Awake SQL v1.2.1

org.awakefw.sql.api.server
Class DefaultAwakeSqlConfigurator

java.lang.Object
  extended by org.awakefw.sql.api.server.DefaultAwakeSqlConfigurator
All Implemented Interfaces:
AwakeSqlConfigurator

public class DefaultAwakeSqlConfigurator
extends Object
implements AwakeSqlConfigurator

Default implementation of server side configuration for the Awake SQL Framework.

WARNING: This default implementation will allow to start immediate remote JDBC calls but is *not* secured.

It is highly recommended to override this class with your own secured implementation.

Since:
1.0

Constructor Summary
DefaultAwakeSqlConfigurator()
          Constructor.
 
Method Summary
 boolean allowExecute(String username, Connection connection)
          Allows to define if the passed username is allowed to call a Statement.execute(String) or PreparedStatement.execute()
 boolean allowExecuteUpdate(String username, Connection connection)
          Allows to define if the passed username is allowed to call a Statement.executeUpdate(String) or PreparedStatement.executeUpdate()
 boolean allowGetMetaData(String username, Connection connection)
          Allows to define if the passed username is allowed to query the database catalog through Connection.getMetaData().
 boolean allowResultSetGetMetaData(String username, Connection connection)
          Allows to define if the passed username is allowed to query the ResultSet properties through ResultSet.getMetaData() .
 boolean allowStatementAfterAnalysis(String username, Connection connection, String sql, List<Object> parameterValues)
          Allows, for the passed client username, to analyze the string representation of the SQL statement that is received on the server.
 boolean allowStatementClass(String username, Connection connection)
          Allows to define if the passed username is allowed to create and use a Statement instance that is not a PreparedStatement
 void runIfStatementRefused(String username, Connection connection, String ipAddress, String sql, List<Object> parameterValues)
          The event will be logged as Level.WARNING in the user.home/.awake/logs/Awake.log file
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DefaultAwakeSqlConfigurator

public DefaultAwakeSqlConfigurator()
Constructor.

Method Detail

allowExecute

public boolean allowExecute(String username,
                            Connection connection)
                     throws IOException,
                            SQLException
Description copied from interface: AwakeSqlConfigurator
Allows to define if the passed username is allowed to call a Statement.execute(String) or PreparedStatement.execute()

Specified by:
allowExecute in interface AwakeSqlConfigurator
Parameters:
username - the client username to check the rule for.
connection - The current SQL/JDBC Connection
Returns:
true. (Client programs will be allowed to call Statement.execute and PreparedStatement.execute).
Throws:
IOException - if an IOException occurs
SQLException - if a SQLException occurs

allowExecuteUpdate

public boolean allowExecuteUpdate(String username,
                                  Connection connection)
                           throws IOException,
                                  SQLException
Description copied from interface: AwakeSqlConfigurator
Allows to define if the passed username is allowed to call a Statement.executeUpdate(String) or PreparedStatement.executeUpdate()

Specified by:
allowExecuteUpdate in interface AwakeSqlConfigurator
Parameters:
username - the client username to check the rule for.
connection - The current SQL/JDBC Connection
Returns:
true. (Client programs will be allowed to call Statement.executeUpdate and PreparedStatement.executeUpdate).
Throws:
IOException - if an IOException occurs
SQLException - if a SQLException occurs

allowGetMetaData

public boolean allowGetMetaData(String username,
                                Connection connection)
                         throws IOException,
                                SQLException
Description copied from interface: AwakeSqlConfigurator
Allows to define if the passed username is allowed to query the database catalog through Connection.getMetaData().

Specified by:
allowGetMetaData in interface AwakeSqlConfigurator
Parameters:
username - the client username to check the rule for.
connection - The current SQL/JDBC Connection
Returns:
true. (Client programs will be allowed to use Connection.getMetaData()).
Throws:
IOException - if an IOException occurs
SQLException - if a SQLException occurs

allowResultSetGetMetaData

public boolean allowResultSetGetMetaData(String username,
                                         Connection connection)
                                  throws IOException,
                                         SQLException
Description copied from interface: AwakeSqlConfigurator
Allows to define if the passed username is allowed to query the ResultSet properties through ResultSet.getMetaData() .

Specified by:
allowResultSetGetMetaData in interface AwakeSqlConfigurator
Parameters:
username - the client username to check the rule for.
connection - The current SQL/JDBC Connection
Returns:
true. (Client programs will be allowed to use ResulSet.getMetaData()).
Throws:
IOException - if an IOException occurs
SQLException - if a SQLException occurs

allowStatementAfterAnalysis

public boolean allowStatementAfterAnalysis(String username,
                                           Connection connection,
                                           String sql,
                                           List<Object> parameterValues)
                                    throws IOException,
                                           SQLException
Description copied from interface: AwakeSqlConfigurator
Allows, for the passed client username, to analyze the string representation of the SQL statement that is received on the server.
If the analysis defined by the method returns false, the SQL statement won't be executed.

Specified by:
allowStatementAfterAnalysis in interface AwakeSqlConfigurator
Parameters:
username - the client username to check the rule for.
connection - The current SQL/JDBC Connection
sql - the SQL statement
parameterValues - the parameter values of a prepared statement in the natural order, empty list for a (non prepared) statement
Returns:
true if all following requirements are met:
  • SQL statement does not contain SQL comments.
  • SQL statement does not contain ';' separator character.
  • SQL statement is a DML statement: DELETE / INSERT / SELECT / UPDATE.
Throws:
IOException - if an IOException occurs
SQLException - if a SQLException occurs

allowStatementClass

public boolean allowStatementClass(String username,
                                   Connection connection)
                            throws IOException,
                                   SQLException
Description copied from interface: AwakeSqlConfigurator
Allows to define if the passed username is allowed to create and use a Statement instance that is not a PreparedStatement

Specified by:
allowStatementClass in interface AwakeSqlConfigurator
Parameters:
username - the client username to check the rule for.
connection - The current SQL/JDBC Connection
Returns:
true. (Client programs will be allowed to create raw Statement.)
Throws:
IOException - if an IOException occurs
SQLException - if a SQLException occurs

runIfStatementRefused

public void runIfStatementRefused(String username,
                                  Connection connection,
                                  String ipAddress,
                                  String sql,
                                  List<Object> parameterValues)
                           throws IOException,
                                  SQLException
The event will be logged as Level.WARNING in the user.home/.awake/logs/Awake.log file

Specified by:
runIfStatementRefused in interface AwakeSqlConfigurator
Parameters:
username - the discarded client username
connection - The current SQL/JDBC Connection
ipAddress - the IP address of the client user
sql - the SQL statement
parameterValues - the parameter values of a prepared statement in the natural order, empty list for a (non prepared) statement
Throws:
IOException - if an IOException occurs
SQLException - if a SQLException occurs

Awake SQL v1.2.1

Awake SQL - Virtual JDBC Driver over HTTP for Android, Swing and JavaFX
Android & Desktop Edition allow easy access to majors remote SQL databases with regular JDBC calls:
DB2 - H2 - HSQLDB (HyperSQL) - Informix - Ingres - MySQL - Oracle - PostgreSQL - SQL Server - Sybase - Teradata
Copyright © 2012 Kawan Softwares SAS