I use this in an ftplet -- much the same approach as David's but actually
tested!
Notes:
- consultArbiter() checks the client certificate against some criteria. You
can omit this, or roll your own.
- I have my own logger. You can remove those lines, or replace them with
calls to your preferred logging mechanism.
- I choose to end the session. David chose to send a message and leave the
user not-logged-in. Your choice.
/**
* Following a login, decide whether to allow it to stand,
* based on our configuration and SSL status, client certificate, etc.
*/
public FtpletResult onLogin(FtpSession session, FtpRequest request)
throws FtpException, IOException {
if(! session.isLoggedIn()) {
// nothing to do
return FtpletResult.SKIP;
}
if(session.isSecure()) {
return consultArbiter(session);
} else {
return handleUnsecureConnection(session);
}
}
/**
* Deal with an unsecure connection -- if configured to do so,
* we reject it with an error message. Otherwise we silently continue.
* @param session
* @return
* @throws FtpException
*/
private FtpletResult handleUnsecureConnection(FtpSession session)
throws FtpException {
if(denyUnsecureSessions) {
log.comment("FTPS", "Login attempt on unsecured connection");
session.write(new DefaultFtpReply(FtpReply.REPLY_530_NOT_LOGGED_IN,"Cannot
login on unsecured connection"));
return FtpletResult.DISCONNECT;
} else {
return FtpletResult.DEFAULT;
}
}
On 1 October 2011 09:52, Kaloyan Enimanev <[email protected]> wrote:
> Hi,
>
> thanks a lot for your replies.
>
> David, I will give your proposal a try.
>
> have a nice weekend,
> Kaloyan
>
> On Sat, Oct 1, 2011 at 10:22 AM, David Latorre <[email protected]> wrote:
>
> > I don't have access to my working code right now nor I have tested this,
> > but
> > you should basically do something like this:
> >
> > public FtpletResult beforeCommand(FtpSession session, FtpRequest
> request)
> > throws FtpException, IOException {
> >
> > String cmd = request.getCommand().toUpperCase();
> > if ("USER".equals(cmd)) {
> > if (!session.isSecure()) {
> > session.write(new DefaultFtpReply(500, "Control channel is
> > not secure. Please, issue AUTH command first."));
> > return FtpletResult.SKIP;
> > }
> >
> > }
> >
> > }
> >
> > If your client ignored the "5xx" error and still issued the PASS command
> > (in plaintext), you should return in this method
> FtpletResult.DISCONNECT
> > so they don' t get a chance to 'leak' the password.
> >
> >
> >
> >
> >
> >
> >
> >
> > 2011/10/1 Niklas Gustavsson <[email protected]>
> >
> > > On Fri, Sep 30, 2011 at 1:51 PM, Kaloyan Enimanev <[email protected]
> >
> > > wrote:
> > > > My question is: Can we protected the passwords of our users with
> > > > Explicit FTPS ? Perhaps by closing the connection if the first
> > > > command coming from the client is *not* AUTH ? Do you know of
> > > > any better options to avoid plain-text passwords from being sent ?
> > > >
> > > > If there is no existing solution, what needs to be done to implement
> > one
> > > ?
> > >
> > > FtpServer does not support this out of the box, but I know people has
> > > implemented the same thing using Ftplets. Perhaps someone is around
> > > here which can help you out with some existing code.
> > >
> > > /niklas
> > >
> >
>
--
"There is no way to peace; peace is the way"
