Kwwebappscan

kwwebappscan scans a directory for Web applications and creates a build specification.

Usage

kwwebappscan [options] <directory_to_scan> <output_build_specification_file>

where

  • [options] are any of the options from the table below. If no options are specified, kwwebappscan uses the Apache Tomcat 8.5.87 application server packaged with Klocwork.
  • <directory_to_scan> is the directory containing Web applications
  • <output_build_specification_file> is the name for the output build specification file

Example

Apache Tomcat 8 is installed at C:\test\tomcat_8.5.87, and the webgoat.war file has been unpacked to C:\test\webgoat.war.unpacked. The following command creates a build specification for the unpacked webgoat:

kwwebappscan --appserver-name tomcat_8_5 --appserver-location C:\test\tomcat_8.5.87 C:\test\webgoat.war.unpacked buildspec1.out

Options

Name (and short name) Description
--help (-h) display this help
--version (-v) display version information
--appserver-name <server-name> name of the third-party application server that will perform the JSP compilation. Supported application servers:
  • Apache Tomcat 7.0 ("--appserver-name tomcat_7_0")
  • Apache Tomcat 8.5 ("--appserver-name tomcat_8_5")
  • BEA Weblogic 10.0 ("--appserver-name weblogic_10_0")
--appserver-location <server-path> location of the application server that will perform JSP compilation. Specify the root directory of your application server installation (the directory containing the bin directory for your application server).
--extra-classpath <string> provides an extra classpath to the analysis engine. Specify the path to any additional jar files to ensure defects with cross-module dependencies are passed to java analysis.