Topic
IC4NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
7 replies Latest Post - ‏2012-12-18T20:06:24Z by SystemAdmin
SystemAdmin
SystemAdmin
6772 Posts
ACCEPTED ANSWER

Pinned topic Per User Directories on FTP Server in DP

‏2012-12-17T21:34:12Z |
When using a MPGW in DataPower as an FTP server in the Front Side Handler settings it asks for a default directory and a virtual directory. Is there a way to set a different virtual directory per authenticated user?

For the SFTP Server Front Side Handler, there's an entire AAA policy that required a custom style sheet to authenticate the user, and the username can be extracted. Is there then some way to append that username (or its mapped credential) to the end of the default directory?

That is, if the default directory is "ftp_files/", can Mary's virtual directory be set to "ftp_files/mary/" and John's be "ftp_files/john/"?
Updated on 2012-12-18T20:06:24Z at 2012-12-18T20:06:24Z by SystemAdmin
  • PullMeOut
    PullMeOut
    47 Posts
    ACCEPTED ANSWER

    Re: Per User Directories on FTP Server in DP

    ‏2012-12-18T16:30:45Z  in response to SystemAdmin
    I see you are trying to append user name to the file directory dynamically, It is better define static virtual directory based on user names. Define virtual directory /john/path, /mike/path
    • SystemAdmin
      SystemAdmin
      6772 Posts
      ACCEPTED ANSWER

      Re: Per User Directories on FTP Server in DP

      ‏2012-12-18T16:45:18Z  in response to PullMeOut
      That's fine with me, but how do I map the incoming user credential to that path? That is, I can set it up so John or Mary can connect. I can create the "john/docs" and "mary/docs" virtual directories. But, how do I make it so when John connects and puts a document, it only goes to "john/docs"?
      • PullMeOut
        PullMeOut
        47 Posts
        ACCEPTED ANSWER

        Re: Per User Directories on FTP Server in DP

        ‏2012-12-18T17:01:28Z  in response to SystemAdmin
        You missing something here, it is SFTP server your using is where the client push the files to your server path, e.g., if john is connecting you ,

        1) You should tell John where to place files when he is connecting you , give him your directory and path , if you using user name and password for authentication , given him your user name / PW and directory /path , in this case john will use your user name and pw to connect your server and once connected successfully he will place the file in the location which you want him to do.
        2) Similar with mary …..

        You need not have any control when you are using SFTP or FTP server where the file should be placed , client will connect your preferred location using your credentials and place the files whereever you ask him to place , that is how SFTP or FTP server works
        • PullMeOut
          PullMeOut
          47 Posts
          ACCEPTED ANSWER

          Re: Per User Directories on FTP Server in DP

          ‏2012-12-18T17:16:43Z  in response to PullMeOut
          to make it simple

          create john/doc --- virtual directory and ask john to place documents
          create mary/doc ---- virtual dir and ask mary to place documents
          but based on your authentication method your are using .
          in case of username/pw : give both john and mary your server username and pw.
          in case of public key authetication : give john and mary your public key authentication.
        • SystemAdmin
          SystemAdmin
          6772 Posts
          ACCEPTED ANSWER

          Re: Per User Directories on FTP Server in DP

          ‏2012-12-18T17:30:40Z  in response to PullMeOut
          Ordinarily, you're correct. However, we are doing something tricky. We have setup a MPG that uses an SFTP Server FSH and with Web Service on the back end. So, when the user drops the document, it is basically picked up and processed by the MPG.

          So, right now, the default directory is "/", and I have two virtual directories, one for John and one for Mary. When John connects, he can see both virtual directories.

          That is, I'm hoping not to have to create a different SFTP Server FSH per user... or I'll end up when hundreds of them.

          I want one SFTP Server FSH and be able to map John to John's directory, and Mary to Mary's.

          Maybe, the better question might be... will John ever be able to see Mary's drops and vice versa?
          • PullMeOut
            PullMeOut
            47 Posts
            ACCEPTED ANSWER

            Re: Per User Directories on FTP Server in DP

            ‏2012-12-18T18:44:52Z  in response to SystemAdmin
            You can created one SFTP front side handler , with different virtual directory’s , create /john/do
            /mary/docs . when john is placing his docs he can see both john and Mary folders . As you will tell them where to place it, they need to watch out where there are placing it. If you want john not to view Mary folder then you need to find out a way where you define different username/pw at folder level for both john and Mary so that only john can see his folders .
            In both the cases you can go with just one SFTP server FSH.I personally implemented this giving both same user name /pw for both Mary and john and with one SFTP MPEG FSH asking them to place files belongs to them .it worked for me .
            • SystemAdmin
              SystemAdmin
              6772 Posts
              ACCEPTED ANSWER

              Re: Per User Directories on FTP Server in DP

              ‏2012-12-18T20:06:24Z  in response to PullMeOut
              For this scenario, I'm probably worrying about nothing, as the document only exists temporarily anyway. The FTP posts are going to be B2B, so it's not like there's a guy named "Bob" hand-posting FTP docs.

              Thanks for the suggestions.