Enabling security enhancement in JDBC datastore queries - PingFederate

Enabling security enhancement in JDBC datastore queries - PingFederate - 11.1

PingFederate Server

bundle

pingfederate-111

ft:publication_title

PingFederate Server

Product_Version_ce

PingFederate 11.1

category

Administrator

Audience

Capability

DeploymentMethod

Product

SingleSignonSSO

Software

SystemAdministrator

pf-111

pingfederate

ContentType_ce

Edit the org.sourceid.common.SqlFilterManager.xml file for stronger security protection in a JDBC datastore.

Note:

If you are upgrading from PingFederate 8.4.4 or earlier, modify the <pf_install>/pingfederate/server/default/data/config-store/org.sourceid.common.SqlFilterManager.xml file to enable the safeguard for JDBC datastore queries against backend SQL injection attacks.

Edit the org.sourceid.common.SqlFilterManager.xml file.

Set the <item name="enableSqlFilters"/> element value to true.

<?xml version="1.0" encoding="UTF-8"?>
<config xmlns="http://www.sourceid.org/2004/05/config">
    <item name="enableSqlFilters">true</item>
</config>

Save the file.
Restart PingFederate.
If you have a clustered PingFederate environment, push this change to all engine nodes:
1. On the administrative console, go to System > Server > Cluster Management.
2. Click Replicate.
Verify your use cases to make sure your search filters return the expected results.