Hi, Le 20/03/2018 à 21:47, Markus Rathgeb a écrit : > Hi, > > has this been the wrong mailing list?
Nope. > I know there exist also "users" and "ftpserver-users", but isn't it more or > less a developer question and so should be sent to the "dev" list? That's correct. The thing is that we lack developpers to support ftp-server atm, so that's the reason you haven't got any answer so far. That being said, it's a open source project, and would you sned us a patch with your proposed changes, I can apply them to the code and cut a release. It's even possible for you to become a committer on this project if you like to. > > Best regards, > Markus > > > 2018-03-05 15:48 GMT+01:00 Markus Rathgeb <maggu2...@gmail.com>: > >> Hello, >> >> I would like to use the FtpServer configure the allowed remotes and >> users programmatic. >> >> Utility classes: >> * AddressPlusPort: simple object that holds an inet address and a port >> (wildcard for address and port is allowed) >> * ConnectionInfo: an AddressPlusPort for the local endpoint and an >> AddressPlusPort for the remote endpoint >> >> I created a "SessionFilter" implementation that holds the information >> about the allowed connections (a collection of "ConnectionInfo"). >> The accept methods checks if there is a match. >> >> I created an "User" implementation that also stores an "InetAddress" >> reference. The "InetAddress" reference is the expected remote peer >> that uses that user to login. >> >> I created an "UserManager" implementation that authenticate method >> checks if the remote address matches to the address that is stored in >> the user object. >> >> At least all seems to be working. >> >> But there is a problem to use this implementation in OSGi. >> >> The public interface of the "UsernamePasswordAuthentication" interface >> (that resides in a exported package) provides the method "public >> UserMetadata getUserMetadata()". >> >> The UserMetadata class itself that contains e.g. the remote address. >> But the returned class UserMetadata resides in a non-exported package >> (org.apache.ftpserver.usermanager.impl.UserMetadata). AFAIK the >> exported (OSGi) API should not use / provide private stuff. >> >> Would it be possible to create an "UserMetadata" interface that is >> defined in an exported package and there is e.g. a non exported >> UserMetadataImpl class that is used internally in your code? >> >> Another problem I run into are the authorities used by the user. >> If I create an user I would like to add instances of >> "WritePermission", "ConcurrentLoginPermission" and >> "TransferRatePermission". >> The classes itself resides in a non-exported package, so I cannot >> create instances or use that classes in my OSGi code. >> >> If you would like to have a look at my code it is available here: >> https://github.com/maggu2810/ftpserver-programmatic/ >> >> --- >> >> The service that is provided as an OSGi component provides that interface: >> https://github.com/maggu2810/ftpserver-programmatic/blob/ >> f46b3e8/src/main/java/de/maggu2810/playground/ftpserver/programmatic/ >> FtpServerService.java >> >> The consumer can use the functions "add" and "remove" to grant or remove >> access. >> The access is defined by an "AccessInfo" (the interface itself is >> public the specific implementation is private). >> >> A specific "AccessInfo" could be created using the >> "AccessInfoFactory": >> https://github.com/maggu2810/ftpserver-programmatic/blob/ >> master/src/main/java/de/maggu2810/playground/ftpserver/programmatic/ >> AccessInfoFactory.java >> >> Arguments explained >> * local host: used in the session filter to check if the remote >> connection is established using this local host. The server is bound >> to all interfaces and would like to be able to check if the incoming >> connection from IP_x uses "local host" to access ourselves (wildcard >> (any address) is supported) >> * local port: should fit to the FTP server address or -1 if not limited >> * remote host: the remote address used for the session filter and also >> to limit the given username to exactly this remote address (wildcard - >> (any address) is supported). (currently we "know" that username is >> unique for every peer) >> * remote port: if the remote port should be a special one or -1 if not >> limited >> * username: the username (a user implementation object will be created >> and added to the user manager implementation) >> * password: the password for the user >> * homeDir: the home directory for the user to limit the FS access >> >> --- >> >> Currently I work around the non exported packages (impl) by embedding >> the FTP server code into my bundle. >> But how can this done by using the FtpServer bundle itself? >> How to create the Authorities? >> How to access USerMetadata? >> >> Best regards, >> Markus >> > -- Emmanuel Lecharny Symas.com directory.apache.org
