Class DenySqlInjectionManager
java.lang.Object
org.kawanfw.sql.api.server.firewall.DefaultSqlFirewallManager
org.kawanfw.sql.api.server.firewall.DenySqlInjectionManager
- All Implemented Interfaces:
SqlFirewallManager
public class DenySqlInjectionManager extends DefaultSqlFirewallManager implements SqlFirewallManager
A firewall manager that allows detecting SQL injection attacks, using the
third-party Cloudmersive API:
Usage requires getting a Cloudmersive API key through a free or paying account creation at www.cloudmersive.com/pricing.
The Cloudmersive parameters (API key, detection level, ...) are stored in the
The file must be located in the same directory as the
Note that SQL injections are detected synchronously, which will slow down the SQL calls. The
Usage requires getting a Cloudmersive API key through a free or paying account creation at www.cloudmersive.com/pricing.
The Cloudmersive parameters (API key, detection level, ...) are stored in the
cloudmersive.properties file that is loaded at the AceQL server
startup. The file must be located in the same directory as the
aceql.properties file used when starting the AceQL server.Note that SQL injections are detected synchronously, which will slow down the SQL calls. The
DenySqlInjectionManagerAsync SQLFirewallManager is
provided for asynchronous detection.- Since:
- 11.0
- Author:
- Nicolas de Pomereu
- See Also:
DenySqlInjectionManagerAsync
-
Constructor Summary
Constructors Constructor Description DenySqlInjectionManager() -
Method Summary
Modifier and Type Method Description booleanallowSqlRunAfterAnalysis(SqlEvent sqlEvent, Connection connection)Says if Cloudmersive SQL injection detector accepts the SQL statement.Methods inherited from class org.kawanfw.sql.api.server.firewall.DefaultSqlFirewallManager
allowExecute, allowMetadataQuery, allowStatementClassMethods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.kawanfw.sql.api.server.firewall.SqlFirewallManager
allowExecute, allowMetadataQuery, allowStatementClass
-
Constructor Details
-
DenySqlInjectionManager
public DenySqlInjectionManager()
-
-
Method Details
-
allowSqlRunAfterAnalysis
public boolean allowSqlRunAfterAnalysis(SqlEvent sqlEvent, Connection connection) throws IOException, SQLExceptionSays if Cloudmersive SQL injection detector accepts the SQL statement.- Specified by:
allowSqlRunAfterAnalysisin interfaceSqlFirewallManager- Overrides:
allowSqlRunAfterAnalysisin classDefaultSqlFirewallManager- Parameters:
sqlEvent- the SQL event asked by the client side. Contains all info about the SQL call (client username, database name, IP Address of the client, and SQL statement details)connection- The current SQL/JDBCConnection- Returns:
true. No analysis is done so all SQL statements are authorized.- Throws:
IOException- if an IOException occursSQLException- if a SQLException occurs
-