Hello, I'm using Apache Camel as an integration platform. Specifically, at the moment, I depend on the ftp/ftps/sftp support in the camel-ftp component. Under the hood Camel uses Commons Net for ftp and ftps support.
Recently, the camel-ftp component was enhanced (on my request) with the possibility to use a secure data channel. This is accomplished by using the execProt() (and execPsbz()) method in class FTPSClient. Unfortunately the execProt() method also sets the FTPSClient's socket factory to a new instance of FTPSSocketFactory. I'm sure there is a good reason for this that I'm not aware of. However, later on (in case Camel needs to reconnect), one of the connect() methods in SocketClient (the ultimate base class of FTPSClient) is called. Unfortunately all the connect methods first create an unconnected socket and then tries to connect it. The connection factory now associated with the FTPSClient the throws an exception stating that "Unconnected sockets not implemented". I've looked at the source code in commons-net trying to find out what's happening. These are my findings: The FTPSSocketFactory class override the createSocket() methods in SocketFactory and delegates them to its SSLContext's socket factory. Thus it's the SSLContext's connection factory that is being used. Since we are able to initially connect (the problems are related to reconnecting using the same FTPSClient instance) we need to investigate exactly what execProt() does that makes further connection attempts to fail. Lets have a look at the FTPSClient class. When the initial connection is up, the _connectAction() method is called. It in turn calls sslNegotiation() which in turn sets up the secure socket. In the sslNegotiation() method, an SSLSocketFactory is not instantiated directly. It is given by the SSLContext's getSocketFactory() method. This connection factory obviously works otherwise the secure connection wouldn't work even initially. Compare this with what's being done in the execProt() method. Here the FTPSSocketFactory is instantiated directly with the SSLContext passed as a constructor argument. Obviously this factory does NOT work... A question that comes to mind is why the socket factory created in the sslNegotiation() method is NOT set as the SocketClient's socket factory but the one created in the execProt() method is? It turns out that execProt() calls a generic sendCommand() method that sends the command and if the reply is OK, then sets the socket factory to null! One wonders why (and there is also a comment in the code: "Check this - is this necessary at all?")? Anyway, this is probably the reason why execProt() needs to "reset" the connection factory. Can anyone help me out with this? I need to get ftps (with a secure data channel) working in Camel. Is it a bug in the FTPSClient class or are we using it the wrong way? Should it be possible to reuse an instance of FTPSClient or must a new FTPSClient instance be created on every reconnect? /Bengt