This subsection describes business process access control and management of FTP commands executed before and after transfer as the FTP reception functionality.

By setting up users that are allowed or prohibited access to the business processes, the FTP reception can control the access to the business processes for each user.

You can specify the business process access control settings in the FTP execution permission list definition file. Based on the settings in the FTP execution permission list definition file, the FTP reception decides whether to allow business process access to the users who are accessing the business process from an FTP client. The FTP reception invokes the business process only when the access is allowed, and returns an error without invoking the business process when the access is denied.

The following figure shows the procedure of business process access control:

Figure 8-13 Procedure of business process access control

In this figure, a business process is invoked for the request from user A who is allowed access in the FTP execution permission list definition file, but an error is returned without invoking a business process for the request from user B who is denied access in the FTP execution permission list definition file.

The following table describes the contents set up in the FTP execution permission list definition file:

Table 8-4 Contents set up in the FTP execution permission list definition file

Content	Specification method	Default value
Users who are allowed to access the associated business processes by the FTP reception	Specify the user name in the urecp-ftp.permission.allow property. To specify multiple users, separate the user names with a comma (,). If you specify an asterisk (*), access is allowed to all the users.	*
Users who are denied to access the associated business processes by the FTP reception	Specify the user name in the urecp-ftp.permission.deny property. To specify multiple users, separate the user names with a comma (,).	None

Note

If the same users are specified in both, the settings that deny access have a higher priority.

Note that you can store the FTP execution permission list definition file in any folder with any file name, but you must specify the absolute path of the FTP execution permission list definition file in the FTP reception configuration file. If the absolute path of the FTP execution permission list definition file is not specified in the FTP reception configuration file, all the users are allowed to access the business process.

Furthermore, if the contents of the FTP execution permission list definition file are changed, you must restart the FTP reception that is using the changed FTP permission list definition file.

For details, see "FTP execution permission list definition file " or "FTP reception configuration file " in "Service Platform Reference Guide".