AntiSQLFilter Logo
  english | portuguese
by SmartWare  
     HOW TO     

AntiSQLFilter is a J2EE Web Application Filter that protects internal componentes from SQL Injection attacks.

SQL Injection is a hacker technique that uses regular http/https requests (via URL or HTML forms) to address a security vunerability on SQL handler application components. Any http request parameter has the potential to carry special SQL statements to mislead the underlying database and expose the web application.

J2EE filters are the easiest way to intercept http request - they can be configured to intercept all or the most critical requests to a J2EE web application.

AntiSQLFilter is a filter that evaluates all request parameters and identifies possible SQL Injection attempts. The filter behavior can be configured to react to an SQL Injection attack: log registration, exception raising, request redirection or parameter re-writing.

It is open source (LGPL), written in Java and applies to any J2EE web application based on Servlet API 2.3 or higher and Java Virtual Machines 1.4 or higher.