Documentation
 
Installation
 
  Application
  System Service
Setup guide
 
  Service settings
  Server settings
  Adding users
  File permissions
Advanced setups
 
  Authentication realms
  Custom FTP commands
  Events and EAI
  Integration
  Network interfaces
  SSL Setup
  UPNP and NAT
  IP Blocking
  FTP Features
  Filters
  Scripts
Schemas docs
 
  JAFS server
  JAFS service
  JBI service
Other
 
  Performance tips
  Security
  XML basics
 
  Built with Apache Forrest logo Financial help logo
  Designed for Firefox logo Java.net member logo
 


by SuperBonBon  PDF 

File access settings



Defining users file access.

The fileSystem is used to enclose all the rights that a user has on directories.

The id setting let you name the access settings

You can assign users to the access setting using userBind tags to bind the user names. The value can be a regular expression if you want to bind multiple users ( matching the regexp ) to the same file access config.

The access rights setting allow you to define the operations that can be done on the specified directory or file.
All the path defined are relative to the server root setting.

The rights list is delimited by commas and must match the following codes for a file :

  • rf : Read the file.
  • df : Delete the file.
  • rn : Rename files.
  • nra : Disable ratio on file if the user has ratio set on.
  • of : Overwrite a file.
  • hf : Access hidden file.

When a directory is specified in a path setting, the following additional rights settings are available :

  • cf : Create a file.
  • dd : Delete directory.
  • cd : Create directory.
  • rd : Rename directory.
  • cwd : List directory content.

Finally the fileType setting let you define what are the files extensions that are allowed to be created in the defined path. Here is a small configuration example :

      <server xmlns="http://www.sbbi.net/jafs/1.0/jafs-server"
        ...
        code="sample_server" ... >
        ...
        <fileSystem cacheDirs="false">
          <rights id="myRights1">
            <userBind>user1</userBind>
            <userBind>user3</userBind>
            <access rights="">
              <path>/ssl</path>
            </access>
            <access rights="cwd">
              <path>/</path>
              <fileType>com,bat,exe</fileType>
            </access>
            <access rights="rf">
              <path>/logs_config.xml</path>
            </access>
          </rights>
          <rights id="myRights2">
            <userBind>user2</userBind>
            <access rights="cwd">
              <path>/</path>
            </access>
            <access rights="rf">
              <path>/logs_config.xml</path>
            </access>
            <access rights="">
              <path>/ssl/serverKeyStore.jks</path>
            </access>
            <access rights="">
              <path>/ssl</path>
            </access>
          </rights>
        </fileSystem>
        ...
      </server>
Note
A user can currently only be set in one rights settings to avoid settings collisions ( user assigned to the same directory access settings twice ). The following example shows what can't be done with "user3" :
      <server xmlns="http://www.sbbi.net/jafs/1.0/jafs-server"
        ...
        code="sample_server" ... >
        ...
        <fileSystem cacheDirs="false">
          <rights id="myRights1">
            <userBind>user1</userBind>
            <userBind>user3</userBind>
            ...
          </rights>
          <rights id="myRights2">
            <userBind>user3</userBind>
            ...
          </rights>
        </fileSystem>
        ...
      </server>


 

Copyright © 2005 SuperBonBon Industries. All rights reserved.
Unless otherwise expressly noted, the contents of these pages are licensed under the Creative Commons - Attribution / Share Alike license.