EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Safe download features in SFTP and FTPS components

Automated transfers utilizing popular file transfer protocols such as SFTP and FTPS prove to be an efficient and robust method of exchanging information of various kinds between business parties. The majority of the information exchanged in business environments today is generated and processed by automatic engines. Still, as every other engine is subject to its own specifics, certain tuning might be needed to make the things work as expected. Further in this article we will discuss the advantages of the safe download features provided by BizCrypto transport components.

Safe download functionality addresses various server-side conflicts that might prevent client-side BizCrypto components from downloading the information correctly. The general technique behind the scheme is renaming of the files before and/or after the download to ensure that the download is not affected by some other automated engine that might wish to access the files during the transfer.

Safe download mode is configured via the following two properties:

Safe Download Mode

Specifies the connection stage when the files are to be renamed. Supported values: None, Before Get, After Get and Before And After Get.

Safe Download Name

(optional) Specifies a name to assign to renamed files. If empty, the default <original-name>.<pseudo-random GUID-like identifier> name is used.

Before Get. When working in this mode, the component renames files before downloading them. Every particular file is renamed individually right before it is downloaded. The goal of the Before Get mode is to “hide” a file from other remote users while it is being downloaded.

Imagine that a remote file is periodically updated by a third-party automated tool. In general case, the tool doesn't know that a BizCrypto component is downloading the file, and can update it while the download is still in progress. This might lead to unpredicted consequences and result in corrupted file on the client side.

If After Get mode is used, the files are renamed after they have been downloaded. Each file is renamed individually right after the download completes. The After Get mode allows to “hide” a file from subsequent processing by the same client.

Many servers do not allow clients to delete files. Due to this clients often face a problem where they can't establish whether a particular file has already been downloaded during preceding sessions with the server. One of the possible solutions would be using the After Get mode to rename files after the download so that new names would not match the mask any more. On the subsequent session the files that have already been downloaded won't be considered by the component as their names won't match the mask.

Before And After Get is a combined mode which forces files to be renamed both before and after the transfer. Every file is renamed individually. The files are renamed only for a period during which they are transferred and are assigned back with original names after the download completes. This mode might be useful if the files have to be “hidden” from third-parties only for the period of transfer.

The Safe Download Name property can be used to customize names into which the files are renamed. If this property is left empty, new names of <original name>.<pseudo-random GUID-like identifier> form are given to the files (e.g. a documents.zip file will be renamed to something like documents.zip.{1249EA49-FAF5-43E5-A325-5B8CE42E3FD2}). You can also specify your own template for new names. Starting from build 9.1.215, Safe Download Name accepts macros in BizTalk edition (see the corresponding how-to article) and in SQL Server edition you can use variables. For instance, by setting Safe Download Name to %SourceFileName%.tmp you will make the component rename a documents.zip file to documents.zip.tmp before or after the transfer.

Safe download mode is a powerful mechanism of bypassing server-side conflicts when downloading files that can potentially be accessed by third parties. Still, if the capabilities provided by the out-of-the-box safe download features do not fit your particular environment, you might also consider looking at another BizCrypto feature allowing the user to supply custom protocol commands to the server (see the corresponding how-to article), which provides higher level of flexibility through a slightly more sophisticated design.

Return to the list

|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!