The problem happens when you use CFFTP tag in a sandboxed account. As you
may know CFFTP uses PORT by default (the "passive" attribute is "no" by
default). So far so good except for the fact that CFMX is not dealing the
connection and it's returning a java.net.SocketPermission error that
follows:
Security: The requested template has been denied access to localhost:1024-.
The following is the internal exception message: access denied
(java.net.SocketPermission localhost:1024- listen,resolve).
Some could ask to add 1024 (and higher) TCP port in the "Server/Port"
settings but it doesn't change anything (not to mention that 1024 port is
not used in PORT mode(?)). I've added all possible weirdness as TCP ports
(20, 21, various ranges etc, etc) with no sucess. The tag (in it's defaults)
doesn't work under a default sandbox context (with all IP/Ports open and
availble for connection).
The only workaround for it is to use passive mode (passive="yes") and (if
you're restricting access to "Server/Ports") add the FTP host wide opened
(leaving the "port" field blank) or add two entries (1) ftp.somehost.com:21
and (2) ftp.somehost.com:1024- (1024 and higher).
To exemplify:
1) http://www.alexhubner.com/ftp_port/ (using the default port mode)
2) http://www.alexhubner.com/ftp_pasv/ (using pasv mode)
And if my FTP server (or even the firewall ahead of it) doesn't allow me to
use PASV mode? Does anybody faced a similar issue? I've googled around and
didn't found any mention to it.
Many thanks!
Alex Hübner
PS: the cfml template I'm using in the examples above is here:
http://www.alexhubner.com/ftp_pasv/index.zip and a screenshot of my
"server/ports" config in the sandbox is here:
http://www.alexhubner.com/ftp_pasv/pic.gif
--
Alex Hübner
[EMAIL PROTECTED]
http://www.cfgigolo.com
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
