FTP / FTPS / SFTP

The FTP component calls external servers using the FTP, FTPS or SFTP protocol. Learn how to use the FTP component.

Library

Create a new library with the following jars (in this order):

Camel version Library jars
2.18.3

See also How to retrieve the Camel version of Decision Insight.

Endpoint configuration

Depending on the server, the connection may not be working with the default parameters. Check the following parameters:

  • stepwise parameter : default is true, but false often works better
  • separator parameter : specify the server type, either UNIX or Windows
  • path can be specified as absolute, eg sftp://login@server//var/data will look at files in /var/data

See the FTP component documentation for the others settings

SFTP authentication

The SFTP authentication can be done either by password (simply use the password parameter in endpoint uri) or by certificate.

In order to use the certificate authentication you first ensure that the SSH server you want to connect to is configured in a such way. Then get the private key that correspond to the authorized certificate. This file has the following format (same format than OpenSSH key files):

-----BEGIN RSA PRIVATE KEY-----
MIIEpgIBAAKCAQEAvDYOuGVLX792Y4UuGQijTiLtAyULbuJkNnksdU+GPnuYR73l
(...)
WfT8crvAF4va45SbgSBb5er7a7Z6Ov6w8ImUN0g31GDrarajLYnM+p7P
-----END RSA PRIVATE KEY-----

or when it is encrypted by a passphrase (in this case you also need the associated passphrase)

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,9AD7FB0A171195D7F2A832E474BE3F7D

unyzD4EJbmvcV8AhnM4wix80pJBqyzflUIpLk6A52HCqabJZeO4H+KnPM1isQyBo
(...)
9XaJv3GSCj8+JP1a1wFfr3lCN3b+E3RU+lw4gia4XAh3PYkjeAmzMISbtodHC9vu
-----END RSA PRIVATE KEY-----

There is two alternative to store the private key file:

On file system

  1. Copy the private key to a file that is accessible by the Decision Insight process (eg /home/decision-insight/sftp-key.pem). 
  2. Then, add the following parameters to the endpoint configuration:
    • privateKeyFile to designate the key file to be used, eg  privateKeyFile=/home/decision-insight/sftp-key.pem
    • privateKeyPassphrase only if the retrieve private key is protected by a passphrase, eg  privateKeyPassphrase=secret

For example:

 <from uri="sftp://login@server//var/data/queue?privateKeyFile=/home/decision-insight/sftp-key.pem&amp;privateKeyPassphrase=secret"/>

(minus) You need to have access to the server filesystem to write the key file

(plus) The private key won't be exposed in export file, database file nor database backups

In embedded database

  1. Create a new resource in Data Integration, for example, sftp-key. Copy/paste the file content in the resources. 
  2. Then, add the following parameters to the endpoint configuration:
    • privateKeyUri to designate the key file to be used, eg  privateKeyUri=tnd-resource:sftp-key
    • privateKeyPassphrase only if the retrieve private key is protected by a passphrase, eg  privateKeyPassphrase=secret

For example:

 <from uri="sftp://login@server//var/data/queue?privateKeyUri=tnd-resource:sftp-key&amp;privateKeyPassphrase=secret"/>

(plus) You don't need access to the server file system, can be done completely from the GUI

(minus) The private key will be written in export file, in database file and database backups

Route sample

This example will print the file content of the retrieved files:

<routes xmlns:u="http://www.systar.com/aluminium/camel-util" xmlns="http://camel.apache.org/schema/spring">
    <route>
        <from uri="sftp://login@server//var/data/queue?privateKeyUri=tnd-resource:sftp-key&amp;privateKeyPassphrase=secret&amp;idempotent=true"/>
        <convertBodyTo type="java.lang.String"/>
        <to uri="log:test"/>
    </route>
</routes> 

Related Links