Thanks! Comments inline.
Tony Zhou wrote:
Hi,
An update patch is made for the feature of the max login number
and max login number per ip. The modified files contain: User.java,
PropertiesUserManager.java, BaseUser.java, DbUserManager.java,
FtpConfigImpl.java , USER.java, UserManagerPanel.java,
FtpStatistics.java, FtpStatisticsImpl.java (maybe missing some one
attached) From the initial test, it seems ok for the server's behavior.
The LDAP serialization file was not modified due to limited knowledge.
The basic working procedure is that: the FtpStatisticsImpl updates
the user's login info in a hashtable. When the USER command is received,
the login is checked against the FtpStatisticsImpl to make sure the
policy is forced. Since the login activity happens in a low frequency,
the computing and space overhead of this hashtable and check is probably
durable.
One question here, shouldn't the check for max connections per IP be
independent on the user ID? I'm thinking of this limit as a measure for
inhibiting users trying to get around the max conns per user limit by
using multiple user names. In the current shape, what would be the use
case for the limit?
I am not sure how to commit files, therefore, they are attached here.
I think the best option is to attach them to the JIRA issue, since that
takes care of the IP rights (as it specifically asks you for the rights).
I'll have a closer look at the patch later tonight, maybe I'll have some
more questions/comments then. Rana/Sergey, any comments?
/niklas
