Interface SqlFirewallManager
- All Known Implementing Classes:
CsvRulesManager,CsvRulesManagerNoReload,DenyDatabaseWriteManager,DenyDclManager,DenyDdlManager,DenyExceptOnWhitelistManager,DenyMetadataQueryManager,DenyOnBlacklistManager,DenySqlInjectionManager,DenySqlInjectionManagerAsync,DenyStatementClassManager
public interface SqlFirewallManager
Interface that allows to define firewall rules for AceQL HTTP SQL calls.
Concrete implementations are defined in the
A concrete implementation should be developed on the server side in order to:
Concrete implementations are defined in the
aceql-server.properties
file. A concrete implementation should be developed on the server side in order to:
- Define a specific piece of Java code to analyze the source code of the SQL statement before allowing or not it's execution.
- Define if a client user has the right to call a
Statement.execute(i.e. call a raw execute). - Define if a client user has the right to call a raw
Statementthat is not aPreparedStatement. - Define if a client user has the right to call a the AceQL Metadata API.
Multiple SqlFirewallManager may be defined and chained.
When SqlFirewallManager classes are chained, an AND condition
is applied to all the SqlFirewallManager execution conditions in order to
compute final allow.
For example, the allowExecuteUpdate() of each chained
SqlFirewallManager instance must return true in order to allow
updates of the database.
Built in and ready to use classes that don't require any coding are included. The classes may be chained. See each Javadoc for more details:
CsvRulesManager: manager that apply rules written in a CSV file.CsvRulesManagerNoReload: same asCsvRulesManager, but dynamic reload of rules is prohibited if the CSV file is updated.DenyDatabaseWriteManager: manager that denies any update of the database.DenyDclManager: manager that denies any DCL (Data Control Language) call.DenyDdlManager: manager that denies any DDL (Data Definition Language) call.DenyExceptOnWhitelistManager: manager that allows only statements that are listed in a whitelist text file.DenyMetadataQueryManager: manager that denies the use of the AceQL Metadata Query API.DenyOnBlacklistManager: manager that denies statements that are listed in a blacklist text file.DenySqlInjectionManager: manager that allows detecting SQL injection attacks, using Cloudmersive third-party API.DenySqlInjectionManagerAsync: version ofDenySqlInjectionManagerthat detects SQL injections asynchronously for faster response time.DenyStatementClassManager: manager that denies any call of the raw Statement Java class. (Calling Statements without parameters is forbidden).
TCL (Transaction Control Language) calls are always authorized.
Note that the helper class StatementAnalyzer allows to do some simple
tests on the SQL statement string representation.
- Since:
- 4.1
- Author:
- Nicolas de Pomereu
-
Method Summary
Modifier and Type Method Description booleanallowMetadataQuery(String username, String database, Connection connection)Says if the username is allowed call the Metadata Query API for the passed database.booleanallowSqlRunAfterAnalysis(SqlEvent sqlEvent, Connection connection)Allows to analyze the SQL call event asked by the client side and thus allow or forbid the SQL execution on the server.
If the analysis defined by the method returns false, the SQL statement won't be executed.booleanallowStatementClass(String username, String database, Connection connection)Allows to define if the passed username is allowed to create and use aStatementinstance that is not aPreparedStatement.
-
Method Details
-
allowSqlRunAfterAnalysis
boolean allowSqlRunAfterAnalysis(SqlEvent sqlEvent, Connection connection) throws IOException, SQLExceptionAllows to analyze the SQL call event asked by the client side and thus allow or forbid the SQL execution on the server.
If the analysis defined by the method returns false, the SQL statement won't be executed.- Parameters:
sqlEvent- the SQL event asked by the client side. Contains all info about the SQL call (client username, database name, IP Address of the client, and SQL statement details)connection- The current SQL/JDBCConnection- Returns:
trueif the analyzed statement or prepared statement is validated and authorized to run, elsefalse- Throws:
IOException- if an IOException occursSQLException- if a SQLException occurs
-
allowStatementClass
boolean allowStatementClass(String username, String database, Connection connection) throws IOException, SQLExceptionAllows to define if the passed username is allowed to create and use aStatementinstance that is not aPreparedStatement.- Parameters:
username- the client username to check the rule fordatabase- the database name as defined in the JDBC URL fieldconnection- The current SQL/JDBCConnection- Returns:
trueif the user has the right to call a rawexecute- Throws:
IOException- if an IOException occursSQLException- if a SQLException occurs
-
allowMetadataQuery
boolean allowMetadataQuery(String username, String database, Connection connection) throws IOException, SQLExceptionSays if the username is allowed call the Metadata Query API for the passed database.- Parameters:
username- the client username to check the rule fordatabase- the database name as defined in the JDBC URL fieldconnection- The current SQL/JDBCConnection- Returns:
trueif the user has the right to call the Metadata Query API, elsefalse- Throws:
IOException- if an IOException occursSQLException- if a SQLException occurs
-