Apache Sling Clam

Clone this repo:
  1. 543c499 SLING-9239 Update Pax Exam to 4.13.3 by Oliver Lietz · 10 weeks ago master
  2. 26f5bbc SLING-9238 Update to Sling Bundle Parent 38 by Oliver Lietz · 10 weeks ago
  3. 5c5f8c4 SLING-9100 Update Pax Exam to 4.13.2 by Oliver Lietz · 3 months ago
  4. 8020d5a increase timeout on content to 120000 ms by Oliver Lietz · 9 months ago
  5. 35d78ce increase timeout on content to 60000 ms by Oliver Lietz · 9 months ago

Build Status Test Status Maven Central JavaDocs License

Apache Sling Clam

This module is part of the Apache Sling project.

This module provides support for Clam in Sling.

Finding data to scan for malware

NodeDescendingJcrPropertyDigger starts descending from a given root path, digs properties based on type, path and length and creates scan jobs.

NodeObservingJcrPropertyDigger observes Oak's NodeStore, digs properties based on type, path and length and creates scan jobs.

NOTE: Ensure to exclude scan jobs in /var/eventing and scan results in /var/clam/results from scanning.

Scanning data

JcrPropertyScanJobConsumer processes scan jobs by reading property values from JCR, sends data to Clam service for scanning and invokes optional scan result handlers.

The service requires read-only access to all paths to be scanned which can be allowed by adding the service user mapping org.apache.sling.clam=sling-readall.

Handling of scan results

EventPublishingScanResultHandler publishes scan results via OSGi Event Admin Service.

ResourcePersistingScanResultHandler persists scan results via ResourceResolver in JCR. The result handler requires write access to a configurable root path for subservice result-writer.


Scanning all binaries and strings in AEM Assets:

curl -v -u username:password -F path=/content/dam -F pattern=^/.*$ -F propertyTypes[]=Binary -F propertyTypes[]=String http://localhost:4502/system/clam-jcr-scan

Observing Sling Clam events:

curl -v -u username:password http://localhost:4502/system/clam-events

Useful Patterns


Integration Tests

Integration tests require a running Clam daemon. By default a Docker container (mk0x/docker-clamav:alpine) is started via Testcontainers and local Docker Engine to provide the Clam daemon.

Use external Clam daemon

To disable Testcontainers and use an external Clam daemon set clamd.testcontainer to false:

mvn clean install -Dclamd.testcontainer=false

To override default Clam daemon host localhost and port 3310 set clamd.host and clamd.port:

mvn clean install -Dclamd.testcontainer=false -Dclamd.host=localhost -Dclamd.port=3310