1. Getting Started

1.1 Before starting; 1.2 Start the FTP Server; 1.3 Configure the Server; 1.4 User Management; 1.5 Start Server when Operating System Starts

2. Understanding and Using Main Interface

2.1 Configuring the Server; 2.2 Certificate Generation; 2.3 Users Management; 2.4 IP Restrictor; 2.5 Messages; 2.6 Connections; 2.7 Spy; 2.8 File; 2.9 Directories; 2.10 Log; 2.11 Statistics;

3. Manual Configuration

3.1 Server Configuration; 3.2 User Management;


Getting Started

CrossFTP Server is a user-friendly, professional FTP Server for multiple platforms. It offers a high-performance, easy configurable, and most of all a secure FTP server. It provides a versatile GUI for the novice users' start-up, and the advanced users' configuration as well.

For Beginner:

- The server beginner's guide is a good place to start our new FTP service.

For Expert:

- Users who want to fully utilize the more advanced FTP features in CrossFTP Server, read the followings.

1.1 Before starting

  1. If you are planning to use the secure FTP function, i.e. encrypted FTP sessions using SSL/TLS, you must generate your own certificate. (See Certificate Generation)
  2. Please do NOT use the <userhome> or its parent directory as the Root directory due to security considerations. (See Root Directory)

1.2 Start the FTP Server

On the main window, press the Start Server button to start the server, and press the Stop Server button to stop the server. If FAILURE happens on server start, please ensure the specified server port is not used by other programs, and you have enough privilage to bind the port. Many systems (e.g., Linux) forbid normal user's binding on low-numbered ports by default. If so, you can switch the default port 21 to a high-number, e.g., 8021

1.3 Configure the Server

When the server is stopped, you can configure the server by pressing button on the main frame. You can setup the server's host, port, security, etc. on this panel.

Check section 2.1 for more details.

1.4 User Management

After the server starts, click on the "Users" item on the left panel, and you will see the user management panel.

  1. Add User: Click button to create a new user account. The default password of the user is the same as the user name. Please change the password after you created the user account.
  2. Change Password: Fill in the Password and Retype Password text field by your new password. Check the Set Pasword check box, and press the button to save the changes.
  3. Set the Root Directory: Fill in the Root Directory by your FTP default directory. Do NOT use the <userhome> or its parent directory as the Root directory due to security considerations. (See Root Directory)

1.5 Start Server when Operating System Starts

If you want the FTP starts automatically after you start the operating system, you can do the following configuration to make it. You can

1, either install CrossFTP Server as a system service,

2, or you can ask the system to run CrossFTP Server after you login

If you are a Windows User:

If you are a Linux/Mac/Unix/Solaris User:

1.5.1 Start CrossFTP Server Aas a System Service

Please check this service page for reference.

1.5.2 Start CrossFTP Server After login

Click the Start Automatically after System Login check box on the main Panel.

1.5.3 Start the server after you login the system

For Mac Users, just choose Open at Login on the Dock icon.

For other users, please configure the session login command to allow CrossFTP server's start. Click the Start Automatically after System Login check box on the main Panel. It will show you the command line to be added to your system's session manager.

Take Gnome as an example, the session manager can be find by [Start] -> [System] -> [Preferences] -> [Sessions]. Click the Start up Programs tab, and add the following command line in it:

javaws -Xnosplash -offline http://crossftp.googlepages.com/crossftpserver.jnlp

2. Understanding and Using Main Interface

2.1 Configuring the Server

When the server is stopped, you can configure the server by pressing button on the main frame. The service configure dialog contains two tabs: the general panel and the security panel. The general panel sets up the general options for the server. The security panel deals with the security (SSL/TLS transfers) aspect of the server.

Confirm the server option changes and close the config dialog.

Cancel the changes, and close the dialog.

Close the config dialog and shows the expert dialog. The expert dialog shows the location of your configuration file, and expert can manually modify this file directly for advanced features. Press Yes to go to the online manual.

2.1.1 General Panel

This panel sets up the general options for the server. Here we list these options one by one:

  • Host - It is the IP address or the domain name that identifies your FTP Server. The IP address is a set of 4 small numbers separated by dots that uniquely identify your computer on the network. Unless you know exactly what IP address you want to use for your FTP server the best answer here is to leave the entry unchanged/blank. This will make CrossFTP Server use whatever IP address(es) is/are available on your PC.
  • Port - It is a special number, typically used to map the network connection to a particular process running on a computer. It has a range of (1-65535) reserved by the sending or receiving application. The default FTP port is 21.
  • Max Login - Maximum simultaneous logins (0 means no limit). The default value is 10.
  • Max Connection - Maximum simultaneous connections (0 means no limit). The default value is 20.
  • Idle Time (sec) - Default idle time in seconds. It is used to close idle data connection and non-logged-in connections. The default value is 60.
  • Idle Timeout (sec) - Polling interval in seconds to disconnect idle users. The default value is 60.

2.1.2 Security Panel

This panel contains the options setting for security related aspect for FTP transfer (SSL/TLS). Secure Sockets Layer ( SSL ) and Transport Layer Security ( TLS ), its successor, are cryptographic protocols which provide secure communications on the Internet for things like FTP.

  • Security - The security type used by the server. The choices are between regular, unencrypted FTP and secure-FTP through the use of SSL/TLS. You need to create your own certificate before using Security features!
    1. Regular FTP only, no SSL/TLS sessions - This is the default, and also the only option if your server is not enabled to use SSL/TLS.
    2. Allow SSL/TLS and regular FTP sessions - This option is also called explicit secure-FTP. The domain will allow regular FTP sessions without encryption as well as encrypted FTP sessions using SSL/TLS. The FTP client determines if it wants the session to be encrypted or not by sending the AUTH SSL / AUTH TLS command to the server to switch to using SSL/TLS.
    3. Allow only SSL/TLS sessions - This option is also called implicit secure-FTP. The domain accepts encrypted FTP sessions only, through the use of SSL/TLS. As soon as the client connects to the server, it will use encryption protocal, and regular FTP sessions are not accepted.
  • Security Protocol - The cryptographic protocols used in the secure FTP transfer. SSL and TLS, its successor, are possible choices.
  • Keystore - This the file to store the certificate file. The default keystore type is JKS (Java keystore), and the default keystore algorithm is SunX509. You need to create your own certificate before using Security features.
  • Keystore password - The password for the Keystore. It is the password you inputted when generating the keystore.

2.1.3 Logging panel

This panel defines the file logging options for the CrossFTP Server. The file logging options are defined in the configuration file <userhome>/.crossftpserver/serverlogging.properties.

  • Enable File Logging - Enable/Disable the file logging system for CrossFTP Server.
  • Log File - The file logging system will write the log to this file. The default value is %h/.crossftpserver/server%u.log. You can use JDK1.4 logger's pattern to define this log file. This pattern consists of a string that includes the following special components that will be replaced at runtime:
    • "/" the local pathname separator
    • "%t" the system temporary directory
    • "%h" the value of the "user.home" system property
    • "%g" the generation number to distinguish rotated logs
    • "%u" a unique number to resolve conflicts
    • "%%" translates to a single percent sign "%"
  • Log Level - specifies the default level for the file logging system. The logs who have lower level than this will not appear in the log file. The levels in descending order are:
    • SEVERE (highest level)
    • WARNING
    • INFO
    • CONFIG
    • FINE
    • FINER
    • FINEST (lowest level)
  • Log File Count - specifies how many output log files to cycle through.
  • Size Limit - specifies an approximate maximum amount to write (in bytes) to any one log file. If this is zero, then there is no limit.

2.1.4 Advanced

  • PASV Port Range - specifies the port range for the PASV command. This allows the router to foward the incoming request for the PASV.
  • External PASV IP Address - specifies the IP address or a domain name for the PASV's displayed IP address. This is useful when the server is behind a router, and its IP viewing by external users is different from IP viewing by internal. In this case, external IP address should be sett to allow external users to access the server.
  • Directory List Encoding - specifies the charactor encoding for the directory LIST. The listed directory content will transferred to the client using this specified encoding.
  • Bonjour (ZeroConf) Service - specifies whether the Bonjour (ZeroConf) service should be enabled when the service is started. Bonjour (ZeroConf) service is a service discovery protocol, which helps the clients to find server's IP address and service type automatically.

2.2 Certificate Generation

You can either use command line keystore tool, or GUI keystore tool to gerenate the certificate Java keystore (JKS).

  • GUI keystore tool

Go to http://portecle.sourceforge.net/ and download the portecle GUI keystore tool. Create a new JKS type keystore in this tool, and then generate a keypair in this keystore. Save it and remember your password. That's it.

  • Command line keystore tool

Please go to your JAVA_HOME\bin, and execute the following command. The capitalized words are the parameters you need to change.

keytool -genkey -validity YOUR_CERTIFICATE_VALID_DAYS -keystore YOUR_CERTICIATE_FILE_NAME -keyalg rsa -alias YOUR_ALIAS -storepass YOUR_PASSWORD -keypass YOUR_PASSWORD

For example, if you want to create a new certificate, which will expire in 100 days, the certificate file name is cert, alias is bob, the password is mary, then you can create this certificate by following command:

keytool -genkey -validity 100 -keystore cert -keyalg rsa -alias bob -storepass mary -keypass mary

2.3 Users Management

This panel controls the users account used in the CrossFTP Server. It shows all the users defined in the current FTP domain. You can add or delete the user acccount, update the account configuration, or reload the account configuration file from the disk.

Save the modified changes for the selected user's account.

Add a new user account for the FTP Server, and the default user's password is the same as the user account name.

Delete the selected user's account.

It should be used only for Experts. If you modified the user configuration file, you can reload the users' account definition by this.

Here we list the user account's configuration areas:

  • Name - The account name of the user.
  • Pasword - The password of the user account. If you have no idea what password to use, you can user the button to create a safe password.
  • Retype Password - Type the password again.
  • Set password - If you want to save the new password, please toggle this check box and press the Save button.
  • Root directory - It is where the login users stayed at on FTP server. For security considerations, please do NOT use the <userhome> or its parent directory as the Root directory, since this will leak important configuration files located at <userhome>/.crossftpserver/. Normally you can create a sepcific FTP_ROOT directory under your <userhome> directory as your FTP Root direcotry.
    • On windows, the <userhome> directory normally points to "c:\Documents and Settings\USER_NAME", where USRE_NAME is your system's login name.
    • On Linux/Mac, the <userhome> direcotory points to "\home\USER_NAME", where USER_NAME is your system's login name.
    • If you are not sure which directory is your <userhome>, open the server config dialog, click the button, it will show the program's main configuration file as <userhome>/.crossftpserver/xxx.property
  • Enabled - Whether the user account is enabled or not in the FTP server. FTP users can login enabled user accounts only.
  • Write Permission - Whether the selected user account can upload/create/remove the files/directories on the FTP. Check this item only for the users who should upload/create/remove the files/directories.
  • Max. Login Number - The maximum login number allowed for this user account. Zero or less means no limit.
  • Max. Login from Same IP - The maximum login number allowed from the same IP address when using this user account. Zero or less means no limit.
  • Max. Idle Time (seconds) - The maximum idle time in seconds. Zero or less idle time means no limit.
  • Max. Upload (bytes/sec) - The maximum user upload rate in bytes/sec. Zero or less means no limit.
  • Max. Download (bytes/sec) - The maximum user download rate in bytes/sec. Zero or less means no limit.

2.4 IP Restrictor

This panel allows you to restrict access to your CrossFTP Server by IP address.

Add an IP restrict rule at the end of the rule list.

Insert an IP restrictor rule in front of the selected rule item.

Remove the selected IP restrict rule.

Move up the selcted IP restrict rule.

Move down the selcted IP restrict rule.

Save the changes made on the IP restrict rules.

Reload the IP restrict rules from the configuration file. This is for expert only.

You can edit the IP address' pattern in the rule by click on the rule body and do the modification. Click on the "permit" checkbox to specify the rule as a "permit" or "unpermit". IP addresses can be specified with wild cards. The following special characters may be used.

  • * : A star functions as a wildcard for checking the IP address. Any name or number will match that section of the rule if it is a star.
  • ? : The question mark '?' character functions as a wildcard for a single character.
  • [-] : The hyphen '-' character functions as a range in an IP address.

The order of the rules is important. When a client contacts the server, the rules are evaluated from top to bottom in the list of rules. The first matching rule applies and evaluation is stopped. If there is no match, the client is allowed to access the server.

2.5 Messages

This panel shows the CrossFTP's return messages for the FTP client. Click the message list, and the message content will be shown on the right panel. You can choose and specify the message language. The default is the English messages. Press Save to save the modifications. Reload will load the messages definition from the message configuration file.

Dynamic Values

Dynamic values can be embedded in the server message replies. User can specify different variables in message strings. Variables are represented by {variable} in the string.

Variable Name Description
server.ip Server IP address.
server.port Server port.
client.ip Client IP address.
client.con.time Client connection time. The date format is yyyy-MM-dd'T'HH:mm:ss (ISO8601).
client.login.time Client login time. The date format is yyyy-MM-dd'T'HH:mm:ss (ISO8601).
client.login.name User login name. If the user has not passed the login name, it will be null.
client.access.time Client last access time. The date format is yyyy-MM-ddTHH:mm:ss (ISO8601).
client.home User home directory.
client.dir User current directory.
request.line User request line.
request.cmd User FTP command.
request.arg User request argument. If there is no argument it will be null.
stat.start.time Server start time. The date format is yyyy-MM-ddTHH:mm:ss (ISO8601).
stat.con.total Total number of connections after server startup.
stat.con.curr Current connection number.
stat.login.total Total number of logins after server startup.
stat.login.curr Current login number.
stat.login.anon.total Total number of anonymous logins after server startup.
stat.login.anon.curr Current anonymous login number.
stat.file.upload.count Total number of files uploaded.
stat.file.upload.bytes Total number of bytes uploaded.
stat.file.download.count Total number of files downloaded
stat.file.download.bytes Total number of bytes downloaded
stat.file.delete.count Total number of files deleted.
stat.dir.create.count Total number of directories created.
stat.dir.delete.count Total number of directories removed.
output.code FTP Server 3 digit reply code.
output.msg Basic core message which has to be available in the message.

 

2.6 Connections

This panel shows the current user connections on the server. You can disconnect the selected connection, or spy on the selected connection.

2.7 Spy

This panel displays the spying connection's issued FTP commands.

2.8 File

This panel displays the uploaded/downloaded/deleted files of the CrossFTP server. Press button to reset the information.

2.9 Directories

This panel shows the created/removed directories of the CrossFTP server. Press button to reset the information.

2.10 Log

CrossFTP Server uses Commons Logging throughout to allow the developer to choose a logging configuration that suits their needs, e.g java.util.logging or Log4J. All the log messages are displayed in this CrossFTP server panel as well. The default loggin level is INFO.

2.11 Statistics

CrossFTP Server shows the collected statistics on this panel, for instance, the Server's start time, total logins, current connections, current logins, and so on. Press reload button to refresh the statistics information.

3. Manual Configuration

3.1 Server Configuration

The default CrossFTP server configuration file is located at <userhome>/.crossftpserver/. This section explains the FTP Server configuration parameters. The more detailed description is available here.

Configuration Parameter Description
config.socket-factory.class The socket factory class
  • org.apache.ftpserver.socketfactory.FtpSocketFactory : Plain socket - supports explicit SSL/TLS connection (AUTH SSL/TLS)
  • org.apache.ftpserver.socketfactory.SSLFtpSocketFactory : implicit SSL/TLS socket
config.socket-factory.address FTP server address
config.socket-factory.port FTP server port
config.socket-factory.ssl.keystore-file Keystore file location. The default path is <userhome>/.crossftpserver/.keystore
config.socket-factory.ssl.keystore-password Keystore password. The default value is password.
config.socket-factory.ssl.keystore-type Keystore type. The default value is JKS.
config.socket-factory.ssl.keystore-algorithm Keystore algorithm. The default value is SunX509.
config.socket-factory.ssl.ssl-protocol SSL protocol. The default value is TLS.
config.socket-factory.ssl.client-authentication Client authentication. The default value is false.
config.socket-factory.ssl.key-password Key password. The default value is password.
config.data-connection.idle-time Maximum data connection idle time in second. 0 means no limit. The default value is 10.
config.data-connection.active.enable PORT data connection enabled. The default value is true.
config.data-connection.active.local-address The localhost address used when local port specified in active data transfer.
config.data-connection.active.local-port The local port to be used during active data transfer. According to the specifications, it should be 20. The default value is 0. It means that any free port will be used.
config.data-connection.active.ip-check Check the PORT IP with the client IP. The default value is false.
config.data-connection.passive.address FTP passive (PASV) address The default value is localhost.
config.data-connection.passive.ports Allowed passive ports (comma separated). 0 means any free port. The default value is 0.
config.data-connection.ssl.keystore-file Keystore file location. The default value is <userhome>/.crossftpserver/.keystore
config.data-connection.ssl.keystore-password Keystore password. The default value is password.
config.data-connection.ssl.keystore-type Keystore type. The default value is JKS.
config.data-connection.ssl.keystore-algorithm Keystore algorithm. The default value is SunX509.
config.data-connection.ssl.ssl-protocol SSL protocol. The default value is TLS.
config.data-connection.ssl.client-authentication Need client authentication? The default value is false.
config.data-connection.ssl.key-password Key password. The default value is password.
config.create-default-user Flag to indicate whether the standard users (admin and anonymous) will be created by default if not found. The admin user password will be same as admin user name. The default value is false.
config.message.class org.apache.ftpserver.message.MessageResourceImpl
config.message.custom-message-dir The directory where user defined custom FTP server replies will be stored. The default value is <userhome>./crossftpserver
config.message.languages Comma separated values of all the languages supported. The default value is null.
config.connection-manager.max-connection Maximum simultaneous connections (0 means no limit). The default value is 20.
config.connection-manager.max-login Maximum simultaneous logins (0 means no limit). The default value is 10.
config.connection-manager.anonymous-login-enabled Flag to indicate annonymous login support. By default the server allows anonymous connections. That is the default value is true.
config.connection-manager.max-anonymous-login Maximum anonymous simultaneous logins (0 means no limit). Should be less than or equal to the maximum number of simultaneous logins. It will not be used if the sever does not allow anonymous login. The default value is 10.
config.connection-manager.default-idle-time Default idle time in seconds. It is used to close idle data connection and non-logged-in connections. The default value is 60.
config.connection-manager.timeout-poll-interval Polling interval in seconds to disconnect idle users. The default value is 60.
config.command-factory.command.command-name Command name and fully qualified command implementation class name mapping. The default implementations are already set in the server. You can overwrite or add your own command implementations.
config.ip-restrictor.class IP restrictor implementation - org.apache.ftpserver.iprestrictor.FileIpRestrictor
config.ip-restrictor.file The file where IP restriction information will be stored. The default is <userhome>/.crossftpserver/ip.gen
config.user-manager.class The user manager implementation class.
  • org.apache.ftpserver.usermanager.PropertiesUserManager - Properties file based defaul user manager class.
  • org.apache.ftpserver.usermanager.DbUserManager - Database based user manager class.
  • org.apache.ftpserver.usermanager.LdapUserManager - Ldap based user manager class.
config.user-manager.admin FTP server administrator name. It is used in properties, database and LDAP based user managers. The default value is admin.
config.user-manager.prop-file The properies file location - used in properties file based user manager. The default value is <userhome>/.crossftpserver/user.gen
config.user-manager.prop-password-encrypt Flag to indicate whether the encrypted password will be stored in the properties file. It is used in properties file based user manager. The default value is true.
config.user-manager.jdbc-driver JDBC driver class name - used in database based user manager.
config.user-manager.jdbc-url JDBC URL used in database based user manager.
config.user-manager.jdbc-user Database user used in database based user manager. The default value is null.
config.user-manager.jdbc-password Database password - used in database based user manager. The default is null.
config.user-manager.sql-user-insert SQL INSERT statement used to add a new user. All the dynamic values will be replaced during runtime. Sample query: INSERT INTO FTP_USER (uid, userpassword, homedirectory, enableflag, writepermission, idletime, uploadrate, downloadrate) VALUES ('{uid}', '{userpassword}', '{homedirectory}', '{enableflag}', '{writepermission}', {idletime}, {uploadrate}, {downloadrate})
config.user-manager.sql-user-update SQL UPDATE statement used to update an existing user. All the dynamic values will be replaced during runtime. Sample query: UPDATE FTP_USER SET userpassword='{userpassword}', homedirectory='{homedirectory}', enableflag='{enableflag}', writepermission='{writepermission}', idletime={idletime}, uploadrate={uploadrate}, downloadrate={downloadrate} WHERE uid='{uid}'
config.user-manager.sql-user-delete SQL DELETE statement used to delete an existing user. All the dynamic values will be replaced during runtime. Sample query: DELETE FROM FTP_USER WHERE uid = '{uid}'
config.user-manager.sql-user-select SQL SELECT statement used to select an existing user. All the dynamic values will be replaced during runtime. Sample query: SELECT uid, userpassword, homedirectory, enableflag, writepermission, idletime, uploadrate, downloadrate FROM FTP_USER WHERE uid = '{uid}'
config.user-manager.sql-user-all SQL SELECT statement used to select all user ids. All the dynamic values will be replaced during runtime. Sample query: SELECT uid FROM FTP_USER ORDER BY uid
config.user-manager.sql-user-authenticate SQL SELECT statement used to authenticate user. All the dynamic values will be replaced during runtime. Sample query: SELECT uid FROM FTP_USER WHERE uid='{uid}' AND userpassword='{userpassword}'
config.user-manager.sql-user-admin SQL SELECT statement used to find whether an user is admin or not. All the dynamic values will be replaced during runtime. Sample query: SELECT uid FROM FTP_USER WHERE uid='{uid}' AND uid='admin'
config.user-manager.ldap-url LDAP URL (eg. ldap://localhost:389)
config.user-manager.ldap-admin-dn LDAP administrator (eg. cn=Directory Manager)
config.user-manager.ldap-admin-password LDAP administrator password
config.user-manager.ldap-authentication LDAP server authentication type. The default value is simple.
config.user-manager.ldap-user-base-dn LDAP server root where all users are stored (eg. ou=people,o=yoursite.com).
config.file-system-manager.class File system manager implementation class - org.apache.ftpserver.filesystem.NativeFileSystemManager
config.file-system-manager.create-home Flag to indicate whether user home directory will be created if not exists.
config.ftplets Comma separated ftplet names.
config.ftplet. name .class For each ftplet there must be one configuration parameter. This is ftplet implementation class.
config.ftplet. name.param Each ftplet can have its own configuration parameters.

 

3.2 User Management

The default user management uses the user property file to store all the user information. For the more detailed description, please refer to this.

Parameter Description
uid user account identity.
userpassword password of the user account.
homedirectory home directory.
enableflag whether the user account is enabled.
writepermission whether the user account has the write permission.
maxloginnumber maximum login number allowed for this user account. Zero or less idle time means no limit.
maxloginperip maximum login number allowed from the same IP address when using this user account. Zero or less idle time means no limit.
idletime maximum idle time in seconds. Zero or less idle time means no limit.
uploadrate maximum user upload rate in bytes/sec. Zero or less means no limit.
downloadrate maximum user download rate in bytes/sec. Zero or less means no limit.

Property file's configuration parameters:

Configuration Parameter Description
config.user-manager.class org.apache.ftpserver.usermanager.propertiesUserManager
config.user-manager.admin Admin user name. The default value is admin.
config.user-manager.prop-file The properties file location. The default value is <userhome>/.crossftpserver/user.gen
config.user-manager.prop-password-encrypt It indicates whether the password will be stored in encrypted for or not. The default value is true.

RDBMS Support :

Configuration Parameter Description
config.user-manager.class org.apache.ftpserver.usermanager.DbUserManager
config.user-manager.admin FTP server administrator name. The default value is true.
config.user-manager.jdbc-driver JDBC driver class name.
config.user-manager.jdbc-url JDBC URL
config.user-manager.jdbc-user Database user. The default value is null.
config.user-manager.jdbc-password Database password. The default value is null.
config.user-manager.sql-user-insert SQL INSERT statement used to add a new user. All the dynamic values will be replaced during runtime. Sample query: INSERT INTO FTP_USER (uid, userpassword, homedirectory, enableflag, writepermission, idletime, uploadrate, downloadrate) VALUES ('{uid}', '{userpassword}', '{homedirectory}', '{enableflag}', '{writepermission}', {idletime}, {uploadrate}, {downloadrate})
config.user-manager.sql-user-update SQL UPDATE statement used to update an existing user. All the dynamic values will be replaced during runtime. Sample query: UPDATE FTP_USER SET userpassword='{userpassword}', homedirectory='{homedirectory}', enableflag='{enableflag}', writepermission='{writepermission}', idletime={idletime}, uploadrate={uploadrate}, downloadrate={downloadrate} WHERE uid='{uid}'
config.user-manager.sql-user-delete SQL DELETE statement used to delete an existing user. All the dynamic values will be replaced during runtime. Sample query: DELETE FROM FTP_USER WHERE uid = '{uid}'
config.user-manager.sql-user-select SQL SELECT statement used to select an existing user. All the dynamic values will be replaced during runtime. Sample query: SELECT uid, userpassword, homedirectory, enableflag, writepermission, idletime, uploadrate, downloadrate FROM FTP_USER WHERE uid = '{uid}'
config.user-manager.sql-user-all SQL SELECT statement used to select all user ids. All the dynamic values will be replaced during runtime. Sample query: SELECT uid FROM FTP_USER ORDER BY uid
config.user-manager.sql-user-authenticate SQL SELECT statement used to authenticate user. All the dynamic values will be replaced during runtime. Sample query: SELECT uid FROM FTP_USER WHERE uid='{uid}' AND userpassword='{userpassword}'
config.user-manager.sql-user-admin SQL SELECT statement used to find whether an user is admin or not. All the dynamic values will be replaced during runtime. Sample query: SELECT uid FROM FTP_USER WHERE uid='{uid}' AND WHERE uid='admin'

LDAP support:

Configuration Parameter Description
config.user-manager.class org.apache.ftpserver.usermanager.LdapUserManager
config.user-manager.admin FTP server administrator name. This is not LDAP administrator. It is the FTP server administrator. The default value is admin.
config.user-manager.ldap-url LDAP URL (eg. ldap://localhost:389)
config.user-manager.ldap-admin-dn LDAP administrator (eg. cn=Directory Manager)
config.user-manager.ldap-admin-password LDAP administrator password
config.user-manager.ldap-authentication LDAP server authentication type. The default value is simple.
config.user-manager.ldap-user-base-dn LDAP server root where all users are stored (eg. ou=people,o=yoursite.com).