Signed-off-by: Emmanuel Jannetti <emmanuel.jannetti@oracle.com>

 Oracle JDBC SQL statement interceptor intergration. Added missing sources

java/jdbc/statement-interceptor/demo-app/.gitignore

@@ -0,0 +1,37 @@
+HELP.md
+.gradle
+build/
+!gradle/wrapper/gradle-wrapper.jar
+!**/src/main/**/build/
+!**/src/test/**/build/
+
+### STS ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+.sts4-cache
+bin/
+!**/src/main/**/bin/
+!**/src/test/**/bin/
+
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr
+out/
+!**/src/main/**/out/
+!**/src/test/**/out/
+
+### NetBeans ###
+/nbproject/private/
+/nbbuild/
+/dist/
+/nbdist/
+/.nb-gradle/
+
+### VS Code ###
+.vscode/

java/jdbc/statement-interceptor/demo-app/README.md

@@ -0,0 +1,96 @@
+# JDBC interceptor demo application
+
+How to transparently secure database exchanges by filtering out bad or insecure SQL statements
+issued by an application ?
+
+This simple web application fulfill that use case and demonstrates how JDBC trace event listener
+can be used to analyse and may be intercept SQL statements that are sent by an application
+to oracle database server. 
+
+=================================================================================================
+
+![Screenshot of a demo application](/assets/img/demoapp.png)
+
+=================================================================================================
+
+In this application we leverage the event listener (aka interceptor) delivered by project
+https://orahub.oci.oraclecorp.com/ora-jdbc-dev/jdbc-interceptor
+That is a simple standalone SpringBoot application that performs search
+on an employee table. This simple table contains 5 employees like
+
+```oracle-sql
+CREATE TABLE employees (
+ id CHAR(32) DEFAULT SYS_GUID() PRIMARY KEY,
+ full_name VARCHAR2(60),
+ visible NUMBER(1) DEFAULT 0
+ )
+```
+
+Employees with 'visible' attributes set to 0 must not be seen. This flag will be 
+used to demonstrate how SQL injection can lead to unexpected response.
+See section [Testing the interceptor]()
+
+The SQL statement sent to the server are intercept and analyse according the "security" rules.
+
+## The statement interceptor
+
+This application uses a customized UCP connection pool.
+> see _com.oracle.jdbc.samples.statementinterceptordemo.TracedDataSourceConfig_
+
+
+The pool configuration is taken from
+> src/main/resources/oracle-pooled-ds.properties
+
+Please change it accordingly.
+
+Each connection delivered by this pool will have the Statement
+interceptor trace event listener attached. 
+
+The interceptor rules are defined in 
+> src/main/resources/statementRules.json
+
+## build 
+
+We require the following dependency
+
+dependencies {
+ implementation 'com.oracle.database.jdbc:JDBCInterceptor:0.1-SNAPSHOT'
+}
+
+## Running the application
+
+Make sure properties are correctly set in oracle-pooled-ds.properties file 
+Once the application is started, open a web browser and go to
+http://localhost:8080/
+
+### Testing the interceptor
+This application host two datasources, one with an interceptor in place.
+There is a checkbox that allow you to switch from one datasource to another
+
+
+You can issue some search that will be intercepted by the listener
+
+#### SQL injection example
+An example is a search like 
+>_' or 'a'='a_. 
+
+When the interceptor is not enabled you will see that this search return all 
+employees including the ones that are not supposed to be visible 
+
+![SQL injection not intercepted](/assets/img/injection_1.png)
+
+When the interceptor is enabled you will see the security error thrown
+by the interceptor and that the request do not reach the server.
+
+![SQL injection not intercepted](/assets/img/injection_2.png)
+
+#### fixed token example
+
+By issuing "BabEmployee" as search criteria you will see how security log record can be intercepted.
+
+![token sample](/assets/img/token_1.png)
+
+### From intelliJ 
+_Run_ > _Run statement-interceptor-demo [bootRun]_ 
+### From command line
+#./gradlew bootRun

java/jdbc/statement-interceptor/demo-app/build.gradle

@@ -0,0 +1,71 @@
+plugins {
+ id 'java'
+ id 'org.springframework.boot' version '3.3.1'
+ id 'io.spring.dependency-management' version '1.1.5'
+ id 'com.oracle.database.jdbc.java-conventions' version '1.2-SNAPSHOT'
+ id 'maven-publish'
+}
+
+
+
+java {
+ toolchain {
+ languageVersion = JavaLanguageVersion.of(21)
+ }
+}
+
+configurations {
+ compileOnly {
+ extendsFrom annotationProcessor
+ }
+}
+configurations {
+ developmentOnly
+ runtimeClasspath {
+ extendsFrom developmentOnly
+ }
+}
+
+
+repositories {
+ maven { url 'https://repo.spring.io/snapshot' }
+}
+
+
+
+
+dependencies {
+ implementation 'org.springframework.boot:spring-boot-starter-web'
+ implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
+ implementation 'org.springframework.boot:spring-boot-starter-jdbc'
+
+ implementation("org.webjars:jquery:3.7.1")
+ implementation("org.webjars:bootstrap:5.3.3")
+ implementation("org.webjars.npm:htmx.org:2.0.0")
+
+ implementation("org.webjars:webjars-locator:0.52")
+
+ implementation 'com.oracle.database.jdbc:ojdbc11:23.4.0.24.05'
+ implementation 'com.oracle.database.jdbc:ucp11:23.4.0.24.05'
+
+ compileOnly 'org.projectlombok:lombok'
+
+ implementation 'com.google.code.gson:gson:2.11.0'
+
+ developmentOnly 'org.springframework.boot:spring-boot-devtools'
+
+ annotationProcessor 'org.springframework.boot:spring-boot-configuration-processor'
+ annotationProcessor 'org.projectlombok:lombok'
+ testImplementation 'org.springframework.boot:spring-boot-starter-test'
+ testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
+
+ implementation 'com.oracle.database.jdbc:JDBCInterceptor:0.2-SNAPSHOT'
+}
+
+tasks.named('test') {
+ useJUnitPlatform()
+}
+
+tasks.withType(JavaCompile).configureEach {
+ options.compilerArgs.remove("-Werror")
+}

java/jdbc/statement-interceptor/demo-app/gradle.properties

@@ -0,0 +1,2 @@
+group = com.oracle.jdbc.samples
+version = 0.0.1-SNAPSHOT

java/jdbc/statement-interceptor/demo-app/gradle/wrapper/gradle-wrapper.properties

@@ -0,0 +1,7 @@
+distributionBase=GRADLE_USER_HOME
+distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.8-bin.zip
+networkTimeout=10000
+validateDistributionUrl=true
+zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists