开发者

Creating FTP user dynamically

开发者 https://www.devze.com 2023-01-05 19:15 出处:网络
I need to create FTP users via a C# software, which is run Client-Side, I have no idea where to start or how to do that, I am not even sure if this is possible as this may require to be logged as root

I need to create FTP users via a C# software, which is run Client-Side, I have no idea where to start or how to do that, I am not even sure if this is possible as this may require to be logged as root?

My other option would be to call a PHP script via the C# software, which could call开发者_运维技巧 a system() script?

This function needs to work on Linux shared hosting (as this is shared I can't do everything I can).


The only way YOU have to manage the FTP server is through DirectAdmin. So unless there is an API for DirectAdmin and you have access to it, or your shared hosting provider offers some kind of API, you won't be able to do this.

If you can manage your users on the shared host with system(), then by all means go that route.

If you can't, then you might need to create a script that runs on the server, that accepts incoming requests and then works directly with DirectAdmin to manage the users. This would require the script know the DirectAdmin credentials, and if any updates happen to DirectAdmin it could potentially break your script. I would be very careful with this method, as anyone with access to this script could then manage ftp users. If your client can manage these FTP users, anyone can. How will users be "authenticated" with the client if there is any authentication. If so, how are they authenticated? Because your "api" script will need to work with that authentication as well.

My question is, do you really NEED to create an FTP user? If they just need to upload a file, couldn't they simply upload a file via an online form? Or through the client? Are you required to use FTP?

EDIT: So as I said in the comments, one idea would be to have a server side script (maybe PHP) that would handle managing the files. It would accept requests to upload/delete/blah the files. When a file is uploaded to the site it would be stored, and it would return a special token along with the location of the file.

The client would then take the token, store it locally, and when the user manages the file on the client it would use that token for future modifications. I'd generate this token randomly (not based off any data of the user). How you store the token is up to you, could be on the file system with the files or in a database.

The communication between the client and the site should be done through SSL if possible, to stop MITM attacks.

As for uploading files, it's really up to how your client authenticates it's users. If it's via a central database, the shared hosting server could access that, if you don't want to do that, then you'd need to something similar to a public key system. So that the client can send a key that the shared hosting script can tell if the user is valid or not. But then you have to have the script know when the key has been revoked, etc.

So it's up to you how you want to proceed with this part.


If this were me--and this is adding one more moving part, I realize--I'd decouple the creation of users, and place that in a long-running process on the remote server, where both the server process and the PHP facade work with something like Gearman to coordinate jobs. You're not going to be able to create the processes on the remote Linux server from C# without some external facility like rsh. Something just skeeves me out about the idea of creating users via a PHP site, unless it's only accessible over a private intranet with no external access. Having a separate process would give you just one extra step in which to validate.

0

精彩评论

暂无评论...
验证码 换一张
取 消