105 lines
6.9 KiB
HTML
105 lines
6.9 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
|
<!DOCTYPE html
|
||
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
|
<html lang="en-us" xml:lang="en-us">
|
||
|
|
<head>
|
||
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
|
<meta name="security" content="public" />
|
||
|
|
<meta name="Robots" content="index,follow" />
|
||
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
|
<meta name="DC.Type" content="concept" />
|
||
|
|
<meta name="DC.Title" content="Request validation exit point: Client and server" />
|
||
|
|
<meta name="abstract" content="The Request Validation exit points can be used to restrict operations which can be performed by FTP users. Request validation exit points are provided by both the FTP client and server; to restrict both FTP client and FTP server access, exit programs must be added to both exit points." />
|
||
|
|
<meta name="description" content="The Request Validation exit points can be used to restrict operations which can be performed by FTP users. Request validation exit points are provided by both the FTP client and server; to restrict both FTP client and FTP server access, exit programs must be added to both exit points." />
|
||
|
|
<meta name="DC.Relation" scheme="URI" content="rzaiqreferenceexit.htm" />
|
||
|
|
<meta name="DC.Relation" scheme="URI" content="rzaiqexampreqvalcl.htm" />
|
||
|
|
<meta name="DC.Relation" scheme="URI" content="rzaiqexampreqvalilerpg.htm" />
|
||
|
|
<meta name="DC.Relation" scheme="URI" content="rzaiqpsvrep.htm" />
|
||
|
|
<meta name="DC.Relation" scheme="URI" content="rzaiqextprog.htm" />
|
||
|
|
<meta name="DC.Relation" scheme="URI" content="rzaiqftpscon.htm" />
|
||
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
|
||
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
|
||
|
|
<meta name="DC.Format" content="XHTML" />
|
||
|
|
<meta name="DC.Identifier" content="rzaiqsvreqep" />
|
||
|
|
<meta name="DC.Language" content="en-us" />
|
||
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
|
<!-- US Government Users Restricted Rights -->
|
||
|
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
|
<title>Request validation exit point: Client and server</title>
|
||
|
|
</head>
|
||
|
|
<body id="rzaiqsvreqep"><a name="rzaiqsvreqep"><!-- --></a>
|
||
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
|
<h1 class="topictitle1">Request validation exit point: Client and server</h1>
|
||
|
|
<div><p>The Request Validation exit points can be used to restrict operations
|
||
|
|
which can be performed by FTP users. Request validation exit points are provided
|
||
|
|
by both the FTP client and server; to restrict both FTP client and FTP server
|
||
|
|
access, exit programs must be added to both exit points.</p>
|
||
|
|
<div class="tip"><span class="tiptitle">Tip:</span> Because both the FTP client and server exit
|
||
|
|
points share the same exit point format, you can write a single program to
|
||
|
|
handle both.</div>
|
||
|
|
<p>If you implement anonymous FTP, write your FTP Server Request Validation
|
||
|
|
exit program to restrict anonymous FTP users to retrieve subcommands only,
|
||
|
|
and never allow anonymous users to execute CL commands.</p>
|
||
|
|
<div class="section"><h4 class="sectiontitle">What your program should include</h4><ul><li>Exception handling</li>
|
||
|
|
<li>Debugging</li>
|
||
|
|
<li>Logging</li>
|
||
|
|
</ul>
|
||
|
|
</div>
|
||
|
|
<div class="section"><h4 class="sectiontitle">Allowed and rejected commands</h4><p>The FTP request validation
|
||
|
|
exit program gives you control over whether to accept or reject an operation.
|
||
|
|
Decisions made by exit programs are in addition to any validation that is
|
||
|
|
performed by the FTP client or FTP server application. The FTP client or server
|
||
|
|
application calls the exit program registered for that application each time
|
||
|
|
it processes one of these requests:</p>
|
||
|
|
<ul><li>Directory or library creation</li>
|
||
|
|
<li>Directory or library deletion</li>
|
||
|
|
<li>Setting current directory</li>
|
||
|
|
<li>Listing file names</li>
|
||
|
|
<li>File deletion</li>
|
||
|
|
<li>Sending a file</li>
|
||
|
|
<li>Receiving a file</li>
|
||
|
|
<li>Renaming a file</li>
|
||
|
|
<li>Running a CL command</li>
|
||
|
|
</ul>
|
||
|
|
<p>You might want to set value -1 of parameter 8 (Allow operation) in
|
||
|
|
the VRLQ0100 exit point format to always and unconditionally reject a command.</p>
|
||
|
|
</div>
|
||
|
|
<div class="section"><h4 class="sectiontitle">Is there an exit program time-out feature?</h4><p>There
|
||
|
|
is no time-out for FTP exit programs. If the exit program has an error or
|
||
|
|
exception that it cannot handle, the FTP server will stop the session.</p>
|
||
|
|
</div>
|
||
|
|
<div class="section"><h4 class="sectiontitle">Example programs</h4><p>Example programs
|
||
|
|
are available to help you set up anonymous FTP on your server. These examples
|
||
|
|
are for illustration purposes. They do not contain all the features to run
|
||
|
|
on a production system. Use these samples as a starting point to build your
|
||
|
|
own programs. By copying portions of the code from the samples, you can add
|
||
|
|
them to programs that you write yourself. Run the sample programs on a system
|
||
|
|
other than your production system.</p>
|
||
|
|
</div>
|
||
|
|
</div>
|
||
|
|
<div>
|
||
|
|
<ul class="ullinks">
|
||
|
|
<li class="ulchildlink"><strong><a href="rzaiqexampreqvalcl.htm">Example: FTP client or server request validation exit program in CL code</a></strong><br />
|
||
|
|
This is an example of a simple File Transfer Protocol (FTP) Request
|
||
|
|
Validation exit program. It is written in iSeries™ Command Language (CL).</li>
|
||
|
|
<li class="ulchildlink"><strong><a href="rzaiqexampreqvalilerpg.htm">Example: FTP server request validation exit program in ILE RPG code</a></strong><br />
|
||
|
|
This example demonstrates a simple File Transfer Protocol (FTP) Request Validation Exit program used between the client and the server.</li>
|
||
|
|
<li class="ulchildlink"><strong><a href="rzaiqpsvrep.htm">VLRQ0100 exit point format</a></strong><br />
|
||
|
|
</li>
|
||
|
|
</ul>
|
||
|
|
|
||
|
|
<div class="familylinks">
|
||
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzaiqreferenceexit.htm" title="You can use File Transfer Protocol (FTP) exit programs to secure FTP. The FTP server communicates with each exit program through a specific exit point. This topic includes parameter descriptions and code examples.">File Transfer Protocol exit programs</a></div>
|
||
|
|
</div>
|
||
|
|
<div class="relconcepts"><strong>Related concepts</strong><br />
|
||
|
|
<div><a href="rzaiqftpscon.htm" title="You can use File Transfer Protocol (FTP) exit points to protect the iSeries from this topic.">Manage access using File Transfer Protocol exit programs</a></div>
|
||
|
|
</div>
|
||
|
|
<div class="relref"><strong>Related reference</strong><br />
|
||
|
|
<div><a href="rzaiqextprog.htm" title="To use anonymous File Transfer Protocol (FTP), you need to write two exit programs: FTP Server Logon exit program and FTP Server Request Validation exit program.">Write exit programs for anonymous File Transfer Protocol</a></div>
|
||
|
|
</div>
|
||
|
|
</div>
|
||
|
|
</body>
|
||
|
|
</html>
|