed version of Spring Petclinic built with Spring Cloud
spring-petclinic-reactjs ReactJS (with TypeScript) and Spring Boot
spring-petclinic-graphql GraphQL version based on React Appolo, TypeScript and GraphQL Spring boot starter
spring-petclinic-kotlin Kotlin version of spring-petclinic
[spring-petclinic-rest][] Backend REST API

Interaction with other open source projects

One of the best parts about working on the Spring Petclinic application is that we have the opportunity to work in direct contact with many Open Source projects. We found some bugs/suggested improvements on various topics such as Spring, Spring Data, Bean Validation and even Eclipse! In many cases, they've been fixed/implemented in just a few days. Here is a list of them:

Name Issue
Spring JDBC: simplify usage of NamedParameterJdbcTemplate SPR-10256 and SPR-10257
Bean Validation / Hibernate Validator: simplify Maven dependencies and backward compatibility HV-790 and HV-792
Spring Data: provide more flexibility when working with JPQL queries DATAJPA-292

Contributing

The issue tracker is the preferred channel for bug reports, features requests and submitting pull requests.

For pull requests, editor preferences are available in the editor config for easy use in common text editors. Read more and download plugins at http://editorconfig.org. If you have not previously done so, please fill out and submit the https://cla.pivotal.io/sign/spring[Contributor License Agreement].

License

The Spring PetClinic sample application is released under version 2.0 of the Apache License.

About

Spring PetClinic modified to include vulnerabilities for the purpose of demonstrating the power of IAST and RASP.

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Java 81.9%
  • HTML 11.6%
  • CSS 6.5%