You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by Markus Rathgeb <ma...@gmail.com> on 2018/03/05 14:48:26 UTC
FtpServer: configure programmatic
Hello,
I would like to use the FtpServer configure the allowed remotes and
users programmatic.
Utility classes:
* AddressPlusPort: simple object that holds an inet address and a port
(wildcard for address and port is allowed)
* ConnectionInfo: an AddressPlusPort for the local endpoint and an
AddressPlusPort for the remote endpoint
I created a "SessionFilter" implementation that holds the information
about the allowed connections (a collection of "ConnectionInfo").
The accept methods checks if there is a match.
I created an "User" implementation that also stores an "InetAddress"
reference. The "InetAddress" reference is the expected remote peer
that uses that user to login.
I created an "UserManager" implementation that authenticate method
checks if the remote address matches to the address that is stored in
the user object.
At least all seems to be working.
But there is a problem to use this implementation in OSGi.
The public interface of the "UsernamePasswordAuthentication" interface
(that resides in a exported package) provides the method "public
UserMetadata getUserMetadata()".
The UserMetadata class itself that contains e.g. the remote address.
But the returned class UserMetadata resides in a non-exported package
(org.apache.ftpserver.usermanager.impl.UserMetadata). AFAIK the
exported (OSGi) API should not use / provide private stuff.
Would it be possible to create an "UserMetadata" interface that is
defined in an exported package and there is e.g. a non exported
UserMetadataImpl class that is used internally in your code?
Another problem I run into are the authorities used by the user.
If I create an user I would like to add instances of
"WritePermission", "ConcurrentLoginPermission" and
"TransferRatePermission".
The classes itself resides in a non-exported package, so I cannot
create instances or use that classes in my OSGi code.
If you would like to have a look at my code it is available here:
https://github.com/maggu2810/ftpserver-programmatic/
---
The service that is provided as an OSGi component provides that interface:
https://github.com/maggu2810/ftpserver-programmatic/blob/f46b3e8/src/main/java/de/maggu2810/playground/ftpserver/programmatic/FtpServerService.java
The consumer can use the functions "add" and "remove" to grant or remove access.
The access is defined by an "AccessInfo" (the interface itself is
public the specific implementation is private).
A specific "AccessInfo" could be created using the
"AccessInfoFactory":
https://github.com/maggu2810/ftpserver-programmatic/blob/master/src/main/java/de/maggu2810/playground/ftpserver/programmatic/AccessInfoFactory.java
Arguments explained
* local host: used in the session filter to check if the remote
connection is established using this local host. The server is bound
to all interfaces and would like to be able to check if the incoming
connection from IP_x uses "local host" to access ourselves (wildcard
(any address) is supported)
* local port: should fit to the FTP server address or -1 if not limited
* remote host: the remote address used for the session filter and also
to limit the given username to exactly this remote address (wildcard -
(any address) is supported). (currently we "know" that username is
unique for every peer)
* remote port: if the remote port should be a special one or -1 if not limited
* username: the username (a user implementation object will be created
and added to the user manager implementation)
* password: the password for the user
* homeDir: the home directory for the user to limit the FS access
---
Currently I work around the non exported packages (impl) by embedding
the FTP server code into my bundle.
But how can this done by using the FtpServer bundle itself?
How to create the Authorities?
How to access USerMetadata?
Best regards,
Markus
Re: FtpServer: configure programmatic
Posted by Markus Rathgeb <ma...@gmail.com>.
Thank you for your answer (now I am late).
> The thing is that we lack developpers to support ftp-server atm, so
> that's the reason you haven't got any answer so far.
>
> That being said, it's a open source project, and would you sned us a
> patch with your proposed changes, I can apply them to the code and cut a
> release. It's even possible for you to become a committer on this
> project if you like to.
I have to admit that I am not so deep in that code base to create a PR.
I just to tried to use it for my custom requirements.
Because of lack of time, I cannot dig deeper into the code base and
become a committer. Sorry!
Re: FtpServer: configure programmatic
Posted by Emmanuel Lécharny <el...@gmail.com>.
Hi,
Le 20/03/2018 à 21:47, Markus Rathgeb a écrit :
> Hi,
>
> has this been the wrong mailing list?
Nope.
> I know there exist also "users" and "ftpserver-users", but isn't it more or
> less a developer question and so should be sent to the "dev" list?
That's correct.
The thing is that we lack developpers to support ftp-server atm, so
that's the reason you haven't got any answer so far.
That being said, it's a open source project, and would you sned us a
patch with your proposed changes, I can apply them to the code and cut a
release. It's even possible for you to become a committer on this
project if you like to.
>
> Best regards,
> Markus
>
>
> 2018-03-05 15:48 GMT+01:00 Markus Rathgeb <ma...@gmail.com>:
>
>> Hello,
>>
>> I would like to use the FtpServer configure the allowed remotes and
>> users programmatic.
>>
>> Utility classes:
>> * AddressPlusPort: simple object that holds an inet address and a port
>> (wildcard for address and port is allowed)
>> * ConnectionInfo: an AddressPlusPort for the local endpoint and an
>> AddressPlusPort for the remote endpoint
>>
>> I created a "SessionFilter" implementation that holds the information
>> about the allowed connections (a collection of "ConnectionInfo").
>> The accept methods checks if there is a match.
>>
>> I created an "User" implementation that also stores an "InetAddress"
>> reference. The "InetAddress" reference is the expected remote peer
>> that uses that user to login.
>>
>> I created an "UserManager" implementation that authenticate method
>> checks if the remote address matches to the address that is stored in
>> the user object.
>>
>> At least all seems to be working.
>>
>> But there is a problem to use this implementation in OSGi.
>>
>> The public interface of the "UsernamePasswordAuthentication" interface
>> (that resides in a exported package) provides the method "public
>> UserMetadata getUserMetadata()".
>>
>> The UserMetadata class itself that contains e.g. the remote address.
>> But the returned class UserMetadata resides in a non-exported package
>> (org.apache.ftpserver.usermanager.impl.UserMetadata). AFAIK the
>> exported (OSGi) API should not use / provide private stuff.
>>
>> Would it be possible to create an "UserMetadata" interface that is
>> defined in an exported package and there is e.g. a non exported
>> UserMetadataImpl class that is used internally in your code?
>>
>> Another problem I run into are the authorities used by the user.
>> If I create an user I would like to add instances of
>> "WritePermission", "ConcurrentLoginPermission" and
>> "TransferRatePermission".
>> The classes itself resides in a non-exported package, so I cannot
>> create instances or use that classes in my OSGi code.
>>
>> If you would like to have a look at my code it is available here:
>> https://github.com/maggu2810/ftpserver-programmatic/
>>
>> ---
>>
>> The service that is provided as an OSGi component provides that interface:
>> https://github.com/maggu2810/ftpserver-programmatic/blob/
>> f46b3e8/src/main/java/de/maggu2810/playground/ftpserver/programmatic/
>> FtpServerService.java
>>
>> The consumer can use the functions "add" and "remove" to grant or remove
>> access.
>> The access is defined by an "AccessInfo" (the interface itself is
>> public the specific implementation is private).
>>
>> A specific "AccessInfo" could be created using the
>> "AccessInfoFactory":
>> https://github.com/maggu2810/ftpserver-programmatic/blob/
>> master/src/main/java/de/maggu2810/playground/ftpserver/programmatic/
>> AccessInfoFactory.java
>>
>> Arguments explained
>> * local host: used in the session filter to check if the remote
>> connection is established using this local host. The server is bound
>> to all interfaces and would like to be able to check if the incoming
>> connection from IP_x uses "local host" to access ourselves (wildcard
>> (any address) is supported)
>> * local port: should fit to the FTP server address or -1 if not limited
>> * remote host: the remote address used for the session filter and also
>> to limit the given username to exactly this remote address (wildcard -
>> (any address) is supported). (currently we "know" that username is
>> unique for every peer)
>> * remote port: if the remote port should be a special one or -1 if not
>> limited
>> * username: the username (a user implementation object will be created
>> and added to the user manager implementation)
>> * password: the password for the user
>> * homeDir: the home directory for the user to limit the FS access
>>
>> ---
>>
>> Currently I work around the non exported packages (impl) by embedding
>> the FTP server code into my bundle.
>> But how can this done by using the FtpServer bundle itself?
>> How to create the Authorities?
>> How to access USerMetadata?
>>
>> Best regards,
>> Markus
>>
>
--
Emmanuel Lecharny
Symas.com
directory.apache.org
Re: FtpServer: configure programmatic
Posted by Markus Rathgeb <ma...@gmail.com>.
Hi,
has this been the wrong mailing list?
I know there exist also "users" and "ftpserver-users", but isn't it more or
less a developer question and so should be sent to the "dev" list?
Best regards,
Markus
2018-03-05 15:48 GMT+01:00 Markus Rathgeb <ma...@gmail.com>:
> Hello,
>
> I would like to use the FtpServer configure the allowed remotes and
> users programmatic.
>
> Utility classes:
> * AddressPlusPort: simple object that holds an inet address and a port
> (wildcard for address and port is allowed)
> * ConnectionInfo: an AddressPlusPort for the local endpoint and an
> AddressPlusPort for the remote endpoint
>
> I created a "SessionFilter" implementation that holds the information
> about the allowed connections (a collection of "ConnectionInfo").
> The accept methods checks if there is a match.
>
> I created an "User" implementation that also stores an "InetAddress"
> reference. The "InetAddress" reference is the expected remote peer
> that uses that user to login.
>
> I created an "UserManager" implementation that authenticate method
> checks if the remote address matches to the address that is stored in
> the user object.
>
> At least all seems to be working.
>
> But there is a problem to use this implementation in OSGi.
>
> The public interface of the "UsernamePasswordAuthentication" interface
> (that resides in a exported package) provides the method "public
> UserMetadata getUserMetadata()".
>
> The UserMetadata class itself that contains e.g. the remote address.
> But the returned class UserMetadata resides in a non-exported package
> (org.apache.ftpserver.usermanager.impl.UserMetadata). AFAIK the
> exported (OSGi) API should not use / provide private stuff.
>
> Would it be possible to create an "UserMetadata" interface that is
> defined in an exported package and there is e.g. a non exported
> UserMetadataImpl class that is used internally in your code?
>
> Another problem I run into are the authorities used by the user.
> If I create an user I would like to add instances of
> "WritePermission", "ConcurrentLoginPermission" and
> "TransferRatePermission".
> The classes itself resides in a non-exported package, so I cannot
> create instances or use that classes in my OSGi code.
>
> If you would like to have a look at my code it is available here:
> https://github.com/maggu2810/ftpserver-programmatic/
>
> ---
>
> The service that is provided as an OSGi component provides that interface:
> https://github.com/maggu2810/ftpserver-programmatic/blob/
> f46b3e8/src/main/java/de/maggu2810/playground/ftpserver/programmatic/
> FtpServerService.java
>
> The consumer can use the functions "add" and "remove" to grant or remove
> access.
> The access is defined by an "AccessInfo" (the interface itself is
> public the specific implementation is private).
>
> A specific "AccessInfo" could be created using the
> "AccessInfoFactory":
> https://github.com/maggu2810/ftpserver-programmatic/blob/
> master/src/main/java/de/maggu2810/playground/ftpserver/programmatic/
> AccessInfoFactory.java
>
> Arguments explained
> * local host: used in the session filter to check if the remote
> connection is established using this local host. The server is bound
> to all interfaces and would like to be able to check if the incoming
> connection from IP_x uses "local host" to access ourselves (wildcard
> (any address) is supported)
> * local port: should fit to the FTP server address or -1 if not limited
> * remote host: the remote address used for the session filter and also
> to limit the given username to exactly this remote address (wildcard -
> (any address) is supported). (currently we "know" that username is
> unique for every peer)
> * remote port: if the remote port should be a special one or -1 if not
> limited
> * username: the username (a user implementation object will be created
> and added to the user manager implementation)
> * password: the password for the user
> * homeDir: the home directory for the user to limit the FS access
>
> ---
>
> Currently I work around the non exported packages (impl) by embedding
> the FTP server code into my bundle.
> But how can this done by using the FtpServer bundle itself?
> How to create the Authorities?
> How to access USerMetadata?
>
> Best regards,
> Markus
>