Class DenyStatementClassManager
java.lang.Object
org.kawanfw.sql.api.server.firewall.DenyStatementClassManager
- All Implemented Interfaces:
SqlFirewallManager
public class DenyStatementClassManager extends Object implements SqlFirewallManager
Firewall manager that denies any call of the raw
Statement
class. (Calling Statements without parameters is forbidden).- Since:
- 4.0
- Author:
- Nicolas de Pomereu
-
Constructor Summary
Constructors Constructor Description DenyStatementClassManager() -
Method Summary
Modifier and Type Method Description booleanallowMetadataQuery(String username, String database, Connection connection)Says if the username is allowed call the Metadata Query API for the passed database.booleanallowSqlRunAfterAnalysis(SqlEvent sqlEvent, Connection connection)Allows to analyze the SQL call event asked by the client side and thus allow or forbid the SQL execution on the server.
If the analysis defined by the method returns false, the SQL statement won't be executed.booleanallowStatementClass(String username, String database, Connection connection)Allows to define if the passed username is allowed to create and use aStatementinstance that is not aPreparedStatement.
-
Constructor Details
-
DenyStatementClassManager
public DenyStatementClassManager()
-
-
Method Details
-
allowStatementClass
public boolean allowStatementClass(String username, String database, Connection connection) throws IOException, SQLExceptionDescription copied from interface:SqlFirewallManagerAllows to define if the passed username is allowed to create and use aStatementinstance that is not aPreparedStatement.- Specified by:
allowStatementClassin interfaceSqlFirewallManager- Parameters:
username- the client username to check the rule fordatabase- the database name as defined in the JDBC URL fieldconnection- The current SQL/JDBCConnection- Returns:
false. (Nobody is allowed to create rawStatement, i.e. call statements without parameters.)- Throws:
IOException- if an IOException occursSQLException- if a SQLException occurs
-
allowSqlRunAfterAnalysis
public boolean allowSqlRunAfterAnalysis(SqlEvent sqlEvent, Connection connection) throws IOException, SQLExceptionDescription copied from interface:SqlFirewallManagerAllows to analyze the SQL call event asked by the client side and thus allow or forbid the SQL execution on the server.
If the analysis defined by the method returns false, the SQL statement won't be executed.- Specified by:
allowSqlRunAfterAnalysisin interfaceSqlFirewallManager- Parameters:
sqlEvent- the SQL event asked by the client side. Contains all info about the SQL call (client username, database name, IP Address of the client, and SQL statement details)connection- The current SQL/JDBCConnection- Returns:
true. No analysis is done so all SQL statements are authorized.- Throws:
IOException- if an IOException occursSQLException- if a SQLException occurs
-
allowMetadataQuery
public boolean allowMetadataQuery(String username, String database, Connection connection) throws IOException, SQLExceptionDescription copied from interface:SqlFirewallManagerSays if the username is allowed call the Metadata Query API for the passed database.- Specified by:
allowMetadataQueryin interfaceSqlFirewallManager- Parameters:
username- the client username to check the rule fordatabase- the database name as defined in the JDBC URL fieldconnection- The current SQL/JDBCConnection- Returns:
true. (Client programs will be allowed to call the Metadata Query API).- Throws:
IOException- if an IOException occursSQLException- if a SQLException occurs
-