Class DenySqlInjectionManagerAsync
java.lang.Object
org.kawanfw.sql.api.server.firewall.DefaultSqlFirewallManager
org.kawanfw.sql.api.server.firewall.DenySqlInjectionManagerAsync
- All Implemented Interfaces:
SqlFirewallManager
public class DenySqlInjectionManagerAsync extends DefaultSqlFirewallManager implements SqlFirewallManager
A firewall manager that allows detecting SQL asynchronously injection
attacks, using the third-party
Cloudmersive API:
Usage requires getting a Cloudmersive API key through a free or paying account creation at www.cloudmersive.com/pricing.
The Cloudmersive parameters (API key, detection level, ...) are stored in the
The file must be located in the same directory as the
The SQL injection detection is asynchronous: this means that
Note that because of the asynchronous behavior, a new
The
Usage requires getting a Cloudmersive API key through a free or paying account creation at www.cloudmersive.com/pricing.
The Cloudmersive parameters (API key, detection level, ...) are stored in the
cloudmersive.properties file that is loaded at the AceQL server
startup. The file must be located in the same directory as the
aceql.properties file used when starting the AceQL server.The SQL injection detection is asynchronous: this means that
allowSqlRunAfterAnalysis will always immediately return true
and that the result of the analysis will trigger later all
SqlFirewallTrigger defined in the aceql.properties file. Note that because of the asynchronous behavior, a new
Connection will
be extracted from the pool in order to process the
SqlFirewallTrigger.runIfStatementRefused(SqlEvent, SqlFirewallManager, Connection)
methods. The
Connection will be cleanly released after all calls.- Since:
- 11.0
- Author:
- Nicolas de Pomereu
- See Also:
DenySqlInjectionManager
-
Constructor Summary
Constructors Constructor Description DenySqlInjectionManagerAsync() -
Method Summary
Modifier and Type Method Description booleanallowSqlRunAfterAnalysis(SqlEvent sqlEvent, Connection connection)Allows detecting in background / asynchronously if Cloudmersive SQL injection detector accepts the SQL statement.Methods inherited from class org.kawanfw.sql.api.server.firewall.DefaultSqlFirewallManager
allowExecute, allowMetadataQuery, allowStatementClassMethods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.kawanfw.sql.api.server.firewall.SqlFirewallManager
allowExecute, allowMetadataQuery, allowStatementClass
-
Constructor Details
-
DenySqlInjectionManagerAsync
public DenySqlInjectionManagerAsync()
-
-
Method Details
-
allowSqlRunAfterAnalysis
public boolean allowSqlRunAfterAnalysis(SqlEvent sqlEvent, Connection connection) throws IOException, SQLExceptionAllows detecting in background / asynchronously if Cloudmersive SQL injection detector accepts the SQL statement. (TheallowSqlRunAfterAnalysiscall thus always returns immediatelytrue).- Specified by:
allowSqlRunAfterAnalysisin interfaceSqlFirewallManager- Overrides:
allowSqlRunAfterAnalysisin classDefaultSqlFirewallManager- Parameters:
sqlEvent- the SQL event asked by the client side. Contains all info about the SQL call (client username, database name, IP Address of the client, and SQL statement details)connection- The current SQL/JDBCConnection- Returns:
true. No analysis is done so all SQL statements are authorized.- Throws:
IOException- if an IOException occursSQLException- if a SQLException occurs
-