View on GitHub


AQL-WebService wrapper for AQL-Systems

Download this project as a .zip file Download this project as a tar.gz file

java 17



The Android App Analysis Query Language WebService (AQL-WebService) is a wrapper for AQL-Systems. It makes an AQL-System accessible over the Internet by allowing access through an REST API. In this regard, networks of analysis tools can be build by coupling one or more frontends with arbitrary many AQL-WebServices. AQL-WebServices can also be chained as indicated in the figure below. One example for such a analysis tool network is known as CoDiDroid.


Configuration, Launch Parameters and Runtime Commands

Any AQL-WebService must be configured by the parameters in its file. The file will be created with default values if it does not exist. The following table explains each of the configurable parameters:

Entry Meaning
aqlPath = /path/to/aql Defines the path to the directory where the underlying AQL-System’s storage or temp files etc. should be stored.
timeout = 20m Defines how long to wait for an answer. Three different units can be used (s: seconds, m: minutes, h: hours).
queueStart = 10000 Determines the first id that will be associated with the first query received. Thereafter it is increased with each query.
allowedURLs = http://localhost Defines which remote host are allowed to issue queries to this webservice (Separator: ,).
port = 8080 Definition of the port to listen on.
bufferTime = 1000 Time in milliseconds to collect incoming queries before transferring them to the underlying AQL-System. Required to allow parallel question answering.
asyncEnabled = false Specifies whether the asynchronous mode is enabled or not (required by AQL-Online).
keystorePath To activate SSL encryption please provide a path to the keystore (help).
keystorePass Provide the password associated with the keystore.
truststorePath To activate SSL encryption please provide a path to the truststore (help - most of the time identical with keystorePath).
truststorePass Provide the password associated with the truststore.

Who is allowed to access a WebService is specified in the accounts.csv file. The following table shows an example of the content of such a file. If the file does not exist it will be created holding only the last line of the following example.

username password maxPerDay maxQuestionsPerQuery timestamp counter
free[111.222.333.444]   5 3 1621401457241 2
free   5 3 0 0
aql 8ab8ea678… 0 0 1621401458360 18

The last line represents an account with the username aql and password S3cR3T! (stored as SHA256-hash). The line starting with free signals that the webservice can be accessed without an existing account. Lines such as free[111.222.333.444] are automatically added once a user accesses the webservice via the free account. From its first access the user will be remembered by its IP. The columns maxPerDay (maximal number of queries per day) and maxQuestionsPerQuery (maximal number of questions in each query asked) define the limits of a user. The timestamp and counter column denote the time of the first access during the last 24 hours and how many queries have been scheduled since then.

Once an AQL-WebService is configured, certain launch parameters can be used to further influence its execution. The table below explains the available launch parameters:

Parameter Meaning
-config "X", -cfg "X", -c "X" By default the config.xml file in the tool’s directory is used as configuration. With this parameter a different configuration file can be chosen. X has to reference the path to and the configuration file itself.
-rules "X" By default the rule-set in rules.xml file is loaded. With this parameter a different rule file can be chosen. X has to reference the path to and the rule file itself.
-debug "X", -d "X" The output generated during the execution of this tool can be set to different levels. X may be set to: error, warning, normal, debug, detailed (ascending precision from left to right). Additionally it can be set to short, the output will then be equal to normal but shorter at some points. By default it is set to normal.
-backup, -b When this launch parameter is provided, the current storage of the underlying AQL-System is backed up on start.
-reset, -r By this parameter the storage of the underlying AQL-System is resetted on start. Whenever a backup is scheduled as well, it will be generated before the reset.

When the AQL-WebService is up and running the following commands can be used to perform the associated actions:

Command Action
help Shows a list of available commands and other helpful information.
exit, quit To stop the webservice.
user %NAME% %PASSWORD% Initializes a new user (e.g. user FoelliX password123).
port %PORT% The port, to which the webservice is listening to, is changed to %PORT% (e.g. port 8081).
info Shows some basic information.
tools Shows a list of all tools in the current config.
accounts Shows a table of all accounts (To edit accounts please edit accounts.csv).
tasks Shows the current execution task tree.
backup Backups the underlying AQL-System’s storage.
reset Resets the underlying AQL-System.



The AQL-WebService is licensed under the GNU General Public License v3 (see LICENSE).


Felix Pauck (FoelliX)
Paderborn University