EnterpriseDT：edtFTPj/PRO

 

Secure File Transfer for Java Applications

Companies worldwide rely on edtFTPj/PRO to securely transfer their confidential files. It is a mature, optimized library packed with features that help Java developers add SFTP and FTPS support to their applications.

 

edtFTPj/Pro - For your Java file transfer projects

edtFTPj/PRO has a rich and flexible feature set that ensures its suitability for your Java file transfer projects so you won’t be caught out part-way through a Java development project when you suddenly need support for a feature you hadn’t planned on. Advantages include:

• FTPS (explicit and implicit modes)
• SFTP and SCP (secure copy)
• Multiple protocols supported in the one component
• Multiple, simultaneous transfers by use of FTP connection pools
• edtFTPj/PRO supports directory transfers and directory synchronization
• edtFTPj/PRO is competitively priced and is royalty-free
• One year of support included (additional years can be purchased)

 

With Pro you also have the following purchase options:

• Individual Developer - for one or two developers
• Team Developer - for one team of developers (unlimited size)
• Corporate Developer - for multiple teams across a corporation

 

You can also buy the Source Code for the library for a fee enabling you to save time and minimize the human resource required to develop the software.

 

Key features

SFTP and SCP (SSH file transfer)

• Full support for SFTP (FTP over SSH) and SCP (secure copy)
• Supports password, public key and keyboard-interactive authentication
• Supports the use of known_hosts file for server validation as well as automatic validation
• Supports zlib compression
• Supports OpenSSH, SSH.COM, and PuTTY private key formats
• Supports aes128-ctr, aes192-ctr, and aes256-ctr ciphers
• Resuming of binary transfers that have partially completed

 

FTPS (File transfer over SSL)

• Full support for explicit and implicit mode FTPS
• Supports SSL 3.0 and TLS 1.0, 1.1 and 1.2
• Supports both client and server certificate validation
• Support for custom server validation
• Supports MODE Z compression
• Secure data and control channels
• Resuming of binary transfers that have partially completed

 

FTP

• Support for all standard and many optional FTP operations, passive and active modes, and support for a very wide range of FTP servers
• Support for FXP server-to-server transfers
• Resuming of binary transfers that have partially completed

 

Proxies

• Full support for SOCKS 4 and SOCKS 5 proxies
• Support for HTTP proxies

 

Performance

• Supports multiple, simultaneous transfers via connection pools
• Supports background transfers via a comprehensive asynchronous API
• Bandwidth throttling and data compression

 

Ease of use

• Multi-protocol client that permits switching protocols with a single method call
• The same simple, intuitive API as the popular edtFTPj/Free client, meaning upgrades to secure transfers are very straightforward
• Powerful FTP command shell, useful in batch jobs or script development
• FTP streams for treating the remote server as a data stream
• Progress monitoring, permitting notification of the progress of file transfers
• Directory and multiple file transfers and deletes, including wildcarding
• Integration with log4j

 

General

• Compatible with Java 1.4 and higher versions (earlier versions can be purchased)
• Royalty-free so no restrictions on deployment and no extra costs

 

edtFTPj/PRO Frequently Asked Questions

What type of secure FTP does edtFTPj/PRO support?

There is considerable confusion when using the term "secure FTP". There are two different types of secure file transfer protocols available, SFTP and FTPS. They are both supported by edtFTPj/PRO.

Firstly, there is an enhancement to standard FTP (as defined in RFC 959), which uses the same FTP commands (and protocol) over secure sockets, i.e. over SSL/TLS. This is implemented by edtFTPj/PRO. This is variously known as FTPS, FTP-SSL, and FTP-over-SSL. There are many FTP servers that support FTPS.

There is also another protocol, unfortunately known as SFTP, which also provides secure file access, but which is not related to the standard FTP protocol. This is implemented using SSH (Secure SHell), a suite of secure network connectivity tools (when used with SSH2 this is known as SFTP). The primary purpose of SSH is to enable users to remotely log into a machine over a secure connection. The two protocols are completely different and not related. Support for this protocol is also in edtFTPj/PRO.

 

SFTP vs FTPS - which is better?

While FTPS and SFTP are completely different protocols, they offer the same basic feature: secure file transfers. It is therefore common to be faced with the choice of one or the other. This section provides some pros and cons of these two protocols.

 

Security

Under ideal conditions SFTP and FTPS are able to offer comparable levels of security, but many SFTP deployments suffer from a vulnerability that is an artifact of SFTP's close relationship with SSH. The problem arises when you want to allow client SFTP access on a server but not SSH access. This is generally not a problem for pure SFTP servers, but for SSH/SFTP servers such as OpenSSH it can be quite complex and error-prone. So if you are not very careful when you set up your servers, users on machines with the SFTP client installed will be able to use an SSH client to log into the server and execute commands. This is not a problem with FTPS since this is purely a file transfer protocol and not a remote console protocol.

 

Upgrading

FTPS is a straight-forward extension to an existing FTP infrastructure. It is supported by most commercial servers and many open-source servers (e.g. wu-ftpd and proftpd), so enabling FTPS on a server is usually just a matter of adding a few configuration options. There is no need to run additional servers since FTPS servers invariably also support FTP. There is also no need to open additional ports in firewalls since FTPS uses the same ports as FTP. It is important to note that data-transfer problems can sometimes arise when changing from FTP to FTPS - see "Firewalls" section below.

 

Certificates

SFTP uses keys rather than certificates. This means that it can't take advantage of the "chains of trust" paradigm facilitated through Certificate Authorities. This paradigm makes it possible for two entities to establish a trust relationship without directly exchanging security information, which is important for some applications. FTPS uses certificates and therefore can take advantage of this paradigm. SFTP clients must install keys on the server.

 

Firewalls

SFTP often works better through some firewalls since it does not rely on multiple connections like FTP does. FTP and FTPS both use a control channel to send commands, and a new data connection for each file transfer. While the control channel is usually easily connected, it is common to experience firewall-related problems when connecting data-channels. This is particularly so in FTPS where the FTP-specific features of most firewalls are ineffective due to encryption. Since SFTP relies on a single network connection, it does not suffer from these problems.

 

What is the difference between SSL and TLS?

Not much.

SSL is short for Secure Sockets Layer, and is a protocol designed and implemented by Netscape. Version 3.0 of SSL was used as the basis for the Transport Layer Security (TLS) standard, version 1.0 (defined in RFC 2246, The TLS Protocol Version 1.0). The differences between SSL 3.0 and TLS 1.0 are not substantial, but the two protocols do not interoperate. TLS does, however, support a mechanism to back down to SSL 3.0. edtFTPj/PRO supports TLS 1.0. We generally use the term "SSL" interchangeably with "TLS", as SSL is more commonly known.

 

Does IIS support FTPS?

No, Microsoft's Internet Information Server (IIS) does not currently support SFTP or FTPS, but our completely FTP server, CompleteFTP, supports FTPS.

 

Can edtFTPj/PRO be used with Perl?

Yes, edtFTPj/PRO can be easily called from Perl by means of the INLINE::JAVA module.