Hi ,
(reedited after more testing)
In v8.1 we're querying the rest api server as shown:
POST /AppServer/api/entities/Person?limit=15&displaycolumns=CCC_NIF;CentralAccount
Hi ,
(reedited after more testing)
In v8.1 we're querying the rest api server as shown:
POST /AppServer/api/entities/Person?limit=15&displaycolumns=CCC_NIF;CentralAccount
We have a similar problem while migrating the web portal from 7.1.3 to 8.1.1.
We get db journal errors and lockouts:
SQL injection by brute force attack detected in WHERE clause: ...
...
User session of…
Hello,
Is this a general problem with using LIKE operators in where clauses?
Yes.
Please see the following related to this as well: https://support.oneidentity.com/identity-manager/kb/288731/false-positive…
In this particular case, the "Fullpath LIKE" query can be rewritten using the BaseTreeCollection table. Try this:
UID_AErole in (select UID_Org
from basetreecollection
where uid_parentorg in …
We have a similar problem while migrating the web portal from 7.1.3 to 8.1.1.
We get db journal errors and lockouts:
SQL injection by brute force attack detected in WHERE clause: ...
...
User session of ... was locked.
The cause is a visibility condition on a menu entry, that probably gets executes every 20 seconds because of polling, that looks like this:
Exists("PersonInAERole",
SqlAnd(SqlCompareUid("UID_Person", getuser()),
"UID_AERole in (select aer.UID_AERole
from AErole aer
where aer.FullPath like 'Request & Fulfillment\IT Shop\ParentRoleA%'
or aer.FullPath like 'Request & Fulfillment\IT Shop\ParentRoleB%' )"))
Is this a general problem with using LIKE operators in where clauses?
How can we prevent the detection of brute force/code injection, which is clearly not the case here?
Hello,
Is this a general problem with using LIKE operators in where clauses?
Yes.
Please see the following related to this as well: https://support.oneidentity.com/identity-manager/kb/288731/false-positive-of-sql-injection-attack-detection.
But in general, it's a good idea to revise queries so less 'LIKE' operators are used.
Trevor
Hello,
Is this a general problem with using LIKE operators in where clauses?
Yes.
Please see the following related to this as well: https://support.oneidentity.com/identity-manager/kb/288731/false-positive-of-sql-injection-attack-detection.
But in general, it's a good idea to revise queries so less 'LIKE' operators are used.
Trevor