Class BanUserSqlFirewallTrigger

All Implemented Interfaces:

public class BanUserSqlFirewallTrigger
extends Object
implements SqlFirewallTrigger
A trigger that will insert into the following table the info detected by the SqlFirewallManager which fired the trigger:
    create table aceql_banned_user
      username                  varchar(254)    not null,    
      ip_address                varchar(254)    not null, 
      sql_database              varchar(254)    not null,       
      sql_firewall_manager      varchar(254)    not null,
      sql_statement             varchar(4000)           ,
      is_metadata               integer                 , 
      dt_creation               timestamp       not null                
    create index idx_address_username on aceql_banned_user(username);
Users inserted in the SQL table will not be allowed - by the AceQL Server - to further access to the SQL database after the ban action.
Any new access attempt of a banned user will be blocked by returning the ambiguous error message "Access Forbidden for Username".

Activation of this trigger requires to define the BanUserSqlFirewallTrigger as a value in the database.sqlFirewallTriggerClassNames property of the file.

my_database.sqlFirewallTriggerClassNames=com.mycompany.MySqlFirewallTrigger1, com.mycomapny.MySqlFirewallTrigger2

Nicolas de Pomereu
  • Constructor Details

    • BanUserSqlFirewallTrigger

      public BanUserSqlFirewallTrigger()
  • Method Details

    • runIfStatementRefused

      public void runIfStatementRefused​(SqlEvent sqlEvent, SqlFirewallManager sqlFirewallManager, Connection connection) throws IOException, SQLException
      Inserts the SqlEvent info into the aceql_banned_user SQL table.
      Specified by:
      runIfStatementRefused in interface SqlFirewallTrigger
      sqlEvent - the SQL event asked by the client side. Contains all info about the SQL call (client username, database name, IP Address of the client, and SQL statement details).
      sqlFirewallManager - the instance that triggers this call.
      connection - The current SQL/JDBC Connection
      IOException - if an IOException occurs
      SQLException - if a SQLException occurs