Hi, has this been the wrong mailing list? I know there exist also "users" and "ftpserver-users", but isn't it more or less a developer question and so should be sent to the "dev" list?
Best regards, Markus 2018-03-05 15:48 GMT+01:00 Markus Rathgeb <maggu2...@gmail.com>: > Hello, > > I would like to use the FtpServer configure the allowed remotes and > users programmatic. > > Utility classes: > * AddressPlusPort: simple object that holds an inet address and a port > (wildcard for address and port is allowed) > * ConnectionInfo: an AddressPlusPort for the local endpoint and an > AddressPlusPort for the remote endpoint > > I created a "SessionFilter" implementation that holds the information > about the allowed connections (a collection of "ConnectionInfo"). > The accept methods checks if there is a match. > > I created an "User" implementation that also stores an "InetAddress" > reference. The "InetAddress" reference is the expected remote peer > that uses that user to login. > > I created an "UserManager" implementation that authenticate method > checks if the remote address matches to the address that is stored in > the user object. > > At least all seems to be working. > > But there is a problem to use this implementation in OSGi. > > The public interface of the "UsernamePasswordAuthentication" interface > (that resides in a exported package) provides the method "public > UserMetadata getUserMetadata()". > > The UserMetadata class itself that contains e.g. the remote address. > But the returned class UserMetadata resides in a non-exported package > (org.apache.ftpserver.usermanager.impl.UserMetadata). AFAIK the > exported (OSGi) API should not use / provide private stuff. > > Would it be possible to create an "UserMetadata" interface that is > defined in an exported package and there is e.g. a non exported > UserMetadataImpl class that is used internally in your code? > > Another problem I run into are the authorities used by the user. > If I create an user I would like to add instances of > "WritePermission", "ConcurrentLoginPermission" and > "TransferRatePermission". > The classes itself resides in a non-exported package, so I cannot > create instances or use that classes in my OSGi code. > > If you would like to have a look at my code it is available here: > https://github.com/maggu2810/ftpserver-programmatic/ > > --- > > The service that is provided as an OSGi component provides that interface: > https://github.com/maggu2810/ftpserver-programmatic/blob/ > f46b3e8/src/main/java/de/maggu2810/playground/ftpserver/programmatic/ > FtpServerService.java > > The consumer can use the functions "add" and "remove" to grant or remove > access. > The access is defined by an "AccessInfo" (the interface itself is > public the specific implementation is private). > > A specific "AccessInfo" could be created using the > "AccessInfoFactory": > https://github.com/maggu2810/ftpserver-programmatic/blob/ > master/src/main/java/de/maggu2810/playground/ftpserver/programmatic/ > AccessInfoFactory.java > > Arguments explained > * local host: used in the session filter to check if the remote > connection is established using this local host. The server is bound > to all interfaces and would like to be able to check if the incoming > connection from IP_x uses "local host" to access ourselves (wildcard > (any address) is supported) > * local port: should fit to the FTP server address or -1 if not limited > * remote host: the remote address used for the session filter and also > to limit the given username to exactly this remote address (wildcard - > (any address) is supported). (currently we "know" that username is > unique for every peer) > * remote port: if the remote port should be a special one or -1 if not > limited > * username: the username (a user implementation object will be created > and added to the user manager implementation) > * password: the password for the user > * homeDir: the home directory for the user to limit the FS access > > --- > > Currently I work around the non exported packages (impl) by embedding > the FTP server code into my bundle. > But how can this done by using the FtpServer bundle itself? > How to create the Authorities? > How to access USerMetadata? > > Best regards, > Markus >