Class DenyDatabaseWriteManager

All Implemented Interfaces:

public class DenyDatabaseWriteManager
extends DefaultSqlFirewallManager
implements SqlFirewallManager
Firewall manager that denies any update of the database for the passed user. The database is thus guaranteed to be accessed in read only from client side.
DenyDatabaseWriteManager should be used only in order to monitor users who try to force writes on database.
If you don't need to monitor users and detect hackers, it's better to set the property database.defaultReadOnly=true in the file: it will launch a Connection.setReadOnly(boolean) JDBC call at server startup that will write-protect efficiently the SQL database.
Nicolas de Pomereu
  • Constructor Details

    • DenyDatabaseWriteManager

      public DenyDatabaseWriteManager()
  • Method Details

    • allowSqlRunAfterAnalysis

      public boolean allowSqlRunAfterAnalysis​(SqlEvent sqlEvent, Connection connection) throws IOException, SQLException
      Description copied from interface: SqlFirewallManager
      Allows to analyze the SQL call event asked by the client side and thus allow or forbid the SQL execution on the server.
      If the analysis defined by the method returns false, the SQL statement won't be executed.
      Specified by:
      allowSqlRunAfterAnalysis in interface SqlFirewallManager
      allowSqlRunAfterAnalysis in class DefaultSqlFirewallManager
      sqlEvent - the SQL event asked by the client side. Contains all info about the SQL call (client username, database name, IP Address of the client, and SQL statement details)
      connection - The current SQL/JDBC Connection
      false if the passed SQL statement tries to update the database, else true
      IOException - if an IOException occurs
      SQLException - if a SQLException occurs