... using Spring.
On 8 March 2013 10:59, John Hartnup <john.hart...@gmail.com> wrote: > You can create your own implementations of FtpFile, FilesystemView and > FilesystemFactory. You typically need all three - a FilesystemFactory > provides a way to create FilesystemViews, and a FilesystemView produces > FtpFiles. > > FtpServerFactory has a setFilesystem() method, so you can inject your > custom FilesystemFactory there. > > > On 8 March 2013 10:39, Vincent Pazeller <vincentpazel...@gmail.com> wrote: > >> Hi, thank you for the answer. >> >> Is there any example of implementing a custom file system (I have seen >> FtpFile Interface)? Do I need to modify the source directly? Is there a >> way >> to hook my own custom filesystem class by configuration (e.g. like >> FtpLets)? (I don't like modifying sources, it breaks updates). >> >> Otherwise, I have seen that we have full access to User password! Great. I >> wonder why no-one has done something like this already? No-one care for >> transparent secure data storage? >> >> Best Regards >> >> On Wed, Mar 6, 2013 at 8:26 PM, Niklas Gustavsson <nik...@protocol7.com >> >wrote: >> >> > On Wed, Mar 6, 2013 at 6:59 PM, Vincent Pazeller >> > <vincentpazel...@gmail.com> wrote: >> > > I am new to FtpServer and I am planning tu use it. Before, I would >> like >> > to >> > > know if anyone could confirm it will suit my needs... Basically, I >> would >> > > like to ensure secure storage on the server by transparently >> encrypting a >> > > file as soon it is uploaded and decrypting a file as soon it is >> > downloaded. >> > > Has anyone any experience with this? >> > > >> > > My feeling is that Ftplets would allow to do this. Here is what I >> would >> > > like to do: >> > > >> > > For uploads: create a onUploadEnd Ftplet and use a symmetric >> encryption >> > > algorithm (or PGP) to encrypt the uploaded file automatically >> > > To ensure this is feasible, I would need (I think): >> > > >> > > 1) Possibility to obtain the user plain password or a session key >> noone >> > can >> > > obtain and is constant per user (so I can use something like >> > SHA2(password >> > > + salt) as the key) >> > > 2) Possibility to easily access the uploaded file's data (to change >> the >> > > content). Ideally before it is even written to disk (So that the plain >> > file >> > > is never actually stored on the disk before being encrypted) >> > > >> > > For downloads: create a onDownloadStart Ftplet and use a symmetric >> > > encryption algorithm to decrypt the file automatically before the >> > download >> > > To ensure this is feasable, I would need (I think): >> > > >> > > 1) Possibility to obtain the user plain password/session key (so I can >> > use >> > > something like SHA2(password + salt) as the key) >> > > 2) Possibility to change the data before file is downloaded. The best >> > would >> > > be to be able to access the file, decrypt it and send the decrypted >> > data... >> > > >> > > Has anyone any idea on the feasibility of this? >> > > >> > > The crypto-system will be more complicated than this of course (this >> one >> > > only allows one user to access the data), but if this one is feasable, >> > > there is no limit to use something like PGP to allow multi-user access >> > > >> > > I would appreciate any advise from people knowing FtpServer deeper >> than >> > me >> > > and more precisely on what we can do with FtpLets or if there is a >> much >> > > simpler solution to my needs, of course :) >> > >> > I would recommend you to have a look at implementing this using a >> > custom file system instead of as an Ftplet. Doing so will be a more >> > natural way to intercept files as they are needed. In particular, look >> > at FtpFile.createOutputStream() and FtpFile.createInputStream(). >> > >> > /niklas >> > >> > > > > -- > "There is no way to peace; peace is the way" > -- "There is no way to peace; peace is the way"
