You can create your own implementations of FtpFile, FilesystemView and FilesystemFactory. You typically need all three - a FilesystemFactory provides a way to create FilesystemViews, and a FilesystemView produces FtpFiles.
FtpServerFactory has a setFilesystem() method, so you can inject your custom FilesystemFactory there. On 8 March 2013 10:39, Vincent Pazeller <vincentpazel...@gmail.com> wrote: > Hi, thank you for the answer. > > Is there any example of implementing a custom file system (I have seen > FtpFile Interface)? Do I need to modify the source directly? Is there a way > to hook my own custom filesystem class by configuration (e.g. like > FtpLets)? (I don't like modifying sources, it breaks updates). > > Otherwise, I have seen that we have full access to User password! Great. I > wonder why no-one has done something like this already? No-one care for > transparent secure data storage? > > Best Regards > > On Wed, Mar 6, 2013 at 8:26 PM, Niklas Gustavsson <nik...@protocol7.com > >wrote: > > > On Wed, Mar 6, 2013 at 6:59 PM, Vincent Pazeller > > <vincentpazel...@gmail.com> wrote: > > > I am new to FtpServer and I am planning tu use it. Before, I would like > > to > > > know if anyone could confirm it will suit my needs... Basically, I > would > > > like to ensure secure storage on the server by transparently > encrypting a > > > file as soon it is uploaded and decrypting a file as soon it is > > downloaded. > > > Has anyone any experience with this? > > > > > > My feeling is that Ftplets would allow to do this. Here is what I would > > > like to do: > > > > > > For uploads: create a onUploadEnd Ftplet and use a symmetric encryption > > > algorithm (or PGP) to encrypt the uploaded file automatically > > > To ensure this is feasible, I would need (I think): > > > > > > 1) Possibility to obtain the user plain password or a session key noone > > can > > > obtain and is constant per user (so I can use something like > > SHA2(password > > > + salt) as the key) > > > 2) Possibility to easily access the uploaded file's data (to change the > > > content). Ideally before it is even written to disk (So that the plain > > file > > > is never actually stored on the disk before being encrypted) > > > > > > For downloads: create a onDownloadStart Ftplet and use a symmetric > > > encryption algorithm to decrypt the file automatically before the > > download > > > To ensure this is feasable, I would need (I think): > > > > > > 1) Possibility to obtain the user plain password/session key (so I can > > use > > > something like SHA2(password + salt) as the key) > > > 2) Possibility to change the data before file is downloaded. The best > > would > > > be to be able to access the file, decrypt it and send the decrypted > > data... > > > > > > Has anyone any idea on the feasibility of this? > > > > > > The crypto-system will be more complicated than this of course (this > one > > > only allows one user to access the data), but if this one is feasable, > > > there is no limit to use something like PGP to allow multi-user access > > > > > > I would appreciate any advise from people knowing FtpServer deeper than > > me > > > and more precisely on what we can do with FtpLets or if there is a much > > > simpler solution to my needs, of course :) > > > > I would recommend you to have a look at implementing this using a > > custom file system instead of as an Ftplet. Doing so will be a more > > natural way to intercept files as they are needed. In particular, look > > at FtpFile.createOutputStream() and FtpFile.createInputStream(). > > > > /niklas > > > -- "There is no way to peace; peace is the way"
