use of org.alfresco.jlan.ftp.FTPAuthenticator in project alfresco-repository by Alfresco.
the class ServerConfigurationBean method processFTPServerConfig.
/**
* Process the FTP server configuration
*/
protected void processFTPServerConfig() {
if (ftpConfigBean == null) {
removeConfigSection(FTPConfigSection.SectionName);
return;
}
if (!ftpConfigBean.getServerEnabled()) {
removeConfigSection(FTPConfigSection.SectionName);
return;
}
// Create the FTP configuration section
FTPConfigSection ftpConfig = new FTPConfigSection(this);
try {
// Check for a bind address
String bindText = ftpConfigBean.getBindTo();
if (bindText != null && bindText.length() > 0 && !bindText.equals(BIND_TO_IGNORE)) {
try {
// Check the bind address
InetAddress bindAddr = InetAddress.getByName(bindText);
// Set the bind address for the FTP server
ftpConfig.setFTPBindAddress(bindAddr);
} catch (UnknownHostException ex) {
throw new AlfrescoRuntimeException("Unable to find FTP bindto address, " + bindText, ex);
}
}
// Check for an FTP server port
Integer port = ftpConfigBean.getPort();
if (port != null) {
ftpConfig.setFTPPort(port);
if (ftpConfig.getFTPPort() <= 0 || ftpConfig.getFTPPort() >= 65535)
throw new AlfrescoRuntimeException("FTP server port out of valid range");
} else {
// Use the default FTP port
ftpConfig.setFTPPort(DefaultFTPServerPort);
}
// Check for an FTP server timeout for connection to client
Integer sessionTimeout = ftpConfigBean.getSessionTimeout();
if (sessionTimeout != null) {
ftpConfig.setFTPSrvSessionTimeout(sessionTimeout);
if (ftpConfig.getFTPSrvSessionTimeout() < 0)
throw new AlfrescoRuntimeException("FTP server session timeout must have positive value or zero");
} else {
// Use the default timeout
ftpConfig.setFTPSrvSessionTimeout(DefaultFTPSrvSessionTimeout);
}
if (ftpConfigBean.getAllowAnonymous()) {
// Enable anonymous login to the FTP server
ftpConfig.setAllowAnonymousFTP(true);
// Check if an anonymous account has been specified
String anonAcc = ftpConfigBean.getAnonymousAccount();
if (anonAcc != null && anonAcc.length() > 0) {
// Set the anonymous account name
ftpConfig.setAnonymousFTPAccount(anonAcc);
if (ftpConfig.getAnonymousFTPAccount() == null || ftpConfig.getAnonymousFTPAccount().length() == 0) {
throw new AlfrescoRuntimeException("Anonymous FTP account invalid");
}
} else {
// Use the default anonymous account name
ftpConfig.setAnonymousFTPAccount(DefaultFTPAnonymousAccount);
}
} else {
// Disable anonymous logins
ftpConfig.setAllowAnonymousFTP(false);
}
// Check if a root path has been specified
String rootPath = ftpConfigBean.getRootDirectory();
if (rootPath != null && rootPath.length() > 0) {
try {
// Parse the path
new FTPPath(rootPath);
// Set the root path
ftpConfig.setFTPRootPath(rootPath);
} catch (InvalidPathException ex) {
throw new AlfrescoRuntimeException("Invalid FTP root directory, " + rootPath);
}
}
// Check for FTP debug flags
String flags = ftpConfigBean.getDebugFlags();
int ftpDbg = 0;
if (flags != null) {
// Parse the flags
flags = flags.toUpperCase();
StringTokenizer token = new StringTokenizer(flags, ",");
while (token.hasMoreTokens()) {
// Get the current debug flag token
String dbg = token.nextToken().trim();
// Find the debug flag name
int idx = 0;
while (idx < m_ftpDebugStr.length && m_ftpDebugStr[idx].equalsIgnoreCase(dbg) == false) idx++;
if (idx >= m_ftpDebugStr.length)
throw new AlfrescoRuntimeException("Invalid FTP debug flag, " + dbg);
// Set the debug flag
ftpDbg += 1 << idx;
}
// Set the FTP debug flags
ftpConfig.setFTPDebug(ftpDbg);
}
// Check if a character set has been specified
String charSet = ftpConfigBean.getCharSet();
if (charSet != null && charSet.length() > 0) {
try {
// Validate the character set name
Charset.forName(charSet);
// Set the FTP character set
ftpConfig.setFTPCharacterSet(charSet);
} catch (IllegalCharsetNameException ex) {
throw new AlfrescoRuntimeException("FTP Illegal character set name, " + charSet);
} catch (UnsupportedCharsetException ex) {
throw new AlfrescoRuntimeException("FTP Unsupported character set name, " + charSet);
}
}
// Check if an authenticator has been specified
FTPAuthenticator auth = ftpConfigBean.getAuthenticator();
if (auth != null) {
// Initialize and set the authenticator class
ftpConfig.setAuthenticator(auth);
} else
throw new AlfrescoRuntimeException("FTP authenticator not specified");
if (ftpConfigBean.getDataPortFrom() != 0 && ftpConfigBean.getDataPortTo() != 0) {
// Range check the data port values
int rangeFrom = ftpConfigBean.getDataPortFrom();
int rangeTo = ftpConfigBean.getDataPortTo();
if (rangeFrom != 0 && rangeTo != 0) {
if (rangeFrom < 1024 || rangeFrom > 65535)
throw new InvalidConfigurationException("Invalid FTP data port range from value, " + rangeFrom);
if (rangeTo < 1024 || rangeTo > 65535)
throw new InvalidConfigurationException("Invalid FTP data port range to value, " + rangeTo);
if (rangeFrom >= rangeTo)
throw new InvalidConfigurationException("Invalid FTP data port range, " + rangeFrom + "-" + rangeTo);
// Set the FTP data port range
ftpConfig.setFTPDataPortLow(rangeFrom);
ftpConfig.setFTPDataPortHigh(rangeTo);
// Log the data port range
logger.info("FTP server data ports restricted to range " + rangeFrom + ":" + rangeTo);
}
}
// Check for an external address
String ExtAddr = ftpConfigBean.getExternalAddress();
if (ExtAddr != null && ExtAddr.length() > 0) {
ftpConfig.setFTPExternalAddress(ExtAddr);
}
if (ftpConfigBean.getKeyStorePath() != null && ftpConfigBean.getKeyStorePath().length() > 0) {
// Get the path to the key store, check that the file exists
String keyStorePath = ftpConfigBean.getKeyStorePath();
File keyStoreFile = new File(keyStorePath);
if (keyStoreFile.exists() == false)
throw new InvalidConfigurationException("FTPS key store file does not exist, " + keyStorePath);
else if (keyStoreFile.isDirectory())
throw new InvalidConfigurationException("FTPS key store path is a directory, " + keyStorePath);
// Set the key store path
ftpConfig.setKeyStorePath(keyStorePath);
if (ftpConfigBean.getKeyStoreType() != null && ftpConfigBean.getKeyStoreType().length() > 0) {
// Get the key store type, and validate
String keyStoreType = ftpConfigBean.getKeyStoreType();
if (keyStoreType == null || keyStoreType.length() == 0)
throw new InvalidConfigurationException("FTPS key store type is invalid");
try {
KeyStore.getInstance(keyStoreType);
} catch (KeyStoreException ex) {
throw new InvalidConfigurationException("FTPS key store type is invalid, " + keyStoreType, ex);
}
// Set the key store type
ftpConfig.setKeyStoreType(keyStoreType);
}
if (ftpConfigBean.getKeyStorePassphrase() != null && ftpConfigBean.getKeyStorePassphrase().length() > 0) {
// Set the key store passphrase
ftpConfig.setKeyStorePassphrase(ftpConfigBean.getKeyStorePassphrase());
}
}
if (ftpConfigBean.getTrustStorePath() != null && ftpConfigBean.getTrustStorePath().length() > 0) {
// Get the path to the trust store, check that the file exists
String trustStorePath = ftpConfigBean.getTrustStorePath();
File trustStoreFile = new File(trustStorePath);
if (trustStoreFile.exists() == false)
throw new InvalidConfigurationException("FTPS trust store file does not exist, " + trustStorePath);
else if (trustStoreFile.isDirectory())
throw new InvalidConfigurationException("FTPS trust store path is a directory, " + trustStorePath);
// Set the trust store path
ftpConfig.setTrustStorePath(trustStorePath);
if (ftpConfigBean.getTrustStoreType() != null && ftpConfigBean.getTrustStoreType().length() > 0) {
// Get the trust store type, and validate
String trustStoreType = ftpConfigBean.getTrustStoreType();
if (trustStoreType == null || trustStoreType.length() == 0)
throw new InvalidConfigurationException("FTPS trust store type is invalid");
try {
KeyStore.getInstance(trustStoreType);
} catch (KeyStoreException ex) {
throw new InvalidConfigurationException("FTPS trust store type is invalid, " + trustStoreType, ex);
}
// Set the trust store type
ftpConfig.setTrustStoreType(trustStoreType);
}
if (ftpConfigBean.getTrustStorePassphrase() != null && ftpConfigBean.getTrustStorePassphrase().length() > 0) {
// Set the trust store passphrase
ftpConfig.setTrustStorePassphrase(ftpConfigBean.getTrustStorePassphrase());
}
}
if (ftpConfigBean.hasRequireSecureSession()) {
// Only allow secure sessions to logon to the FTP server
ftpConfig.setRequireSecureSession(true);
}
// MNT-7301 FTPS server requires unnecessarly to have a trustStore while a keyStore should be sufficient
if (ftpConfig.getKeyStorePath() != null) {
if (ftpConfig.getKeyStorePath() == null)
throw new InvalidConfigurationException("FTPS configuration requires keyStore to be set");
}
if (ftpConfigBean.hasSslEngineDebug()) {
// Enable SSLEngine debug output
System.setProperty("javax.net.debug", "ssl,handshake");
}
} catch (InvalidConfigurationException ex) {
throw new AlfrescoRuntimeException(ex.getMessage());
}
}
Aggregations