Overview
|
|
The FTP Scanner enables you to query and retrieve files to be processed by polling a
remote file server. When the files are retrieved, they can be passed into the Enterprise Gateway
core message pipeline for processing. For example, you can use the FTP Scanner in cases
where an external application drops files on to a remote file server, which can then
be validated, modified, and potentially routed on over HTTP or JMS by the Enterprise Gateway.
This kind of protocol mediation can be useful when integrating with Business-to-Business
(B2B) partner destinations or with legacy systems. For example, instead of making drastic
changes to either system, the Enterprise Gateway can download the files from the remote file server,
and then route them on over HTTP to another back-end system. The added benefit is that
messages are exposed to the full compliment of message processing filters available in the
Enterprise Gateway. This ensures that only properly validated messages are routed on to the target
system.
The FTP Scanner supports the following file transfer protocols:
-
FTP: File Transfer Protocol
-
FTPS: FTP over Secure Sockets Layer (SSL)
-
SFTP: Secure Shell (SSH) File Transfer Protocol
To add a new FTP Scanner, in the Policy Studio tree, under the Listeners
node, right-click the process name (for example, Oracle Enterprise Gateway),
and select FTP Poller -> Add. This topic describes
how to configure the fields on the FTP Scanner Settings dialog.
|
General Settings
|
|
This filter includes the following general settings:
Name:
Enter a descriptive name for this FTP scanner.
Enable:
Select whether this FTP Scanner is enabled. This is selected by default.
Host:
Enter the host name of the file transfer server to connect to.
Port:
Enter the port on which to connect to the file transfer server.
Defaults to 20.
User name:
Enter the username to connect to the file transfer server.
Password:
Specify the password for this user.
|
Scan Details
|
|
The fields configured in the Scan details section determine when
to scan, where to scan, and what files to scan:
Poll every (ms):
Specifies how often in milliseconds the Enterprise Gateway scans the specified directory
for new files. Defaults to 60000. To optimize performance, it is good
practice to poll often to prevent the number of files from building up.
Look in directory:
Enter the full path of the directory to scan for new files.
For files that match the pattern:
Specifies to scan only for files based on a pattern in a regular expression. For
example, if you wish to scan only for files with a particular file extension (for
example, .xml), enter an appropriate regular expression. Defaults to
the following expression:
|
| | |
|
([^\s]+(\.(?i)(xml|xhtml|soap|wsdl|asmx))$)
| |
| | |
|
Process file with following policy:
Click the browse button to select the policy to process each file with. For example,
this policy may perform tasks such as validation, threat detection, content filtering,
or routing over HTTP or JMS.
Delete file when complete:
Select whether to delete each processed file when complete. This is selected by
default.
Establish new session for each file found:
Select whether to establish a new file transfer session for each file found.
This is selected by default.
|
Connection Type
|
|
The fields configured in the Connection Type section determine the
type of file transfer connection. Select the connection type from the drop-down list:
- FTP - File Transfer Protocol
- FTPS - FTP over SSL
- SFTP - SSH File Transfer Protocol
|
FTP and FTPS Connections
|
|
The following general settings apply to FTP and FTPS connections:
Passive transfer mode:
Select this option to prevent problems caused by opening outgoing ports in
the firewall relative to the file transfer server (for example, when using
active FTP connections). This is selected by default.
File Type:
Select ASCII mode for sending text-based data
or Binary mode for sending binary data over the
connection. Defaults to ASCII mode.
|
FTPS Connections
|
|
The following security settings apply to FTPS connections only:
SSL Protocol:
Enter the SSL protocol used (for example, SSL or TLS).
Defaults to SSL.
Implicit:
When this option is selected, security is automatically enabled as soon as the
FTP Scanner client makes a connection to the remote file transfer
service. No clear text is passed between the client and server at any time. In this
case, the client defines a specific port for the remote file transfer service to use
for secure connections (990). This option is not selected by default.
Explicit:
When this option is selected, the remote file transfer service must explicitly request
security from the FTP Scanner client, and negotiate the required
security. If the file transfer service does not request security, the client can allow
the file transfer service to continue insecure or refuse and/or limit the connection.
This option is selected by default.
Trusted Certificates:
To connect to a remote file server over SSL, you must trust that server's SSL
certificate. When you have imported this certificate into the Certificate Store,
you can select it on the Trusted Certificates tab.
Client Certificates:
If the remote file server requires the FTP Scanner client to present an SSL certificate
to it during the SSL handshake for mutual authentication, you must select this certificate
from the list on the Client Certificates tab. This certificate must have
a private key associated with it that is also stored in the Certificate Store.
|
SFTP Connections
|
|
The following security settings apply to SFTP connections only:
Present following key for authentication:
Click the button on the right, and select a previously configured key to be used for
authentication from the tree. To add a key, right-click the Key Pairs
node, and select Add. Alternatively, you can import key pairs under the
Certificates and Keys node in the Policy Studio tree. For more details,
see the topic on Certificates and Keys.
SFTP host must present key with the following finger print:
Enter the fingerprint of the public key that the SFTP host must present (for example,
43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8).
|
|