camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bengt Rodehav <be...@rodehav.com>
Subject camel-ftp problems with ftps implicit mode
Date Fri, 04 Jun 2010 09:34:28 GMT
I'm using camel-ftp for secure ftps communication. I need to be able to
connect to a wide range of ftps servers in both explicit and implicit mode.
I have encountered problems using camel-ftp for ftps communication in
implicit mode.

Some ftps servers require that the file transfer is encrypted (not just the
commands). This is of course very natural and is the reason why ftps is
chosen in the first place. However, commons-net (which camel-ftp uses) does
(for some reason) not by default setup a secure channel for file transfers.
It has to be requested by code similar to the following:

  ftpsClient.execPBSZ(0);
  ftpsClient.execPROT("P");

I suggest to add an option to camel-ftp, regarding ftps, to make it possible
to specify whether the data channel will be encrypted or not. Encrypted
should be default.

When looking at the code in camel-ftp it seems like there is no special
handling during connect for ftps compared to ftp. Thus there is no natural
place to put the above code. One way is to add something like the following
at the end of the method "connect" in the class "FtpOperations":

  if(client instanceof FTPSClient) {
    FTPSClient ftpsClient = (FTPSClient)client;
    try {
      if (useSecureDataChannel) { // useSecureDataChannel should be
initialized from the configuration somehow
        ftpsClient.execPBSZ(0);
        ftpsClient.execPROT("P");
      }
    } catch (SSLException e) {
      throw new GenericFileOperationFailedException(client.getReplyCode(),
client.getReplyString(), e.getMessage(), e);
    } catch (IOException e) {
      throw new GenericFileOperationFailedException(client.getReplyCode(),
client.getReplyString(), e.getMessage(), e);
    }
  }

Am I the only one having problems with this? Maybe there is a workaround
that I haven't figured out.

/Bengt

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message