Deploying the AcuSensor agent for JAVA - Docker & WAR File
🔍 AcuSensor Network PreRequisites |
AcuSensor makes use of the AcuSensor Bridge. Read more information here. |
The AcuSensor agent will need to be deployed to your Docker container. This section describes how to deploy AcuSensor together with your web application into a Docker container.
The Java AcuSensor requires:
- Deploying aspectjweaver.jar into your web server - provides the integration required for AcuSensor to work with your application
- Deploying the Acunetix Java AcuSensor into your web server - this is unique for each Target, and can be downloaded by using the Download JAVA AcuSensor button
- Configuring your web server to use Load Time Weaving (AspectJWeaver)
Assumptions for this document
- This document assumes that you will be using version 1.9.5 (latest at time of writing) of AspectJWeaver.
- This document assumes that you are logged into the docker host as root, and that all files for this web application will be kept in the folder "/root/mywar/"
- This document assumes the URL for your WAR web application will be http://<mydockerhostipaddress>:8080/helloworld/
Prepare Folder for Spring Boot Docker deployment
On the docker host, run the following command:
- mkdir /root/mywar/
Preparing AspectJWeaver for your container
To download and deploy AspectJWeaver, run the following commands:
- cd /root/mywar/
- wget -c https://repo1.maven.org/maven2/org/aspectj/aspectjweaver/1.9.5/aspectjweaver-1.9.5.jar
- mv aspectjweaver-1.9.5.jar aspectjweaver.jar
Preparing AcuSensor for your container
- Create a Target in your Acunetix UI for the exact URL of your new web application (for this example: http://<mydockerhostipaddress>:8080/helloworld/ )
- Download the Acunetix JAVA AcuSensor for your web application target from the Acunetix UI
- Copy the Acunetix JAVA AcuSensor (AcuSensor.jar) to the docker host into folder /root/mywar/
Preparing Environment Variables for Tomcat to use AcuSensor
- Run the following command on the docker host:
- nano /root/mywar/setenv.sh
- This will create a new file. Add this line to the "setenv.sh" file:
JAVA_OPTS="$JAVA_OPTS -javaagent:/usr/local/tomcat/lib/aspectjweaver.jar -Dacusensor.debug.log=ON" |
Note: The parameter "-Dacusensor.debug.log=ON" is optional, and should ONLY be used for troubleshooting purposes. If this parameter is retained, this will output AcuSensor logging as additional lines in the Tomcat logs starting with "[Acunetix-debug]".
- Exit nano and save the changes to the "setenv.sh" file.
Preparing your web application for your container
- Build your application called, for example, HelloWorld.war
- Copy the HelloWorld.war file to the docker host folder /root/mywar/
Create Dockerfile for your web application
- To create and edit your Dockerfile, run the following command:
- nano /root/mywar/Dockerfile
- Edit the contents of your Dockerfile to show the following:
FROM tomcat:9.0-alpine COPY AcuSensor.jar /usr/local/tomcat/lib/AcuSensor.jar COPY aspectjweaver.jar /usr/local/tomcat/lib/aspectjweaver.jar COPY HelloWorld.war /usr/local/tomcat/webapps/helloworld.war EXPOSE 8080 CMD ["catalina.sh", "run"] |
- Save the Dockerfile and exit the nano editor
Build your Docker Image and Start a Container based on the Image
On the docker host, run the following commands:
- cd /root/mywar/
- docker build -t mywar:test .
- docker run --publish:8080:8080 --detach --name mywar mywar:test
Confirm your new Web Application works by pointing your browser to your docker container:
http://<mydockerhostipaddress>:8080/helloworld |
Congratulations! You are now ready to scan your web application with Acunetix.
