FTP (File Transfer Protocol)
Altaf Hussain
Srikanth Nutigattu
Agenda… Introduction to FTP Overview FTP in Detail Advantages/Limitations Programming for FTP Alternatives
Introduction FTP or File Transfer Protocol is used to transfer data from one computer to another over the Internet, or through a network. Specifically, FTP is a commonly used protocol for exchanging files over any network that supports the TCP/IP protocol
FTP Server
FTP Client
The FTP server, running FTP server software, listens on the network for connection requests from other computers. The client computer, running FTP client software, initiates a connection to the server.
UI
Server Protocol Interpreter
File System
Server Data Transfer Process
FTP Server
FTP Commands/ Replies
(port 21)
Data Connection
User PI
User DTP
(port 20)
FTP Client
File System
Overview FTP
runs exclusively over TCP FTP servers by default listen on port 21for incoming connections from FTP clients. (control stream ) For the actual file transfer to take place, a different connection is required by default port 20 (data stream)
Connection Modes: Active Mode Passive Mode Extended Passive Mode
FTP in detail: -
Two Primary file transfer modes ASCII (plain text) -
-
End-of-line translation occurs between platforms Data is considered to be only 7 bits (high order bits are lost)
Binary image -
Data is transferred raw (not interpreted)
-
Other Modes (EBCDIC, local) are rarely ever used
-
Mode must be set before transfer begins -
Many clients have an auto-select mode. -
-
File suffix / name guides selection of transfer mode
Common mistake to transfer a binary file in ASCII mode.
..contd., - The server stores files in a directory structure -
Clients log on, traverse the directories, and download files Anonymous access is an option The FTP request command determines the direction of the data transfer (GET/PUT)
Different FTP clients hide the protocol details in different ways: Command line – closest to the real protocol
Dedicated FTP clients, such as ‘Filezilla’ – easier to use, more flexible and robust
Web browsers – tend to make FTP and web access look similar
Standard Connection Model
Control
A A
Data
B B
Alternative Connection Model Control
B B
A
Data
Control
C C
Access Control Commands USER PASS CWD CDUP QUIT
specify user specify password change directory change directory to parent logout
Transfer Parameter Commands PORT PASV TYPE MODE STRU
publish local data port server should listen establish data representation establish transfer mode establish file structure
Service Commands RETR STOR STOU APPE ABOR PWD LIST
retrieve file send file send file and save as unique send file and append abort prev. service command print working directory transfer list of files over data link
FTP Replies All
replies are sent over control connection. Replies are a single line containing 3
digit status code (sent as 3 numeric chars). text message. The
FTP spec. includes support for multi-line text replies.
Data Transfer Modes STREAM:
file is transmitted as a stream of
bytes. BLOCK: file is transmitted as a series of blocks preceded by headers containing count and descriptor code (EOF, EOR, restart marker). COMPRESSED: uses a simple compression scheme - compressed blocks are transmitted.
Advantages/Limitations Advantages Allows
over HTTP:
inspection of file-tree, file size and time-stamps. No HTML code required. Easy to implement download/uploading
Limitations: Passwords
and file contents are sent in clear text, which can be intercepted by eavesdroppers. There are protocol enhancements that circumvent this. Multiple TCP/IP connections are used, one for the control connection, and one for each download, upload, or directory listing. Firewall software needs additional logic to account for these connections. It is hard to filter active mode FTP traffic on the client side by using a firewall, since the client must open an arbitrary port in order to receive the connection. This problem is largely resolved by using passive mode FTP.
FTP
is a high latency protocol due to the number of commands needed to initiate a transfer. No integrity check on the receiver side. If transfer is interrupted the receiver has no way to know if the received file is complete or not. It is necessary to manage this externally for example with MD5 sums or cyclic redundancy checking. No error detection. FTP relies on the underlying TCP layer for error control, which uses a weak checksum by modern standards.
Java Programming for FTP There
is no standard API for FTP (eg like http package) Should rely on ‘URL’ and ‘URLConnection’ classes. Sun provides an undocumented and unsupported API called ‘sun.net.ftp’ For enhanced capability should rely on third party API’s.
JDK support for FTP
Java.net
sun.net.ftp
Third party API’s for FTP client
JScape, iNet Factory: com.jscape.inet.ftp.Ftp IP*Works: ipworks.Ftp Enterprise Distributed Technologies, Java FTP Client Library: com.enterprisedt.net.ftp.FTPClient IBM alphaWorks, FTP Bean Suite: com.ibm.network.ftp.protocol.FTPProtocol SourceForge, JFtp: net.sf.jftp.net.FtpConnection The Jakarta Project, Jakarta Commons/Net: org.apache.commons.net.ftp.FTPClient JavaShop JNetBeans: jshop.jnet.FTPClient Florent Cueto, JavaFTP API: com.cqs.ftp.FTP Bea Petrovicova, jFTP: cz.dhl.ftp.Ftp The Globus Project, Java CoG Kit: org.globus.io.ftp.FTPClient
The comprehensive comparison can be found at: http://www.javaworld.com/javaworld/jw-042003/ftp/jw-0404-ftptable.html
Alternatives and Enhancements FTP
over SSH (secure FTP ) FTP over SSH refers to the practice of tunneling a normal FTP session over an SSH connection. FTP over SSL (FTPS ) SSH File Transfer Protocol (SFTP) This is not related to standard FTP. Here, the entire conversation (credentials and data) is always protected by the SSH protocol.
Additional References:
www.wikipedia.com http://java.sun.com/j2se/1.4.2/docs/api/ http://www.javaworld.com/ http://jakarta.apache.org/commons/net/ http://www.enterprisedt.com/publications/FTP_Overview.html RFC 959. File Transfer Protocol. J.Postel. J Reynolds. 1985. http://www.ietf.org/rfc/rfc0959.txt
Thank you!!