By default all administrative credentials are stored locally within JSCAPE MFT Server. You may however implement your own administrative authentication method using our available API. To do so perform the following.
1. Create a class which implements the com.jscape.inet.mft.subsystems.administrator.authentication.AuthenticationService class.
2. Overload the public void authenticate(AuthenticationCredentials creds) method, throwing a com.jscape.inet.mft.subsystems.administrator.authentication.OperationException exception if authentication fails or returning the username of administrator if authentication passes.
3. Create a JAR file that contains the compiled version of your com.jscape.inet.mft.subsystems.administrator.authentication.AuthenticationService implementation. To compile your authentication class you will need to include the ftpserver.jar library in your classpath. The ftpserver.jar library may be found in the libs directory for JSCAPE MFT Server.
4. Place the JAR file created in Step 3 as well as any needed 3rd party JAR files into the libs/ext directory of your JSCAPE MFT Server installation.
5. Restart the JSCAPE MFT Server Service.
6. Open JSCAPE MFT Server Manager and go to Server > Settings > Manager Service > Authentication and change the Service to custom authentication and click Apply.
An example implementation com.jscape.inet.mft.subsystems.administrator.authentication.TestAuthenticationService is also found in the ftpserver.jar file for testing.
Figure 207
Example
The following example is taken directly from the TestAuthenticationService example provided in ftpserver.jar library. There are two exception types that MAY be thrown as part of this example UnsupportedCredentialsTypeException and InvalidCredentialsException. In the event that UnsupportedCredentialsTypeException is thrown JSCAPE MFT Server will pass the credentials up and attempt to validate against local credentials stored within JSCAPE MFT Server instead of using the logic provided in custom authentication class. If InvalidCredentialsException is thrown then credentials will not be passed up and user will immediately be denied access.
package com.jscape.inet.mft.subsystems.administrator.authentication;
import java.util.Scanner;
public class TestAuthenticationService
implements AuthenticationService {
@Override
public String authenticate(AuthenticationCredentials credentials)
throws OperationException {
if (credentials instanceof PasswordCredentials) {
return authenticate((PasswordCredentials) credentials);
} else if (credentials instanceof TokenCredentials) {
return authenticate((TokenCredentials) credentials);
}
throw new UnsupportedCredentialsTypeException(credentials);
}
private String authenticate(PasswordCredentials credentials)
throws OperationException {
assertPasswordValid(credentials.username, credentials.password, credentials);
return credentials.username;
}
private String authenticate(TokenCredentials credentials)
throws OperationException {
try {
Scanner scanner = new Scanner(credentials.token).useDelimiter(":");
String username = scanner.next();
String password = scanner.skip(":").nextLine();
assertPasswordValid(username, password, credentials);
return username;
} catch (InvalidCredentialsException e) {
throw e;
} catch (Exception e) {
throw new InvalidCredentialsException(credentials);
}
}
private void assertPasswordValid(String username, String password, AuthenticationCredentials credentials)
throws InvalidCredentialsException {
if (!username.equals(password)) {
throw new InvalidCredentialsException(credentials);
}
}
}