Class DenyStatementClassManager

java.lang.Object
org.kawanfw.sql.api.server.firewall.DenyStatementClassManager
All Implemented Interfaces:
SqlFirewallManager

public class DenyStatementClassManager
extends Object
implements SqlFirewallManager
Firewall manager that denies any call of the raw Statement class. (Calling Statements without parameters is forbidden).
Since:
4.0
Author:
Nicolas de Pomereu
  • Constructor Details

    • DenyStatementClassManager

      public DenyStatementClassManager()
  • Method Details

    • allowStatementClass

      public boolean allowStatementClass​(String username, String database, Connection connection) throws IOException, SQLException
      Description copied from interface: SqlFirewallManager
      Allows to define if the passed username is allowed to create and use a Statement instance that is not a PreparedStatement.
      Specified by:
      allowStatementClass in interface SqlFirewallManager
      Parameters:
      username - the client username to check the rule for
      database - the database name as defined in the JDBC URL field
      connection - The current SQL/JDBC Connection
      Returns:
      false. (Nobody is allowed to create raw Statement, i.e. call statements without parameters.)
      Throws:
      IOException - if an IOException occurs
      SQLException - if a SQLException occurs
    • allowSqlRunAfterAnalysis

      public boolean allowSqlRunAfterAnalysis​(SqlEvent sqlEvent, Connection connection) throws IOException, SQLException
      Description copied from interface: SqlFirewallManager
      Allows to analyze the SQL call event asked by the client side and thus allow or forbid the SQL execution on the server.
      If the analysis defined by the method returns false, the SQL statement won't be executed.
      Specified by:
      allowSqlRunAfterAnalysis in interface SqlFirewallManager
      Parameters:
      sqlEvent - the SQL event asked by the client side. Contains all info about the SQL call (client username, database name, IP Address of the client, and SQL statement details)
      connection - The current SQL/JDBC Connection
      Returns:
      true. No analysis is done so all SQL statements are authorized.
      Throws:
      IOException - if an IOException occurs
      SQLException - if a SQLException occurs
    • allowMetadataQuery

      public boolean allowMetadataQuery​(String username, String database, Connection connection) throws IOException, SQLException
      Description copied from interface: SqlFirewallManager
      Says if the username is allowed call the Metadata Query API for the passed database.
      Specified by:
      allowMetadataQuery in interface SqlFirewallManager
      Parameters:
      username - the client username to check the rule for
      database - the database name as defined in the JDBC URL field
      connection - The current SQL/JDBC Connection
      Returns:
      true. (Client programs will be allowed to call the Metadata Query API).
      Throws:
      IOException - if an IOException occurs
      SQLException - if a SQLException occurs