SQL Server examples

Reject a login

Create a JavaScript request filter for packets of type Login7 with the following code:

if (context.packet.username === 'jdoe') {
context.result.success = false;
context.result.errorMessage = "No login for jdoe!";
context.result.errorCode = 999;
}

If user jdoe then tries to log in, the login will be rejected with something like:

No login for jdoe! ClientConnectionId:282a9d83-9c6c-31c2-a036-ecb6f170c07f

Details:

   Type: com.microsoft.sqlserver.jdbc.SQLServerException

   Error Code: 999

   SQL State: S0000


You can accept or reject logins on any number of factors: the user name, the client's IP address, the version of the client, the time of day, etc... See the documentation on the Login7 packet for more details.

Note that this only works for SQL Server authentication, since Windows authentication does not reveal the user name until after login. To get around that, you can simply define a request filter that closes the connection if the user is undesirable.