oracle.ifs.protocols.ftp.server

Class FtpsServer

java.lang.Object

oracle.ifs.core.runtime.Server

oracle.ifs.core.runtime.IfsServer

oracle.ifs.protocols.ftp.server.FtpServer

oracle.ifs.protocols.ftp.server.FtpsServer

All Implemented Interfaces:

Serializable, ServerInterface, TimerContext, FtpConstants

public class FtpsServer
extends FtpServer
implements FtpConstants

The FtpsServer is an extension of the FtpServer. It implements the FTPS protocol as defined in Securing FTP with TLS specification, which is based on RFC 2228, FTP Security Extensions. FTPS protocol defines a mechanism for securing the control and data connections of a FTP session. FTPS uses SSL to provide a confidential, and integrity protected channel. We support two flavors of FTPS. Implicit FTPS secures the channel on connection. Explicit FTPS secures the connection when the client issues an AUTH command.

An Explicit FTPS connection starts out as a regular FTP connection. The connection is secure only after the client issues an AUTH command. Server Implementations are free to define their Security policy, which controls what a client can do before the channel is secure. At least for the initial release we have defined a very strict policy, that is not configurable.

Several aspects of the SSL Context are configurable. See SocketFactory for details. Again, we will mostly use the defaults, and provide little or no configurability in the first release.

Architecturally, we have refactored the FtpServer to allow:

• Changes in how the initial Server Socket is created. We have introduced the getServerSocketFactory method that is called during establishing the Server Socket. FtpsServer overrides this method to create an SSLServerSocket if needed.
• Creation of the ServerChannel can be ovverriden by changing the createChannel method. FtpsServer, creates a FtpsServerChannel. This class changes the way Data Sockets are created, and enforces the Security policy of the Connection.
• FtpsServer registers four extra commands: AUTH, PROT, PBSZ, and CCC.
• An FtpsServer relies on the same system parameters as an FtpServer. We have added one extra parameter, IFS.SERVER.PROTOCOL.FTPS.SECURITY.IMPLICIT which controls whether the FtpsServer supports the Implcit or Explicit FTPS protocol. The default value is false.

The Policy used by our server is the following:

• Deny any command before TLS is negotiated.
• We don't support reiisue of AUTH. See Auth command for details.
• We support TLS, and TLS-C protocols.
• We support Implicit-FTP. Where SSL handshake happens when client connects. Also called 'SSL Connect'
• We don't support 'AUTH SSL'. Where the client sends only an AUTH command, usually with protocol 'TLS-P'.
• We only support the 'Private' protection level for the data channel.
• We don't support the clearing of the security on the Control Channel, ie CCC returns replyCode 534.

Created: Sun Nov 28 18:48:29 2004

Version:

1.0

Author:

Harish Butani

See Also:

Serialized Form

(Unpublished)

Nested Class Summary

Nested classes/interfaces inherited from class oracle.ifs.core.runtime.IfsServer

IfsServer.ServerRequest

Field Summary

Fields

Modifier and Type	Field and Description
protected boolean	m_IsSecurityImplicit Controls whether connection is implicity secure(Implicit SSL) or is initiated by AUTH command.
protected SSLContext	m_SSLContext

Fields inherited from class oracle.ifs.protocols.ftp.server.FtpServer

m_AcceptQueueSize, m_AnonymousAllowed, m_BindAddress, m_Channels, m_ChannelSequence, m_CommandInvoker, m_ControlPort, m_ControlServerSocket, m_DefaultCommandCharacterSet, m_FtpResources, m_FtpSessions, m_HostAddress, m_HostName, m_Locale, m_LocaleCountry, m_LocaleLanguage, m_Localhost, m_MaximumConnections, m_Random, m_SessionTimeoutPeriod, m_Version

Fields inherited from class oracle.ifs.core.runtime.Server

LEVEL_HIGH, LEVEL_LOW, LEVEL_MEDIUM, LEVEL_OFF

Fields inherited from interface oracle.ifs.protocols.ftp.resources.FtpConstants

ACCEPT_QUEUE_SIZE, ACCESS_DENIED, ADMIN_COMMAND, ADMIN_OFF, ADMIN_ON, ANONYMOUS_ALLOWED, ANONYMOUS_USER_NOT_ALLOWED, ANONYMOUS_USERNAME, AUTH_COMMAND, BANNER_TEXT, CCC_COMMAND, CDUP_COMMAND, COMMAND_CHARACTER_SET_IS_USER_CHARACTER_SET, CWD_COMMAND, DATA_SOCKET_ERR, DEFAULT_COMMAND_CHARACTER_SET, DEFAULT_PORT, DELE_COMMAND, ERR_SETTING_SOCKET_ACTIVE, ERR_SETTING_SOCKET_PASV, ERR_SSL_SOCKETS, FILE_NOT_FOUND, FILE_RETR_FAIL, FILE_STOR_FAIL, FOLDER_FOUND, FOLDER_HAS_ITEMS, FOLDER_NOT_FOUND, FOLDERLINKS_EXIST, FTP_DESCRIPTIVE_NAME, FTP_NAME, FTP_STATUS, FTPS_NAME, HOST_ADDRESS, HOST_NAME, IMPLICIT_SECURITY, INVALID_ARGUMENT, LAST, LATIN_1, LIBRARY_VERSION, LINK_IS_BROKEN, LIST_COMMAND, LIST_FAIL, LN_COMMAND, LOCALE_COUNTRY, LOCALE_LANGUAGE, LOCALHOST, LOCALHOST_DEFAULT, LOGIN_FAILED, MAXIMUM_CONNECTIONS, MKD_COMMAND, NLST_COMMAND, NO_ERR, NOOP_COMMAND, NORMALIZE_PATH_ERR, NOT_DOCUMENT_TYPE, NOT_FOLDER_TYPE, NOT_LOGGED_IN, PASS_COMMAND, PASV_COMMAND, PBSZ_COMMAND, PORT, PORT_COMMAND, PROT_COMMAND, PWD_COMMAND, QUIT_COMMAND, REQ_DENIED_BY_POLICY, RETR_COMMAND, RMD_COMMAND, RNFR_COMMAND, RNTO_COMMAND, ROOT_FOLDER, SESSION_TIMEOUT_PERIOD, SETCHARACTERSET_COMMAND, SETCOMMANDCHARACTERSET_COMMAND, SETLANGUAGE_COMMAND, SHOWCHARACTERSET_COMMAND, SHOWLANGUAGE_COMMAND, STATS_COMMAND, STOR_COMMAND, SYST_COMMAND, SYSTEM_USERNAME, TOO_MANY_ARGUMENTS, TYPE_COMMAND, UNKNOWN_FLAG, USER_COMMAND, WALLET_LOCATION, XMKD_COMMAND, XPWD_COMMAND, XRMD_COMMAND

Fields inherited from interface oracle.ifs.core.runtime.ServerInterface

SERVERSTATUS_DISPOSED, SERVERSTATUS_RUNNING, SERVERSTATUS_STARTING, SERVERSTATUS_STOPPED, SERVERSTATUS_STOPPING, SERVERSTATUS_SUSPENDED, SERVERSTATUS_UNKNOWN

Constructor Summary

Constructors

Constructor and Description
FtpsServer()

Method Summary

Modifier and Type	Method and Description
protected FtpServerChannel	createChannel(Socket commandSocket, String threadName, int channelSequence, boolean reachedMaximumConnections) Create a channel.
String	getServerName() Gets the FTPS server's name.
protected ServerSocketFactory	getServerSocketFactory() Gets the server socket factory.
SSLContext	getSSLContext() Returns the SSLContext
String	getWalletLocationKey()
protected boolean	hasImplicitSecurity()
void	initialize() Initializes this Server.
protected void	initializeSSLContext(String walletLocation, String walletPassword)
protected void	logStartupMsg()
static void	main(String[] args)
protected void	registerCommands() Register the Commands that this Server invokes.

Methods inherited from class oracle.ifs.protocols.ftp.server.FtpServer

addFtpSession, clearDerivedProperties, closeSocketServer, commandCharacterSetIsUserCharacterSet, dispose, establishServerSocket, getAcceptQueueSizeKey, getAnonymousAllowedKey, getBannerText, getBindAddress, getCachePerformance, getCommandCharacterSetIsUserCharacterSetKey, getCommandInvoker, getConnectionPoolPerformance, getControlPort, getCurrentSessionsCount, getDefaultCommandCharacterSet, getDefaultCommandCharacterSetKey, getDefaultPort, getDescriptiveName, getGuestSession, getHostAddressKey, getHostname, getHostNameKey, getLibraryVersionKey, getLocale, getLocalhostKey, getLogger, getLoggerForLegacyLogging, getMaximumConnections, getMaximumConnectionsKey, getPortKey, getResourceString, getResourceString, getSessionTimeoutKey, getSessionTimeoutPeriodProperty, handlePropertyChangeRequest, handlePropertyChangeRequest, handleStopRequest, isAnonymousAllowed, isPropertyReadonly, postRun, preRun, releaseGuestSession, removeChannel, removeFtpSession, run, shouldHandlePropertyRequest, shutdown

Methods inherited from class oracle.ifs.core.runtime.IfsServer

checkSession, connectSession, constructSession, convertTimerInterval, convertTimerInterval, convertTimerInterval, getLastTimerActivation, getNextTimerActivation, getService, getTimerActivationPeriod, getTimerClassName, getTimerConfiguration, handlePriorityChangeRequest, handlePropertyChangeRequest, handleRequest, handleRequests, handleResumeRequest, handleServerStateControllerRequest, handleSuspendRequest, handleTimerExpired, isNonCompeting, isServiceAvailable, isTimerActive, isTokenNonCompeting, postCheckServerStateRequest, postRequest, processEvent, processEvents, queueEvent, resetTimer, restart, resume, serviceAvailabilityCheckNeeded, setPriority, setProperty, setProperty, start, startTimer, stop, stopRequested, stopTimer, suspend, timerExpired, waitForServiceAvailability, waitServer

Methods inherited from class oracle.ifs.core.runtime.Server

acquireSession, constructLibrarySessionPool, createServerState, deregister, disconnectSession, getConfigurationOverridesTable, getConfigurationTable, getCredential, getDesiredStatus, getIfsHome, getInitialConfigurationTable, getName, getNode, getNodeName, getOracleHome, getParameterTable, getPriority, getProperties, getProperty, getServerConfigurationName, getServerState, getServerStateValue, getServerType, getServiceName, getSession, getStateTable, getStatus, getSystemUserCredential, handleServerConfigurationOverrideRequest, handleServerStateEvent, initialize, initialize, isAgent, isDisposed, isInitialized, isLogged, log, log, log, releaseSession, releaseSession, setDesiredStatus, setDesiredStatus, setSessionTimeoutPrevented, setStateProperty, setStatus, startStandalone, startStandalone, supportsPriority, supportsSuspendResume, toStatusLabel, toStatusLabel, toStatusLabel, verifyNotDisposed, verifyNotDisposed

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

m_IsSecurityImplicit

protected boolean m_IsSecurityImplicit

Controls whether connection is implicity secure(Implicit SSL) or is initiated by AUTH command.

(Unpublished)

m_SSLContext

protected SSLContext m_SSLContext

Constructor Detail

FtpsServer

public FtpsServer()
           throws Exception

Throws:

Exception

Method Detail

getServerName

public String getServerName()

Gets the FTPS server's name.

Overrides:

getServerName in class FtpServer

Returns:

the server's name.

(Unpublished)

getWalletLocationKey

public String getWalletLocationKey()

initialize

public void initialize()
                throws IfsException,
                       Exception

Initializes this Server.

This method is called when the Server is first loaded.

If this method throws an exception, loading of the Server is aborted.

Overrides:

initialize in class FtpServer

Throws:

Exception - if the operation fails

IfsException

(Published)

logStartupMsg

protected void logStartupMsg()
                      throws Exception

Overrides:

logStartupMsg in class FtpServer

Throws:

Exception

initializeSSLContext

protected void initializeSSLContext(String walletLocation,
                                    String walletPassword)
                             throws Exception

Throws:

Exception

getSSLContext

public SSLContext getSSLContext()

Returns the SSLContext

(Unpublished)

registerCommands

protected void registerCommands()
                         throws Exception

Description copied from class: FtpServer

Register the Commands that this Server invokes.

Overrides:

registerCommands in class FtpServer

Throws:

Exception

createChannel

protected FtpServerChannel createChannel(Socket commandSocket,
                                         String threadName,
                                         int channelSequence,
                                         boolean reachedMaximumConnections)
                                  throws Exception

Description copied from class: FtpServer

Create a channel.

Overrides:

createChannel in class FtpServer

Throws:

Exception

getServerSocketFactory

protected ServerSocketFactory getServerSocketFactory()

Description copied from class: FtpServer

Gets the server socket factory.

Overrides:

getServerSocketFactory in class FtpServer

hasImplicitSecurity

protected boolean hasImplicitSecurity()

main

public static void main(String[] args)
                 throws Exception

Throws:

Exception