6.8.6 FTP execution authorization list definition file

Organization of this subsection

(1) Format
(2) Function
(3) Specifiable properties
(4) Example of coding

(1) Format

[urecp-ftp.permission.allow=user-name-with-execution-permission]
[urecp-ftp.permission.deny=user-name-without-execution-permission]

To Page Top

(2) Function

Specifies the users who will be allowed or not allowed to execute the business processes associated with an FTP reception.

You can create an FTP execution authorization list definition file based on the template file.

To create an FTP execution authorization list definition file:

Define the FTP execution authorization list definition file based on the following template file:

service-platform-installation-directory\CSC\config\ftprecp\templates\ftp_permission_allow.properties

Store the edited FTP execution authorization list definition file in the following directory:
```
service-platform-installation-directory\CSC\config\ftprecp\common
```
Do not change the file name.
Reference note
If you specify the following property, you can store the FTP execution authorization list definition file in any path and with any file name:
- urecp-ftp.permission-def.filepath property of the FTP reception configuration file
If you omit this property, the FTP execution authorization list definition file stored in the directory indicated in step 2 is used. If this directory does not contain the FTP execution authorization list definition file, the execution of all the FTP commands is not permitted.

To Page Top

(3) Specifiable properties

urecp-ftp.permission.allow=user-name-with-execution-permission ~ <Character strings or one-byte asterisks (*)> <<*>>

Specifies the name of the user who will be allowed to execute the business processes associated with an FTP reception.

To specify multiple users, specify user-name, user-name, ..., by using one-byte commas (,) as delimiters. The one-byte spaces and tab characters before and after the one-byte commas are ignored.

The empty user names (user names with length 0) are also ignored. If you specify the user names as follows, null will be ignored and the FTP reception will start successfully:

urecp-ftp.permission.allow = user-name-1,
urecp-ftp.permission.allow = user-name-1, Δ
urecp-ftp.permission.allow = user-name-1, Δ,user-name-2
urecp-ftp.permission.allow = user-name-1,,,,,,,,,,user-name-2
urecp-ftp.permission.allow = ,tab-character user-name-1 tab-character,tab-character tab-character

Legend:

Δ: Indicates a one-byte space.

If you specify one-byte asterisks (*) only, all the users are allowed to execute the business processes. Note that to specify a user name in the following format, enclose the user name within tab characters:

User names containing one-byte commas (,)
User names with one-byte spaces at the beginning or at the end
User names containing one one-byte asterisks (*)

If you omit this property, a one-byte asterisk (*) is specified.

Important note: The users specified in the urecp-ftp.permission.deny property (name of the user who does not have the execution permission) are not allowed to execute the business processes associated with an FTP reception.

urecp-ftp.permission.deny= user-name-without-execution-permission <Character strings or one-byte asterisks (*)>

Specifies the name of the user who will not be allowed to execute the business processes associated with an FTP reception.

To specify multiple users, specify user-name, user-name, ..., by using one-byte commas (,) as delimiters. The one-byte spaces and tab characters before and after the one-byte commas are ignored.

The empty user names (user names with length 0) are also ignored. If you specify the user names as follows, null will be ignored and the FTP reception will start successfully:

urecp-ftp.permission.deny = user-name-1,
urecp-ftp.permission.deny = user-name-1, Δ
urecp-ftp.permission.deny = user-name-1, Δ,user-name-2
urecp-ftp.permission.deny = user-name-1,,,,,,,,,,user-name-2
urecp-ftp.permission.deny = ,tab-character user-name-1 tab-character,tab-character tab-character

Legend:

Δ: Indicates a one-byte space.

Note that to specify a user name in the following format, enclose the user name within tab characters:

User names containing one-byte commas (,)
User names with one-byte spaces at the beginning or at the end

Important note: The users specified in this property are not allowed to execute the business processes associated with an FTP reception even if the user name or a one-byte asterisk (*) is specified in the urecp-ftp.permission.allow property (name of the user who has the execution permission).

To Page Top

(4) Example of coding

An example of coding is as follows:

To allow all the users (default )
```
urecp-ftp.permission.allow=*
```

Note that all the users are allowed even if the urecp-ftp.permission-def.filepath property (path of the FTP execution authorization list definition file) is not specified in the FTP reception configuration file.

To allow the user names root and admin only
```
urecp-ftp.permission.allow=root,admin
```
To allow the users other than the user names guest1 and guest2
- If the urecp-ftp.permission.allow property (name of the user who has the execution permission) is specified
```
urecp-ftp.permission.allow=*
urecp-ftp.permission.deny=guest1,guest2
```
- If the urecp-ftp.permission.allow property is omitted
```
urecp-ftp.permission.deny=guest1,guest2
```

To Page Top