Enabling security enhancement in JDBC datastore queries - PingFederate - 11.3

PingFederate Server

bundle
pingfederate-113
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 11.3 (Latest)
category
Administrator
Administratorguide
Audience
Capability
ContentType
DeploymentMethod
Guide
Product
Productdocumentation
SingleSignonSSO
Software
SystemAdministrator
pf-113
pingfederate
ContentType_ce
Product documentation
Guide > Administrator Guide
Guide

Edit the org.sourceid.common.SqlFilterManager.xml file for stronger security protection in a JDBC datastore.

Note:

If you are upgrading from PingFederate 8.4.4 or earlier, modify the <pf_install>/pingfederate/server/default/data/config-store/org.sourceid.common.SqlFilterManager.xml file to enable the safeguard for JDBC datastore queries against backend SQL injection attacks.

  1. Edit the org.sourceid.common.SqlFilterManager.xml file.
  2. Set the <item name="enableSqlFilters"/> element value to true.
    <?xml version="1.0" encoding="UTF-8"?>
    <config xmlns="http://www.sourceid.org/2004/05/config">
        <item name="enableSqlFilters">true</item>
    </config>
  3. Save the file.
  4. Restart PingFederate.
  5. If you have a clustered PingFederate environment, push this change to all engine nodes:
    1. On the administrative console, go to System > Server > Cluster Management.
    2. Click Replicate.
  6. Verify your use cases to make sure your search filters return the expected results.