org.kawanfw.sql.api.server.firewall.DefaultSqlFirewallManager

org.kawanfw.sql.api.server.firewall.DenyDatabaseWriteManager

All Implemented Interfaces:: SqlFirewallManager

public class DenyDatabaseWriteManager
extends DefaultSqlFirewallManager
implements SqlFirewallManager

Firewall manager that denies any update of the database for the passed user. The database is thus guaranteed to be accessed in read only from client side.
DenyDatabaseWriteManager should be used only in order to monitor users who try to force writes on database.
If you don't need to monitor users and detect hackers, it's better to set the property database.defaultReadOnly=true in the aceql-server.properties file: it will launch a Connection.setReadOnly(boolean) JDBC call at server startup that will write-protect efficiently the SQL database.

Since:: 11.0
Author:: Nicolas de Pomereu

Constructor Summary

Constructors

Constructor Description

DenyDatabaseWriteManager()

Method Summary

Modifier and Type	Method	Description
`boolean`	`allowSqlRunAfterAnalysis(SqlEvent sqlEvent, Connection connection)`	Allows to analyze the SQL call event asked by the client side and thus allow or forbid the SQL execution on the server. If the analysis defined by the method returns false, the SQL statement won't be executed.

Methods inherited from class org.kawanfw.sql.api.server.firewall.DefaultSqlFirewallManager

allowExecute, allowMetadataQuery, allowStatementClass

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.kawanfw.sql.api.server.firewall.SqlFirewallManager

allowExecute, allowMetadataQuery, allowStatementClass

Constructor Details
- DenyDatabaseWriteManager
  
  public DenyDatabaseWriteManager()
Method Details
- allowSqlRunAfterAnalysis
  
  public boolean allowSqlRunAfterAnalysis(SqlEvent sqlEvent, Connection connection) throws IOException, SQLException
  
  Description copied from interface: SqlFirewallManager
  
  Allows to analyze the SQL call event asked by the client side and thus allow or forbid the SQL execution on the server.
  If the analysis defined by the method returns false, the SQL statement won't be executed.
  
  Specified by:
  
  allowSqlRunAfterAnalysis in interface SqlFirewallManager
  
  Overrides:
  
  allowSqlRunAfterAnalysis in class DefaultSqlFirewallManager
  
  Parameters:
  
  sqlEvent - the SQL event asked by the client side. Contains all info about the SQL call (client username, database name, IP Address of the client, and SQL statement details)
  
  connection - The current SQL/JDBC Connection
  
  Returns:
  
  false if the passed SQL statement tries to update the database, else true
  
  Throws:
  
  IOException - if an IOException occurs
  
  SQLException - if a SQLException occurs

Class DenyDatabaseWriteManager

Constructor Summary

Method Summary

Methods inherited from class org.kawanfw.sql.api.server.firewall.DefaultSqlFirewallManager

Methods inherited from class java.lang.Object

Methods inherited from interface org.kawanfw.sql.api.server.firewall.SqlFirewallManager

Constructor Details

DenyDatabaseWriteManager

Method Details

allowSqlRunAfterAnalysis