com.eviware.soapui.security.scan

Class SQLInjectionScan

java.lang.Object

com.eviware.soapui.model.support.AbstractModelItem

com.eviware.soapui.model.support.AbstractAnimatableModelItem<ModelItemConfig>

com.eviware.soapui.impl.wsdl.AbstractWsdlModelItem<SecurityScanConfig>

com.eviware.soapui.security.scan.AbstractSecurityScan

com.eviware.soapui.security.scan.AbstractSecurityScanWithProperties

com.eviware.soapui.security.scan.SQLInjectionScan

All Implemented Interfaces:

ModelItem, SecurityScan, XPathReferenceContainer, Assertable, ResponseAssertion, PropertyChangeNotifier

public class SQLInjectionScan
extends AbstractSecurityScanWithProperties

This will test whether a targeted web page is vulnerable to reflected XSS attacks

Author:

soapui team

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
protected static interface	SQLInjectionScan.AdvancedSettings

Nested classes/interfaces inherited from interface com.eviware.soapui.model.testsuite.Assertable

Assertable.AssertionStatus

Field Summary

Fields

Modifier and Type	Field and Description
static String	NAME
static String	TYPE

Fields inherited from class com.eviware.soapui.security.scan.AbstractSecurityScanWithProperties

SECURITY_CHANGED_PARAMETERS

Fields inherited from class com.eviware.soapui.security.scan.AbstractSecurityScan

assertionsSupport

Fields inherited from interface com.eviware.soapui.model.security.SecurityScan

SECURITY_CHECK_RESPONSE_RESULT, SECURITY_SCAN_REQUEST_RESULT, STATUS_PROPERTY

Fields inherited from interface com.eviware.soapui.model.ModelItem

DESCRIPTION_PROPERTY, ICON_PROPERTY, LABEL_PROPERTY, NAME_PROPERTY

Constructor Summary

Constructors

Constructor and Description
SQLInjectionScan(TestStep testStep, SecurityScanConfig config, ModelItem parent, String icon)

Method Summary

Methods

Modifier and Type	Method and Description
protected void	clear()
protected void	execute(SecurityTestRunner securityTestRunner, TestStep testStep, SecurityTestRunContext context) should be implemented in every particular scan it executes one request, modified by securityScan if necessary and internally adds messages for logging to SecurityScanRequestResult
JComponent	getAdvancedSettingsPanel() Overide if SecurityScan needs advanced settings
JComponent	getComponent() Overide if SecurityScan have Optional component
String	getConfigDescription()
String	getConfigName()
String	getHelpURL()
String	getType() The type of this check
protected boolean	hasNext(TestStep testStep, SecurityTestRunContext context) checks if specific SecurityScan still has modifications left
void	release()
void	updateSecurityConfig(SecurityScanConfig config)

Methods inherited from class com.eviware.soapui.security.scan.AbstractSecurityScanWithProperties

copyConfig, createMessageExchange, getParameterAt, getParameterByLabel, getParameterHolder, getXPathReferences, importParameter, setParameterHolder

Methods inherited from class com.eviware.soapui.security.scan.AbstractSecurityScan

addAssertion, addAssertionsListener, addPropertyChangeListener, addWsdlAssertion, assertResponse, cloneAssertion, getAssertableContent, getAssertableType, getAssertionAt, getAssertionByName, getAssertionCount, getAssertionList, getAssertions, getAssertionsSupport, getAssertionStatus, getDefaultAssertableContent, getExecutionStrategy, getInterface, getModelItem, getOriginalResult, getRequest, getSecurityScanRequestResult, getSecurityScanResult, getSecurityStatus, getTestStep, initAssertions, isApplyForFailedStep, isConfigurable, isDisabled, isRunOnlyOnce, isSecurable, isSkipFurtherRunning, moveAssertion, removeAssertion, removeAssertionsListener, removePropertyChangeListener, reportSecurityScanException, run, setApplyForFailedTestStep, setDisabled, setExecutionStrategy, setRunOnlyOnce, setSecurityScanRequestResult, setSkipFurtherRunning, setTestStep

Methods inherited from class com.eviware.soapui.impl.wsdl.AbstractWsdlModelItem

addExternalDependencies, afterLoad, beforeSave, dependsOn, getConfig, getDescription, getExternalDependencies, getIcon, getId, getName, getParent, getSettings, getWsdlModelItemByName, resolve, setConfig, setDescription, setIcon, setName, setSettings

Methods inherited from class com.eviware.soapui.model.support.AbstractModelItem

addPropertyChangeListener, fireIndexedPropertyChange, fireIndexedPropertyChange, fireIndexedPropertyChange, getChildren, notifyPropertyChanged, notifyPropertyChanged, notifyPropertyChanged, notifyPropertyChanged, removePropertyChangeListener

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.eviware.soapui.model.security.SecurityScan

getConfig

Methods inherited from interface com.eviware.soapui.model.ModelItem

getChildren, getDescription, getIcon, getId, getName, getParent, getSettings

Methods inherited from interface com.eviware.soapui.support.PropertyChangeNotifier

addPropertyChangeListener, removePropertyChangeListener

Field Detail

TYPE

public static final String TYPE

See Also:

Constant Field Values

NAME

public static final String NAME

See Also:

Constant Field Values

Constructor Detail

SQLInjectionScan

public SQLInjectionScan(TestStep testStep,
                SecurityScanConfig config,
                ModelItem parent,
                String icon)

Method Detail

updateSecurityConfig

public void updateSecurityConfig(SecurityScanConfig config)

Specified by:

updateSecurityConfig in interface SecurityScan

Overrides:

updateSecurityConfig in class AbstractSecurityScanWithProperties

getComponent

public JComponent getComponent()

Description copied from class: AbstractSecurityScan

Overide if SecurityScan have Optional component

Specified by:

getComponent in interface SecurityScan

Overrides:

getComponent in class AbstractSecurityScan

Returns:

getType

public String getType()

Description copied from interface: SecurityScan

The type of this check

Specified by:

getType in interface SecurityScan

Specified by:

getType in class AbstractSecurityScan

Returns:

execute

protected void execute(SecurityTestRunner securityTestRunner,
           TestStep testStep,
           SecurityTestRunContext context)

Description copied from class: AbstractSecurityScan

should be implemented in every particular scan it executes one request, modified by securityScan if necessary and internally adds messages for logging to SecurityScanRequestResult

Specified by:

execute in class AbstractSecurityScan

hasNext

protected boolean hasNext(TestStep testStep,
              SecurityTestRunContext context)

Description copied from class: AbstractSecurityScan

checks if specific SecurityScan still has modifications left

Specified by:

hasNext in class AbstractSecurityScan

getConfigDescription

public String getConfigDescription()

Specified by:

getConfigDescription in interface SecurityScan

Specified by:

getConfigDescription in class AbstractSecurityScan

getConfigName

public String getConfigName()

Specified by:

getConfigName in interface SecurityScan

Specified by:

getConfigName in class AbstractSecurityScan

getHelpURL

public String getHelpURL()

Specified by:

getHelpURL in interface SecurityScan

Specified by:

getHelpURL in class AbstractSecurityScan

getAdvancedSettingsPanel

public JComponent getAdvancedSettingsPanel()

Description copied from class: AbstractSecurityScan

Overide if SecurityScan needs advanced settings

Specified by:

getAdvancedSettingsPanel in interface SecurityScan

Overrides:

getAdvancedSettingsPanel in class AbstractSecurityScan

Returns:

release

public void release()

Specified by:

release in interface SecurityScan

Overrides:

release in class AbstractSecurityScanWithProperties

clear

protected void clear()

Overrides:

clear in class AbstractSecurityScan