Package org.kawanfw.sql.api.server.firewall

Interface SqlFirewallManager

All Known Implementing Classes:
CsvRulesManager, CsvRulesManagerNoReload, DefaultSqlFirewallManager, DenyDatabaseWriteManager, DenyDclManager, DenyDdlManager, DenyExceptOnWhitelistManager, DenyMetadataQueryManager, DenyOnBlacklistManager, DenySqlInjectionManager, DenySqlInjectionManagerAsync, DenyStatementClassManager
public interface SqlFirewallManager
Interface that allows to define firewall rules for AceQL HTTP SQL calls.

Concrete implementations are defined in the aceql-server.properties file.

A concrete implementation should be developed on the server side in order to:
  • Define a specific piece of Java code to analyze the source code of the SQL statement before allowing or not it's execution.
  • Define if a client user has the right to call a Statement.execute (i.e. call a raw execute).
  • Define if a client user has the right to call a raw Statement that is not a PreparedStatement.
  • Define if a client user has the right to call a the AceQL Metadata API.

Multiple SqlFirewallManager may be defined and chained.
When SqlFirewallManager classes are chained, an AND condition is applied to all the SqlFirewallManager execution conditions in order to compute final allow.
For example, the allowExecuteUpdate() of each chained SqlFirewallManager instance must return true in order to allow updates of the database.

Note that the framework comes with a default SqlFirewallManager implementation that is *not* secured and should be extended: DefaultSqlFirewallManager.

Built in and ready to use classes that don't require any coding are included. The classes may be chained. See each Javadoc for more details:

TCL (Transaction Control Language) calls are always authorized.

Note that the helper class StatementAnalyzer allows to do some simple tests on the SQL statement string representation.

Since:
4.1
Author:
Nicolas de Pomereu

  • Method Summary

    Modifier and Type Method Description
    boolean allowExecute​(String username, String database, Connection connection)
    Allows to define if the passed username is allowed to call a raw JDBC Statement.execute.
    boolean allowMetadataQuery​(String username, String database, Connection connection)
    Says if the username is allowed call the Metadata Query API for the passed database.
    boolean allowSqlRunAfterAnalysis​(SqlEvent sqlEvent, Connection connection)
    Allows to analyze the SQL call event asked by the client side and thus allow or forbid the SQL execution on the server.
    If the analysis defined by the method returns false, the SQL statement won't be executed.
    boolean allowStatementClass​(String username, String database, Connection connection)
    Allows to define if the passed username is allowed to create and use a Statement instance that is not a PreparedStatement.

  • Method Details

    • allowSqlRunAfterAnalysis

      boolean allowSqlRunAfterAnalysis​(SqlEvent sqlEvent, Connection connection) throws IOException, SQLException
      Allows to analyze the SQL call event asked by the client side and thus allow or forbid the SQL execution on the server.
      If the analysis defined by the method returns false, the SQL statement won't be executed.
      Parameters:
      sqlEvent - the SQL event asked by the client side. Contains all info about the SQL call (client username, database name, IP Address of the client, and SQL statement details)
      connection - The current SQL/JDBC Connection
      Returns:
      true if the analyzed statement or prepared statement is validated and authorized to run, else false

      Throws:
      IOException - if an IOException occurs
      SQLException - if a SQLException occurs

    • allowStatementClass

      boolean allowStatementClass​(String username, String database, Connection connection) throws IOException, SQLException
      Allows to define if the passed username is allowed to create and use a Statement instance that is not a PreparedStatement.
      Parameters:
      username - the client username to check the rule for
      database - the database name as defined in the JDBC URL field
      connection - The current SQL/JDBC Connection
      Returns:
      true if the user has the right to call a raw execute

      Throws:
      IOException - if an IOException occurs
      SQLException - if a SQLException occurs

    • allowExecute

      boolean allowExecute​(String username, String database, Connection connection) throws IOException, SQLException
      Allows to define if the passed username is allowed to call a raw JDBC Statement.execute.
      Parameters:
      username - the client username to check the rule for
      database - the database name as defined in the JDBC URL field
      connection - The current SQL/JDBC Connection
      Returns:
      true if the user has the right call a database update statement
      Throws:
      IOException - if an IOException occurs
      SQLException - if a SQLException occurs

    • allowMetadataQuery

      boolean allowMetadataQuery​(String username, String database, Connection connection) throws IOException, SQLException
      Says if the username is allowed call the Metadata Query API for the passed database.
      Parameters:
      username - the client username to check the rule for
      database - the database name as defined in the JDBC URL field
      connection - The current SQL/JDBC Connection
      Returns:
      true if the user has the right to call the Metadata Query API, else false
      Throws:
      IOException - if an IOException occurs
      SQLException - if a SQLException occurs