Skip to content

lou-vasquez/nifi-ftps

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
nifi-ftps-nar
nifi-ftps-nar
 
 
nifi-ftps-processors
nifi-ftps-processors
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
build.sh
build.sh
 
 
install.sh
install.sh
 
 
pom.xml
pom.xml
 
 

Repository files navigation

nifi-ftps

Standalone NAR with FTPS support (while waiting for support in base NIFI). Modified for use at NCICS:

  • basic FTPS functionality tested working for List/Fetch/Get/Put
  • latest nar version (as of sept 2020 - 1.12.0)
  • host validation off (we authenticate not them)
  • self signed (we authenticate not them)
  • nat workaround option
  • EPSV with IPv4 option

TODO:

  • variable for host validation
  • variable for self sign

History

Why this extension?

FTPS support has started some time ago, but was then moved to a different idea .

Since I cannot wait on it : I took the FTP part of the base NIFI and added FTPS support. Since verification is important, also added some host verification

Installation

mvn clean install
# docker cp nifi-ftps-nar/target/nifi-standard-nar-VERSION.nar nifi-container:/opt/nifi/nifi-current/lib
# NOTE be sure to remove existing standard nar (if above copy does not)
# restart docker/nifi

Since the code only injects an FTPSClient iso an FTPClient, we use all the logic of the FTP classes. This means that there is a very large dependency on the standard processors NAR.

However, using the construct of adding a NAR dependency, this lead to IllegalAccessExceptions when loading the FTPS processors.

So I decided to inject the additional JAR into the standard processor NAR. This way, the JAR feels right at home :-)

Installation is therefore building the "patched" standard processor NAR and replacing the original one by this one.

1.12.0 State

basic testing to VsFTP works for List/Fetch/Get/Put (minor mods) docker run -p 2121:21 -p21100-21110:21100-21110 --name ftps loicmathieu/vsftpd ftps

1.9.2 State (past tag)

Written with NIFI 1.9.2 (thanks for all the commented out solutions, kullervo16).

  • self signed allowed
  • host validation not required

Manually tested (ListFTPS, FetchFTPS) against external data provider ftps

1.7 State (pre-fork kullervo16 version)

Tested with FileZilla and with test.rebex.net.

Note : it forces the FTPS "PROT P" option (encrypted transfer) over TLS (no more SSL) , but it does not support the "TLS session resumption" option

Note 2 : since I have no proxy to test with, the proxy options are disabled

About

Standalone NAR with FTPS support (while waiting for support in base NIFI)

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Java 99.5%
  • Shell 0.5%