com.eviware.soapui.security.scan
Class SQLInjectionScan

java.lang.Object
  com.eviware.soapui.model.support.AbstractModelItem
      com.eviware.soapui.model.support.AbstractAnimatableModelItem<com.eviware.soapui.config.ModelItemConfig>
          com.eviware.soapui.impl.wsdl.AbstractWsdlModelItem<com.eviware.soapui.config.SecurityScanConfig>
              com.eviware.soapui.security.scan.AbstractSecurityScan
                  com.eviware.soapui.security.scan.AbstractSecurityScanWithProperties
                      com.eviware.soapui.security.scan.SQLInjectionScan

All Implemented Interfaces:

ModelItem, SecurityScan, XPathReferenceContainer, Assertable, ResponseAssertion, PropertyChangeNotifier

public class SQLInjectionScan
extends AbstractSecurityScanWithProperties

This will test whether a targeted web page is vulnerable to reflected XSS attacks

Author:

soapui team

Nested Class Summary

protected static interface

SQLInjectionScan.AdvancedSettings

Nested classes/interfaces inherited from interface com.eviware.soapui.model.testsuite.Assertable

Assertable.AssertionStatus

Field Summary

static java.lang.String	NAME
static java.lang.String	TYPE

Fields inherited from class com.eviware.soapui.security.scan.AbstractSecurityScanWithProperties

SECURITY_CHANGED_PARAMETERS

Fields inherited from class com.eviware.soapui.security.scan.AbstractSecurityScan

assertionsSupport

Fields inherited from interface com.eviware.soapui.model.security.SecurityScan

SECURITY_CHECK_RESPONSE_RESULT, SECURITY_SCAN_REQUEST_RESULT, STATUS_PROPERTY

Fields inherited from interface com.eviware.soapui.model.ModelItem

DESCRIPTION_PROPERTY, ICON_PROPERTY, LABEL_PROPERTY, NAME_PROPERTY

Constructor Summary

SQLInjectionScan(TestStep testStep, com.eviware.soapui.config.SecurityScanConfig config, ModelItem parent, java.lang.String icon)

Method Summary

protected void	clear()
protected void	execute(SecurityTestRunner securityTestRunner, TestStep testStep, SecurityTestRunContext context) should be implemented in every particular scan it executes one request, modified by securityScan if necessary and internally adds messages for logging to SecurityScanRequestResult
javax.swing.JComponent	getAdvancedSettingsPanel() Overide if SecurityScan needs advanced settings
javax.swing.JComponent	getComponent() Overide if SecurityScan have Optional component
java.lang.String	getConfigDescription()
java.lang.String	getConfigName()
java.lang.String	getHelpURL()
java.lang.String	getType() The type of this check
protected boolean	hasNext(TestStep testStep, SecurityTestRunContext context) checks if specific SecurityScan still has modifications left
void	release()
void	updateSecurityConfig(com.eviware.soapui.config.SecurityScanConfig config)

Methods inherited from class com.eviware.soapui.security.scan.AbstractSecurityScanWithProperties

copyConfig, createMessageExchange, getParameterAt, getParameterByLabel, getParameterHolder, getXPathReferences, importParameter, setParameterHolder

Methods inherited from class com.eviware.soapui.security.scan.AbstractSecurityScan

addAssertion, addAssertionsListener, addPropertyChangeListener, addWsdlAssertion, assertResponse, cloneAssertion, getAssertableContent, getAssertableType, getAssertionAt, getAssertionByName, getAssertionCount, getAssertionList, getAssertions, getAssertionsSupport, getAssertionStatus, getDefaultAssertableContent, getExecutionStrategy, getInterface, getModelItem, getOriginalResult, getRequest, getSecurityScanRequestResult, getSecurityScanResult, getSecurityStatus, getTestStep, initAssertions, isApplyForFailedStep, isConfigurable, isDisabled, isRunOnlyOnce, isSecurable, isSkipFurtherRunning, moveAssertion, removeAssertion, removeAssertionsListener, removePropertyChangeListener, reportSecurityScanException, run, setApplyForFailedTestStep, setDisabled, setExecutionStrategy, setRunOnlyOnce, setSecurityScanRequestResult, setSkipFurtherRunning, setTestStep

Methods inherited from class com.eviware.soapui.impl.wsdl.AbstractWsdlModelItem

addExternalDependencies, afterLoad, beforeSave, dependsOn, getConfig, getDescription, getExternalDependencies, getIcon, getId, getName, getParent, getSettings, getWsdlModelItemByName, resolve, setConfig, setDescription, setIcon, setName, setSettings

Methods inherited from class com.eviware.soapui.model.support.AbstractModelItem

addPropertyChangeListener, fireIndexedPropertyChange, fireIndexedPropertyChange, fireIndexedPropertyChange, getChildren, notifyPropertyChanged, notifyPropertyChanged, notifyPropertyChanged, notifyPropertyChanged, removePropertyChangeListener

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.eviware.soapui.model.security.SecurityScan

getConfig

Methods inherited from interface com.eviware.soapui.model.ModelItem

getChildren, getDescription, getIcon, getId, getName, getParent, getSettings

Methods inherited from interface com.eviware.soapui.support.PropertyChangeNotifier

addPropertyChangeListener, removePropertyChangeListener

Field Detail

TYPE

public static final java.lang.String TYPE

See Also:

Constant Field Values

NAME

public static final java.lang.String NAME

See Also:

Constant Field Values

Constructor Detail

SQLInjectionScan

public SQLInjectionScan(TestStep testStep,
                        com.eviware.soapui.config.SecurityScanConfig config,
                        ModelItem parent,
                        java.lang.String icon)

Method Detail

updateSecurityConfig

public void updateSecurityConfig(com.eviware.soapui.config.SecurityScanConfig config)

Specified by:

updateSecurityConfig in interface SecurityScan

Overrides:

updateSecurityConfig in class AbstractSecurityScanWithProperties

getComponent

public javax.swing.JComponent getComponent()

Description copied from class: AbstractSecurityScan

Overide if SecurityScan have Optional component

Specified by:

getComponent in interface SecurityScan

Overrides:

getComponent in class AbstractSecurityScan

Returns:

getType

public java.lang.String getType()

Description copied from interface: SecurityScan

The type of this check

Specified by:

getType in interface SecurityScan

Specified by:

getType in class AbstractSecurityScan

Returns:

execute

protected void execute(SecurityTestRunner securityTestRunner,
                       TestStep testStep,
                       SecurityTestRunContext context)

Description copied from class: AbstractSecurityScan

should be implemented in every particular scan it executes one request, modified by securityScan if necessary and internally adds messages for logging to SecurityScanRequestResult

Specified by:

execute in class AbstractSecurityScan

hasNext

protected boolean hasNext(TestStep testStep,
                          SecurityTestRunContext context)

Description copied from class: AbstractSecurityScan

checks if specific SecurityScan still has modifications left

Specified by:

hasNext in class AbstractSecurityScan

getConfigDescription

public java.lang.String getConfigDescription()

Specified by:

getConfigDescription in interface SecurityScan

Specified by:

getConfigDescription in class AbstractSecurityScan

getConfigName

public java.lang.String getConfigName()

Specified by:

getConfigName in interface SecurityScan

Specified by:

getConfigName in class AbstractSecurityScan

getHelpURL

public java.lang.String getHelpURL()

Specified by:

getHelpURL in interface SecurityScan

Specified by:

getHelpURL in class AbstractSecurityScan

getAdvancedSettingsPanel

public javax.swing.JComponent getAdvancedSettingsPanel()

Description copied from class: AbstractSecurityScan

Overide if SecurityScan needs advanced settings

Specified by:

getAdvancedSettingsPanel in interface SecurityScan

Overrides:

getAdvancedSettingsPanel in class AbstractSecurityScan

Returns:

release

public void release()

Specified by:

release in interface SecurityScan

Overrides:

release in class AbstractSecurityScanWithProperties

clear

protected void clear()

Overrides:

clear in class AbstractSecurityScan