6.8.5 FTP command authorization list definition file
- Organization of this subsection
(1) Format
[ftp-command.allow=FTP-command-that-can-be-executed] [ftp-command.site.allow=Commands-that-can-be-executed-with-SITE-command]
(2) Function
Specifies the FTP commands that can be executed before and after the transmission and before and after the execution of list commands.
The FTP command authorization list definition file includes two types of files, the file for FTP adapters and the file for FTP receptions.
The contents specified in the FTP command authorization list definition file become valid when an FTP reception or FTP adapter starts.
You can create an FTP command authorization list definition file based on the template file.
How to create an FTP command authorization list definition file (for FTP reception)
To create an FTP command authorization list definition file (for FTP reception):
-
Define the FTP command authorization list definition file (for FTP reception) based on the following template file:
service-platform-installation-directory\CSC\config\ftprecp\templates\ftp_command_allow.properties
-
Store the edited FTP command authorization list definition file (for FTP reception) in the following directory:
service-platform-installation-directory\CSC\config\ftprecp\common
Do not change the file name.
- Reference note
-
If you specify the following property, you can store the FTP command authorization list definition file (for FTP receptions) in any path and with any file name:
-
urecp-ftp.ftp-command-allow.filepath property of the FTP reception configuration file
If you omit this property, the FTP command authorization list definition file stored in the directory indicated in step 2 is used. If this directory does not contain the FTP command authorization list definition file, the execution of all the FTP commands is not permitted.
-
How to create an FTP command authorization list definition file (for FTP adapters)
To create an FTP command authorization list definition file (for FTP adapters):
-
Define the FTP command authorization list definition file (for FTP adapters) based on the following template file:
service-platform-installation-directory\CSC\custom-adapter\FTP\config\templates\cscthrough.properties
-
Store the edited FTP command authorization list definition file (for FTP adapters) in the following directory:
service-platform-installation-directory\CSC\custom-adapter\FTP\config\common
Do not change the file name.
- Reference note
-
If you specify the following property, you can store the FTP command authorization list definition file (for FTP adapters) with any file name and in any path:
-
ftpadp.cscthrough-filepath property of the FTP-adapter runtime-environment property file
If you omit this property, the FTP command authorization list definition file stored in the directory indicated in step 2 is used. If this directory does not contain the FTP command authorization list definition file, the execution of all the FTP commands is not permitted.
-
(3) Specifiable properties
ftp-command.allow=FTP-command-that-can-be-executed ~ <Character strings or one-byte asterisks (*)>
Specifies the FTP commands that can be executed for the business processes before or after the transmission. The characters are not case sensitive.
If you omit this property, the execution of all the FTP commands, except the SITE command, will not be permitted.
- Important note
-
-
The settings for this property are applied only to the FTP reception or the FTP adapter in which the path of this definition file is specified in the FTP reception configuration file or FTP-adapter runtime-environment property file.
-
The ftp-command.site.allow property specifies whether the commands set as arguments of the SITE command can be executed. Therefore, you need not specify the SITE command in this property.
-
To specify multiple commands, specify command, command, ..., by using commas (,) as delimiters. The one-byte spaces and tab characters before and after the commas are ignored.
-
If you specify one-byte asterisks (*) only, all the FTP commands, except the SITE command supported by the service platform, can be executed.
-
The commands STOR, APPE, STOU, RETR, LIST, and NLST are not supported by the service platform. Therefore, even if you specify these commands, they cannot be executed. Similarly, even if you specify one-byte asterisks (*), the commands cannot be executed.
-
ftp-command.site.allow=Commands-that-can-be-executed-with-SITE-command ~ <Character strings or one-byte asterisks (*)>
Specifies the commands that are uniquely supported by the FTP server and that can be executed for the business processes before or after the transmission. The command specified as the first argument of the SITE command becomes the target of this property. The characters are not case sensitive.
If you omit this property, none of the SITE commands can be executed.
- Important note
-
-
The settings for this property are applied only to the FTP reception or the FTP adapter in which the path of this definition file is specified in the FTP reception configuration file or FTP-adapter runtime-environment property file.
-
The SITE FSIZE command is processed with the FTP inbound adapter. Therefore, even if you specify FSIZE in the value of this property, the value is ignored.
-
To specify multiple commands, specify command, command, ..., by using commas (,) as delimiters. The one-byte spaces and tab characters before and after the commas are ignored.
-
If you specify one-byte asterisks (*) only, all the SITE commands, except FSIZE, can be executed.
-
(4) Example of coding
An example of coding is as follows:
ftp-command.allow=STAT, RNFR, RNTO, DELE, RMD ftp-command.site.allow=CHMOD, UMASK
The details for the example of coding are as follows:
-
Permitted FTP commands (except the SITE command): Commands STAT, RNFR, RNTO, DELE, and RMD
-
Permitted SITE commands: Commands CHMOD and UMASK