Enabling security enhancement in JDBC datastore queries - PingFederate

Page created: 5 Jul 2022 |

Page updated: 5 Jul 2022

| 1 min read

Guide Administrator Guide Content Type Product documentation 11.2 Capability Single Sign-on (SSO) Deployment Method Software Audience Administrator System Administrator Product PingFederate

Edit the org.sourceid.common.SqlFilterManager.xml file for stronger security protection in a JDBC datastore.

Note:

If you are upgrading from PingFederate 8.4.4 or earlier, modify the <pf_install>/pingfederate/server/default/data/config-store/org.sourceid.common.SqlFilterManager.xml file to enable the safeguard for JDBC datastore queries against backend SQL injection attacks.

Edit the org.sourceid.common.SqlFilterManager.xml file.

Set the <item name="enableSqlFilters"/> element value to true.

In the following example, the true value has been bolded for visibility.

<?xml version="1.0" encoding="UTF-8"?>
<config xmlns="http://www.sourceid.org/2004/05/config">
    <item name="enableSqlFilters">true</item>
</config>

Save the file.
Restart PingFederate.

If you have a clustered PingFederate environment:
1. Perform steps 1 to 3 on the console node.
2. Sign on to the PingFederate administrative console.
3. Go to System > Server > Cluster Management.
4. Click Replicate Configuration to push this change to all engine nodes.
Verify your use cases to make sure your search filters return the expected results.

Enabling security enhancement in JDBC datastore queries - PingFederate - 11.2

PingFederate Server