Interface SqlFirewallManager

All Known Implementing Classes:
CsvRulesManager, CsvRulesManagerNoReload, DefaultSqlFirewallManager, DenyDclManager, DenyDdlManager, DenyExecuteUpdateManager, DenyMetadataQueryManager, DenyStatementClassManager, DenyTclManager

public interface SqlFirewallManager
Interface that allows to define firewall rules for AceQL HTTP SQL calls.
Concrete implementations are defined in aceql-server.properties.

A concrete implementation should be developed on the server side in order to:
  • Define if a client user has the right to call a Statement.execute (i.e. call a raw execute).
  • Define if a client user has the right to call a Statement.executeUpdate (i.e. call a statement that updates the database).
  • Define if a client user has the right to call a raw Statement that is not a PreparedStatement.
  • Define if a client user has the right to call a the AceQL Metadata API.
  • Define a specific piece of Java code to analyze the source code of the SQL statement before allowing or not it's execution.

Multiple SqlFirewallManager may be defined and chained.

Note that the framework comes with a default SqlFirewallManager implementation that is *not* secured and should be extended: DefaultSqlFirewallManager.

Built in and ready to use classes that don't require any coding are included. The classes may be chained. See each Javadoc for more details:

Note that the helper class StatementAnalyzer allows to do some simple tests on the SQL statement string representation.

Since:
4.1
Author:
Nicolas de Pomereu
  • Method Summary

    Modifier and Type Method Description
    boolean allowExecute​(String username, String database, Connection connection)
    Allows to define if the passed username is allowed to call a raw JDBC Statement.execute.
    boolean allowExecuteUpdate​(String username, String database, Connection connection)
    Allows to define if the passed username is allowed to call a statement that updates the database.
    boolean allowMetadataQuery​(String username, String database, Connection connection)
    Says if the username is allowed call the Metadata Query API for the passed database.
    boolean allowSqlRunAfterAnalysis​(SqlEvent sqlEvent, Connection connection)
    Allows to analyze the SQL call event asked by the client side and thus allow or forbid the SQL execution on the server.
    If the analysis defined by the method returns false, the SQL statement won't be executed.
    boolean allowStatementClass​(String username, String database, Connection connection)
    Allows to define if the passed username is allowed to create and use a Statement instance that is not a PreparedStatement.
    void runIfStatementRefused​(SqlEvent sqlEvent, Connection connection)
    Allows to implement specific a Java rule immediately after a SQL statement described by a SqlEvent has been refused because one of the SqlFirewallManager.allowXxx method returned false.
  • Method Details

    • allowMetadataQuery

      boolean allowMetadataQuery​(String username, String database, Connection connection) throws IOException, SQLException
      Says if the username is allowed call the Metadata Query API for the passed database.
      Parameters:
      username - the client username to check the rule for
      database - the database name as defined in the JDBC URL field
      connection - The current SQL/JDBC Connection
      Returns:
      true if the user has the right to call the Metadata Query API, else false
      Throws:
      IOException - if an IOException occurs
      SQLException - if a SQLException occurs
    • allowStatementClass

      boolean allowStatementClass​(String username, String database, Connection connection) throws IOException, SQLException
      Allows to define if the passed username is allowed to create and use a Statement instance that is not a PreparedStatement.
      Parameters:
      username - the client username to check the rule for
      database - the database name as defined in the JDBC URL field
      connection - The current SQL/JDBC Connection
      Returns:
      true if the user has the right to call a raw execute

      Throws:
      IOException - if an IOException occurs
      SQLException - if a SQLException occurs
    • allowSqlRunAfterAnalysis

      boolean allowSqlRunAfterAnalysis​(SqlEvent sqlEvent, Connection connection) throws IOException, SQLException
      Allows to analyze the SQL call event asked by the client side and thus allow or forbid the SQL execution on the server.
      If the analysis defined by the method returns false, the SQL statement won't be executed.
      Parameters:
      sqlEvent - the SQL event asked by the client side. Contains all info about the SQL call (client username, database name, IP Address of the client, and SQL statement details)
      connection - The current SQL/JDBC Connection
      Returns:
      true if the analyzed statement or prepared statement is validated and authorized to run, else false

      Throws:
      IOException - if an IOException occurs
      SQLException - if a SQLException occurs
    • allowExecute

      boolean allowExecute​(String username, String database, Connection connection) throws IOException, SQLException
      Allows to define if the passed username is allowed to call a raw JDBC Statement.execute.
      Parameters:
      username - the client username to check the rule for
      database - the database name as defined in the JDBC URL field
      connection - The current SQL/JDBC Connection
      Returns:
      true if the user has the right call a database update statement
      Throws:
      IOException - if an IOException occurs
      SQLException - if a SQLException occurs
    • allowExecuteUpdate

      boolean allowExecuteUpdate​(String username, String database, Connection connection) throws IOException, SQLException
      Allows to define if the passed username is allowed to call a statement that updates the database.
      Parameters:
      username - the client username to check the rule for
      database - the database name as defined in the JDBC URL field
      connection - The current SQL/JDBC Connection
      Returns:
      true if the user has the right call a database update statement
      Throws:
      IOException - if an IOException occurs
      SQLException - if a SQLException occurs
    • runIfStatementRefused

      void runIfStatementRefused​(SqlEvent sqlEvent, Connection connection) throws IOException, SQLException
      Allows to implement specific a Java rule immediately after a SQL statement described by a SqlEvent has been refused because one of the SqlFirewallManager.allowXxx method returned false.

      Examples:
      • Delete the user from the username SQL table so that he never comes back.
      • Log the IP address.
      • Log the info.
      • Send an alert message/email to a Security Officer.
      • Etc.

      Parameters:
      sqlEvent - the SQL event asked by the client side. Contains all info about the SQL call (client username, database name, IP Address of the client, and SQL statement details).
      connection - The current SQL/JDBC Connection
      Throws:
      IOException - if an IOException occurs
      SQLException - if a SQLException occurs