I like the idea, and I think FTP is probably the way to go given Microsofts propensity to break WebDAV.
But by default GeoServer ships with a small security problem in the sense that the admin password is universally known. I prefer Tomcat's approach in which no account enabled by default, but this has not been a big issue up to this point. But if we include an FTP server then GeoServer suddenly becomes a valuable target for people who want to distribute illegal materials. I therefore suggest that it should not be possible to login with the standard credentials, and if possible tell the FTP client the reason for the rejection in the Access Denied response. Moving the service to a different port does not really help in this regard, it's easy to run SYN scans against large networks, and a custom port makes it easier to identify the software and possible credentials to try. -Arne On 05/31/2010 06:04 PM, Andrea Aime wrote: > Hi, > I need an easy to set up FTP server for GeoServer > so that remote admins can upload data. > > Alessio some time ago pointed me at Apache Mina FtpServer, > and this tutorial shows how to create an embedded FTP > server the easy way: > http://mina.apache.org/ftpserver/embedding-ftpserver-in-5-minutes.html > > GeoSolutions actually added that into GeoBatch already. > Alessio, Simone, is it working fine for you? > > I guess this would be a contribution of general interest. > Yes, setting up a stand alone FTP server for the same purpose > is not hard, but requires deciding which one you want to use > platform per platform, configuring it, creating the necessary > users (a separate set from GeoServer own users), and making > sure the files created by the server can be read > (and eventually written) by GeoServer. > > The idea of the embedded module is that you drop it in and > it just start serving the data directory contents to all > the GS users that have administration powers (since you need > to be able to configure the data afterwards anyways). > Basically a no options easy install that gets you going > in 5 minutes. > > Given it's a full fledged FTP server we also get much better > service than just file upload in forms, for example, no > limit on file sizes, restartable services, easy multiple uploads, > and a ton of existing clients on various platforms that > can access it directly. > > So, opinions? > > Cheers > Andrea > > > > > ------------------------------------------------------------------------------ _______________________________________________ Geoserver-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-devel
