Interface SqlFirewallTrigger
- All Known Implementing Classes:
BanUserSqlFirewallTrigger
,BeeperSqlFirewallTrigger
,JdbcLoggerSqlFirewallTrigger
,JsonLoggerSqlFirewallTrigger
public interface SqlFirewallTrigger
Interface that allows to define a trigger if for the specified
Concrete implementations are defined in the
Multiple
When
SqlFirewallManager
the allowSqlRunAfterAnalysis()
method call
returns false
. Concrete implementations are defined in the
aceql-server.properties
file.
Multiple
SqlFirewallTrigger
may be defined and chained in property
value by separating class names by a comma. When
SqlFirewallTrigger
classes are chained, all of them are
successively executed in the declared order.
Note that the framework comes with a default SqlFirewallTrigger
implementation that does nothing.
Built in and ready to use classes that don't require any coding are included. The classes may be chained. See each Javadoc for more details:
BanUserSqlFirewallTrigger
: a trigger that inserts the username and other info into a SQL table. The SQL table is scanned/controlled at each request, so the banned user cannot access any more the AceQL server.BeeperSqlFirewallTrigger
: a trigger that simply beeps on the terminal if an attack is detected by aSqlFirewallManager
.JdbcLoggerSqlFirewallTrigger
: a trigger that logs into a SQL table all info about the denied SQL request.JsonLoggerSqlFirewallTrigger
: a trigger that logs in JSON format all info about the denied SQL request.
- Since:
- 11.0
- Author:
- Nicolas de Pomereu
-
Method Summary
Modifier and Type Method Description void
runIfStatementRefused(SqlEvent sqlEvent, SqlFirewallManager sqlFirewallManager, Connection connection)
Allows to implement specific a Java rule immediately after a SQL statement described by a SqlEvent has been refused because one of theSqlFirewallManager.allowXxx
method returned false.
-
Method Details
-
runIfStatementRefused
void runIfStatementRefused(SqlEvent sqlEvent, SqlFirewallManager sqlFirewallManager, Connection connection) throws IOException, SQLExceptionAllows to implement specific a Java rule immediately after a SQL statement described by a SqlEvent has been refused because one of theSqlFirewallManager.allowXxx
method returned false.
Examples:- Delete the user from the username SQL table so that he never comes back.
- Log the IP address.
- Log the info.
- Send an alert message/email to a Security Officer.
- Etc.
- Parameters:
sqlEvent
- the SQL event asked by the client side. Contains all info about the SQL call (client username, database name, IP Address of the client, and SQL statement details).sqlFirewallManager
- the instance that triggers this call.connection
- The current SQL/JDBCConnection
- Throws:
IOException
- if an IOException occursSQLException
- if a SQLException occurs
-