ant-zap-build.xml
157 views
Skip to first unread message
Shruti Kulkarni
Feb 14, 2017, 7:20:17 AM2/14/17
to OWASP ZAP User Group
Hello,
I have been trying to use ant-zap-build.xml with ZAP to automate continuous testing. But ant-zap-build.xml does not build correctly. I get the following error messages:
BUILD FAILED
C:\User1\Ant\apache-ant-1.10.1\bin\build.xml:19: taskdef class org.zaproxy.clie
ntapi.ant.AccessUrlTask cannot be found
using the classloader AntClassLoader[C:\User1\Ant\apache-ant-1.10.1\lib\zap.ja
r]
at org.apache.tools.ant.taskdefs.Definer.addDefinition(Definer.java:607)
at org.apache.tools.ant.taskdefs.Definer.execute(Definer.java:237)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:293)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.jav
a:106)
at org.apache.tools.ant.Task.perform(Task.java:348)
at org.apache.tools.ant.Target.execute(Target.java:435)
at org.apache.tools.ant.helper.ProjectHelper2.parse(ProjectHelper2.java:
180)
at org.apache.tools.ant.ProjectHelper.configureProject(ProjectHelper.jav
a:93)
at org.apache.tools.ant.Main.runBuild(Main.java:832)
at org.apache.tools.ant.Main.startAnt(Main.java:236)
at org.apache.tools.ant.launch.Launcher.run(Launcher.java:287)
at org.apache.tools.ant.launch.Launcher.main(Launcher.java:113)
Caused by: java.lang.ClassNotFoundException: org.zaproxy.clientapi.ant.AccessUrl
Task
at org.apache.tools.ant.AntClassLoader.findClassInComponents(AntClassLoa
der.java:1384)
at org.apache.tools.ant.AntClassLoader.findClass(AntClassLoader.java:133
3)
at org.apache.tools.ant.AntClassLoader.loadClass(AntClassLoader.java:108
8)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Unknown Source)
at org.apache.tools.ant.taskdefs.Definer.addDefinition(Definer.java:579)
... 15 more
Total time: 0 seconds
I downloaded the ant-zap-build.xml from:
And I have followed instructions for ZAP-ANT integration from this link:
Please can someone help me with this?
Thank you,
Shruti
kingthorin+owaspzap
Feb 14, 2017, 8:05:39 AM2/14/17
to OWASP ZAP User Group
Looks like you missed step 3a.
thc...@gmail.com
Feb 14, 2017, 9:24:20 AM2/14/17
to zaprox...@googlegroups.com
Actually, that step is outdated. The zap.jar no longer includes the API
client.
The jars that need to be in the classpath are:
- zap-clientapi-ant
- zap-api
Both available from:
https://github.com/zaproxy/zap-api-java/releases
Best regards.
client.
The jars that need to be in the classpath are:
- zap-clientapi-ant
- zap-api
Both available from:
https://github.com/zaproxy/zap-api-java/releases
Best regards.
Shruti Kulkarni
Feb 14, 2017, 10:14:27 AM2/14/17
to OWASP ZAP User Group
Many thanks for your responses. I have downloaded the jar files
Please can you let me know if I need to make any changes to the build.xml file? or can I use it as it is available in the following link:
Kind Regards,
Shruti
Shruti Kulkarni
Feb 14, 2017, 10:49:13 AM2/14/17
to OWASP ZAP User Group
I tried using the build.xml file mentioned in the link below
and I get the following errors now: (I know the error message says "Connection refused", but I am able to scan the application from ZAP UI)
BUILD FAILED
C:\User1\Ant\apache-ant-1.10.1\bin\build.xml:81: org.zaproxy.clientapi.core.Cli
entApiException: java.net.ConnectException: Connection refused: connect
at org.zaproxy.clientapi.core.ClientApi.accessUrlViaProxy(ClientApi.java
:283)
at org.zaproxy.clientapi.core.ClientApi.accessUrl(ClientApi.java:126)
at org.zaproxy.clientapi.ant.AccessUrlTask.execute(AccessUrlTask.java:31
)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:293)
at sun.reflect.GeneratedMethodAccessor4.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.jav
a:106)
at org.apache.tools.ant.Task.perform(Task.java:348)
at org.apache.tools.ant.Target.execute(Target.java:435)
at org.apache.tools.ant.Target.performTasks(Target.java:456)
at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1405)
at org.apache.tools.ant.Project.executeTarget(Project.java:1376)
at org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExe
cutor.java:41)
at org.apache.tools.ant.Project.executeTargets(Project.java:1260)
at org.apache.tools.ant.Main.runBuild(Main.java:857)
at org.apache.tools.ant.Main.startAnt(Main.java:236)
at org.apache.tools.ant.launch.Launcher.run(Launcher.java:287)
at org.apache.tools.ant.launch.Launcher.main(Launcher.java:113)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at sun.net.NetworkClient.doConnect(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.http.HttpClient$1.run(Unknown Source)
at sun.net.www.http.HttpClient$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.net.www.http.HttpClient.privilegedOpenServer(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.<init>(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewH
ttpClient(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(Unknown Sou
rce)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Sour
ce)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Sou
rce)
at org.zaproxy.clientapi.core.ClientApi.accessUrlViaProxy(ClientApi.java
:262)
... 18 more
Total time: 22 seconds
Please can someone help?
Kind Regards,
Shruti
thc...@gmail.com
Feb 15, 2017, 3:25:19 AM2/15/17
to zaprox...@googlegroups.com
In which port is ZAP listening? Which port was defined in the build file?
Seems that the client is not able to connect to ZAP (if ZAP was started
from the build file you need to ensure that it's fully started before
connecting to it).
Best regards.
On 14/02/17 15:49, Shruti Kulkarni wrote:
> I tried using the build.xml file mentioned in the link below
>
> https://github.com/impeccable-tester/SecurityTesting/blob/master/Automated%20Security%20Testing/ant-zap-build.xml
> <https://www.google.com/url?q=https%3A%2F%2Fgithub.com%2Fimpeccable-tester%2FSecurityTesting%2Fblob%2Fmaster%2FAutomated%2520Security%2520Testing%2Fant-zap-build.xml&sa=D&sntz=1&usg=AFQjCNHNVFFckXVqmwGpzRlE-EsEkuLJpQ>
>> <https://www.google.com/url?q=https%3A%2F%2Fgithub.com%2Fimpeccable-tester%2FSecurityTesting%2Fblob%2Fmaster%2FAutomated%2520Security%2520Testing%2Fant-zap-build.xml&sa=D&sntz=1&usg=AFQjCNHNVFFckXVqmwGpzRlE-EsEkuLJpQ>
Seems that the client is not able to connect to ZAP (if ZAP was started
from the build file you need to ensure that it's fully started before
connecting to it).
Best regards.
On 14/02/17 15:49, Shruti Kulkarni wrote:
> I tried using the build.xml file mentioned in the link below
>
> https://github.com/impeccable-tester/SecurityTesting/blob/master/Automated%20Security%20Testing/ant-zap-build.xml
Reply all
Reply to author
Forward
0 new messages