SQL injection is an attack that targets databases by exploiting poor input validation in web applications. Attackers can insert malicious SQL statements through manipulated user input which gets executed by the backend database. The paper proposes a technique called "Web Service Oriented XPATH Authentication" that uses two filters called Active Guard and Service Detector in application scripts to detect and prevent SQL injection attacks by allowing seamless integration with currently deployed systems.