February 24, 2021
Hot Topics:

Implementing an Anti-Virus File Scan in JEE Applications

  • By Vlad Kofman
  • Send Email »
  • More Articles »

Using the SSE Scanning Java APIs

In any class where scan is required, call the scanning API provided in the AVClient object located in the av.jar. The AVClient object will establish connection to the Scan Engine server and has the following APIs:

Figure 2: The significant APIs for the communication with to the Scan Engine Server.

If scanning a file on the file system, in SCAN only mode, use the call that accepts filename only.

If scanning a file on the file system, with SCANREPAIR or SCANREPAIRDELETE, use the call that accepts input and output file names.

If scanning an in-memory file (byte array), use the call accepting byte array.

For example:

import com.av.*;

Initialize setup parameters:

static String avMode =
   (System.getProperty("AV_SERVER_MODE") != null)
   ? (String) System.getProperty("AV_SERVER_MODE") : "NOSCAN";

static boolean scan = avMode.startsWith("SCAN");

static String avServer =
   (String) System.getProperty("AV_SERVER_HOST");

static int avPort =
   Integer.parseInt( (String) System.getProperty("AV_SERVER_PORT"));

Scan check example for an in-memory file byte array:

public void scanFile(byte[] fileBytes, String fileName)
   throws IOException, Exception {

   if (scan) {
      AVClient avc = new AVClient(avServer, avPort, avMode);
      if (avc.scanfile(fileName, fileBytes) == -1) {
         throw new VirusException("WARNING: A virus was detected in
            your attachment: " + fileName + "<br>Please scan
            your system with the latest antivirus software with
            updated virus definitions and try again.");

Note that if you are using this code inside of the MVC handler, you can throw a custom VirusException and check for it in the calling method and perform any necessary cleanup. I have included the class in the AV Jar as well.

For example:

catch (Exception ex) {
   if (ex instanceof VirusException) {
      // do something here
   else {
      // there was some other error – handle it

For more details on the Scan Engine Client API, please see Symantec Scan Engine Software Developers Guide.

SSE Response Codes and Notification Options

Your Java code should have hooks to auto generate alerts or emails to the system support people in the event of failures to connect to the SSE, invalid, or has expired SSE license, and other events. To generate such alerts, when incorporating the AV client code in your application, you may need to use javamail or another email package to enable this functionality. Please look at the connect (String host) API in the AVClient object and the helper class AVRespond method request(String server_response).

Here is the list of all available codes.

  • private String one = "ICAP/1.0 100";
  • private String two = "ICAP/1.0 200";
  • private String three = "ICAP/1.0 201";
  • private String four = "ICAP/1.0 204";
  • private String five = "ICAP/1.0 400";
  • private String six = "ICAP/1.0 403";
  • private String seven = "ICAP/1.0 404";
  • private String eight = "ICAP/1.0 405";
  • private String nine = "ICAP/1.0 408";
  • private String ten = "ICAP/1.0 500";
  • private String eleven = "ICAP/1.0 503";
  • private String twelve = "ICAP/1.0 505";
  • private String thirteen = "ICAP/1.0 533";
  • private String fourteen = "ICAP/1.0 539";
  • private String fifteen = "ICAP/1.0 551";
  • private String sixteen = "ICAP/1.0 558";

Page 2 of 3

This article was originally published on November 15, 2007

Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

Thanks for your registration, follow us on our social networks to keep up-to-date