You are viewing a plain text version of this content. The canonical link for it is here.
Posted to ftpserver-users@mina.apache.org by Jeroen Cranendonk <j....@tursiops.org> on 2008/08/06 19:09:53 UTC
download files only after (explicit) ssl is setup.
Hi!
We are looking at your ftpserver as a way to distribute operation
results, in a (very) secure way.
We've managed to get SSL working, together with certificate based
server, and client side authentication.
One requirement we have is that explicit authentication (AUTH/PROT P) is
used, this is based on the fact that the client doesn't support implicit
authentication.
One thing we now want to do is to only allow a user to read files once
they have set up a fully secured connection, both on the Command (AUTH)
and data (PROT P) channel.
I think I can get quite a way doing this using a ftplet, but I'd
appreciate your thoughts on the best way to do this :)
The FtpSession gives me knowledge on wether the command and data channel
are secured (I hope :) ).
And I can return skip or disconnect from the ftplet in the
onDownloadStart etc. methods (I'd prefer a return value that gives a
unauthorized or so error to the user, but disconnect or skip will
probably suffice).
I've thought about checking on the onLogin too, but that won't work
since PROT P is done after the login (or atleast with the client used).
So, any thoughts ? :)
Cheers!
Jeroen.
Re: FTP error code from Ftplet?
Posted by Niklas Gustavsson <ni...@protocol7.com>.
Thanks for reporting! I've fixed this issue in trunk. I haven't
checked but I believe I introduced it in a recent refactoring. We
really need more test cases for Ftplets :-(
So, now you can do this again in a Ftplet:
session.write(new DefaultFtpReply(550, "Bad bad client!"));
return FtpletEnum.RET_SKIP;
/niklas
On Thu, Aug 7, 2008 at 4:36 PM, Jeroen Cranendonk
<je...@sdu-identification.nl> wrote:
> Hi!
>
> I think this should be easy, but with the current code I can't figure it out
> :)
>
> How does on return say a 550 + message from a ftplet?
>
> In the old code you had an object available in the ftplet you could call
> write(FtpReply(..)) on, and combined with a SKIP return code, that would do
> the trick.
>
> In the current code I can't find anything to do that, help ? :)
>
>
> A example of a Ftplet with some basic demo functionality would be pretty
> usefull :)
>
> Thanks!
> Jeroen
>
>
>
> _______________________________________________________________________________________________
> Help save paper! Do you really need to print this email?
>
> Aan de inhoud van dit bericht kunnen alleen rechten ten opzichte van Sdu Identification B.V.
> worden ontleend, indien zij door rechtsgeldig ondertekende stukken worden ondersteund.
> De informatie in dit e-mailbericht is van vertrouwelijke aard en alleen bedoeld voor gebruik
> door geadresseerde. Als u een bericht onbedoeld heeft ontvangen, wordt u verzocht de
> verzender hiervan in kennis te stellen en het bericht te vernietigen zonder te vermenigvuldigen
> of andersoortig te gebruiken.
>
> The contents of this electronic mail message are only binding upon Sdu Identification B.V.,
> if the contents of the message are accompanied by a lawfully recognized type of signature.
> The contents of this electronic mail message are privileged and confidential and are intended
> only for use by the addressee. If you have received this electronic mail message by error,
> please notify the sender and delete the message without reproducing it and using it in any way.
>
>
Re: Ftplet blocking unsecure operations
Posted by Niklas Gustavsson <ni...@protocol7.com>.
I've added a few convenience methods, somewhat like what you suggested
below, you can now use the following code in a Ftplet:
if(session.isSecure() && session.getDataConnection().isSecure()) {
// all is good
}
Thanks for your suggestion, keep em coming :-)
/niklas
On Thu, Aug 7, 2008 at 4:59 PM, Jeroen Cranendonk
<je...@sdu-identification.nl> wrote:
> Hi!
>
> Me again :)
>
> I've cobbled together some code which should give an idea of what I'm trying
> to achieve, haven't tested it yet though. And I do realize this probably
> breaks your design in all kinds of ways :)
>
> Firstly, I've added the following to FtpSessionImpl:
> public boolean isDataConnectionSecure() {
> return ioSession.getDataConnection().isSecure();
> }
>
> public boolean isSecure() {
> return
> ioSession.getFilterChain().contains("sslSessionFilter");
> }
>
> public void write(final Object message) {
> ioSession.write(message);
> }
>
> And then my Ftplet looks like this (and it probably won't compile unless
> it's against the full ftpserver code):
>
> public class MyFtplet extends DefaultFtplet implements Ftplet {
>
> @Override
> public FtpletEnum onUploadStart(final FtpSession session, final
> FtpRequest request) throws FtpException,
> IOException {
>
> return this.onLimitedStart(session, request);
> }
>
> private FtpletEnum onLimitedStart(final FtpSession session, final
> FtpRequest request) {
>
> if (session.isSecure() && session.isDataConnectionSecure())
> {
> return FtpletEnum.RET_DEFAULT;
> }
>
> session.write(new
> DefaultFtpReply(FtpReply.REPLY_550_REQUESTED_ACTION_NOT_TAKEN,
> "Cannot do this before securing the connection."));
> return FtpletEnum.RET_SKIP;
> }
>
> }
>
>
>
>
> _______________________________________________________________________________________________
> Help save paper! Do you really need to print this email?
>
> Aan de inhoud van dit bericht kunnen alleen rechten ten opzichte van Sdu Identification B.V.
> worden ontleend, indien zij door rechtsgeldig ondertekende stukken worden ondersteund.
> De informatie in dit e-mailbericht is van vertrouwelijke aard en alleen bedoeld voor gebruik
> door geadresseerde. Als u een bericht onbedoeld heeft ontvangen, wordt u verzocht de
> verzender hiervan in kennis te stellen en het bericht te vernietigen zonder te vermenigvuldigen
> of andersoortig te gebruiken.
>
> The contents of this electronic mail message are only binding upon Sdu Identification B.V.,
> if the contents of the message are accompanied by a lawfully recognized type of signature.
> The contents of this electronic mail message are privileged and confidential and are intended
> only for use by the addressee. If you have received this electronic mail message by error,
> please notify the sender and delete the message without reproducing it and using it in any way.
>
>
Ftplet blocking unsecure operations
Posted by Jeroen Cranendonk <je...@sdu-identification.nl>.
Hi!
Me again :)
I've cobbled together some code which should give an idea of what I'm trying
to achieve, haven't tested it yet though. And I do realize this probably
breaks your design in all kinds of ways :)
Firstly, I've added the following to FtpSessionImpl:
public boolean isDataConnectionSecure() {
return ioSession.getDataConnection().isSecure();
}
public boolean isSecure() {
return
ioSession.getFilterChain().contains("sslSessionFilter");
}
public void write(final Object message) {
ioSession.write(message);
}
And then my Ftplet looks like this (and it probably won't compile unless
it's against the full ftpserver code):
public class MyFtplet extends DefaultFtplet implements Ftplet {
@Override
public FtpletEnum onUploadStart(final FtpSession session, final
FtpRequest request) throws FtpException,
IOException {
return this.onLimitedStart(session, request);
}
private FtpletEnum onLimitedStart(final FtpSession session, final
FtpRequest request) {
if (session.isSecure() && session.isDataConnectionSecure())
{
return FtpletEnum.RET_DEFAULT;
}
session.write(new
DefaultFtpReply(FtpReply.REPLY_550_REQUESTED_ACTION_NOT_TAKEN,
"Cannot do this before securing the connection."));
return FtpletEnum.RET_SKIP;
}
}
_______________________________________________________________________________________________
Help save paper! Do you really need to print this email?
Aan de inhoud van dit bericht kunnen alleen rechten ten opzichte van Sdu Identification B.V.
worden ontleend, indien zij door rechtsgeldig ondertekende stukken worden ondersteund.
De informatie in dit e-mailbericht is van vertrouwelijke aard en alleen bedoeld voor gebruik
door geadresseerde. Als u een bericht onbedoeld heeft ontvangen, wordt u verzocht de
verzender hiervan in kennis te stellen en het bericht te vernietigen zonder te vermenigvuldigen
of andersoortig te gebruiken.
The contents of this electronic mail message are only binding upon Sdu Identification B.V.,
if the contents of the message are accompanied by a lawfully recognized type of signature.
The contents of this electronic mail message are privileged and confidential and are intended
only for use by the addressee. If you have received this electronic mail message by error,
please notify the sender and delete the message without reproducing it and using it in any way.
FTP error code from Ftplet?
Posted by Jeroen Cranendonk <je...@sdu-identification.nl>.
Hi!
I think this should be easy, but with the current code I can't figure it out
:)
How does on return say a 550 + message from a ftplet?
In the old code you had an object available in the ftplet you could call
write(FtpReply(..)) on, and combined with a SKIP return code, that would do
the trick.
In the current code I can't find anything to do that, help ? :)
A example of a Ftplet with some basic demo functionality would be pretty
usefull :)
Thanks!
Jeroen
_______________________________________________________________________________________________
Help save paper! Do you really need to print this email?
Aan de inhoud van dit bericht kunnen alleen rechten ten opzichte van Sdu Identification B.V.
worden ontleend, indien zij door rechtsgeldig ondertekende stukken worden ondersteund.
De informatie in dit e-mailbericht is van vertrouwelijke aard en alleen bedoeld voor gebruik
door geadresseerde. Als u een bericht onbedoeld heeft ontvangen, wordt u verzocht de
verzender hiervan in kennis te stellen en het bericht te vernietigen zonder te vermenigvuldigen
of andersoortig te gebruiken.
The contents of this electronic mail message are only binding upon Sdu Identification B.V.,
if the contents of the message are accompanied by a lawfully recognized type of signature.
The contents of this electronic mail message are privileged and confidential and are intended
only for use by the addressee. If you have received this electronic mail message by error,
please notify the sender and delete the message without reproducing it and using it in any way.
Re: download files only after (explicit) ssl is setup.
Posted by Jeroen Cranendonk <j....@tursiops.org>.
Hi! :)
Hmm, yes, something like isSecure would probably help a lot :)
also realized I can probably make ftpservlet's return the error/return
code to the user I want by using the response object, hadn't realized
that yet .Atleast, I think so, still looking into that.
A option to disalow any other action (as in other commands? what would
you disable, user/pass are already done by then right?) would fit the
bill too indeed, as long as it's not possible to download files
unsecured, that's the main goal :)
Could something like that be considered a 'standard' option tho?
otherwise a ftplet would make more sence, since those are all about
customization (And would make a nice showcase for ftplets :) ).
Cheers!
Jeroen
Niklas Gustavsson wrote:
> On Wed, Aug 6, 2008 at 7:09 PM, Jeroen Cranendonk
> <j....@tursiops.org> wrote:
>
>> One thing we now want to do is to only allow a user to read files once they
>> have set up a fully secured connection, both on the Command (AUTH) and data
>> (PROT P) channel.
>> I think I can get quite a way doing this using a ftplet, but I'd appreciate
>> your thoughts on the best way to do this :)
>> The FtpSession gives me knowledge on wether the command and data channel are
>> secured (I hope :) ).
>> And I can return skip or disconnect from the ftplet in the onDownloadStart
>> etc. methods (I'd prefer a return value that gives a unauthorized or so
>> error to the user, but disconnect or skip will probably suffice).
>>
>
> Yes, that sounds like a good option. We have previously had a request
> for FtpServer to have an option to check this on it own. That is, you
> would configure the server to disallow any further action until AUTH
> and PROT has been sent from the client. Please tell us if you think
> this would be beneficial in your case.
>
> As for using Ftplets, it's currently not all that simple to detect
> that the control socket is secure, we should maybe add a isSecure() to
> allow checking that. What do you think?
>
> /niklas
>
>
Re: download files only after (explicit) ssl is setup.
Posted by Niklas Gustavsson <ni...@protocol7.com>.
On Wed, Aug 6, 2008 at 7:09 PM, Jeroen Cranendonk
<j....@tursiops.org> wrote:
> One thing we now want to do is to only allow a user to read files once they
> have set up a fully secured connection, both on the Command (AUTH) and data
> (PROT P) channel.
> I think I can get quite a way doing this using a ftplet, but I'd appreciate
> your thoughts on the best way to do this :)
> The FtpSession gives me knowledge on wether the command and data channel are
> secured (I hope :) ).
> And I can return skip or disconnect from the ftplet in the onDownloadStart
> etc. methods (I'd prefer a return value that gives a unauthorized or so
> error to the user, but disconnect or skip will probably suffice).
Yes, that sounds like a good option. We have previously had a request
for FtpServer to have an option to check this on it own. That is, you
would configure the server to disallow any further action until AUTH
and PROT has been sent from the client. Please tell us if you think
this would be beneficial in your case.
As for using Ftplets, it's currently not all that simple to detect
that the control socket is secure, we should maybe add a isSecure() to
allow checking that. What do you think?
/niklas