Solved: trying a sftp connection via java callout

pratyush_mohapa · 01-22-2018 07:15 AM

Hi,

I'm trying to execute a java callout to connect to a sftp server. I'm using com.jcraft.jsch.JSch jar for connecting to the server. I did some trial and error and found that the callout is failing as i'm initializing the obect JSch jsch = new JSch();

There are no logs that i can provide here. Sample code that i have used is below:

JSch jsch = new JSch();

String knownHostsFilename = "/home/username/.ssh/known_hosts";
jsch.setKnownHosts( knownHostsFilename );

Session session = jsch.getSession( "remote-username", "remote-host" );    
{
  // "interactive" version
  // can selectively update specified known_hosts file 
  // need to implement UserInfo interface
  // MyUserInfo is a swing implementation provided in 
  //  examples/Sftp.java in the JSch dist
  UserInfo ui = new MyUserInfo();
  session.setUserInfo(ui);

  // OR non-interactive version. Relies in host key being in known-hosts file
  session.setPassword( "remote-password" );
}

session.connect();

Channel channel = session.openChannel( "sftp" );
channel.connect();

ChannelSftp sftpChannel = (ChannelSftp) channel;

sftpChannel.get("remote-file", "local-file" );
// OR
InputStream in = sftpChannel.get( "remote-file" );
  // process inputstream as needed

sftpChannel.exit();
session.disconnect();

DChiesa

It's possible that constructor is doing something that Apigee Edge prohibits. If so your code would see a permissions exception and you'd be able to catch it and set a context variable containing the stack trace.

To avoid the limitation, I suggest doing the FTP bit in something like nodejs. Is that feasible?

View solution in original post

DChiesa

It's possible that constructor is doing something that Apigee Edge prohibits. If so your code would see a permissions exception and you'd be able to catch it and set a context variable containing the stack trace.

To avoid the limitation, I suggest doing the FTP bit in something like nodejs. Is that feasible?

henryhpan

Saluting Dino from Denver,

The security policy demand for SFTP, so would you please advice another work around? Is there more recent file transfer protocol better than SFTP?

Thanks in advance

Henry Pan (HP)

henry.h.pan@accenture.com

dchiesa1

I don't know of a workaround that allows Apigee to connect to an SFTP endpoint. I've never done that and I don't suppose the Java callout is the right mechanism for doing it. Perhaps a better option would be to build an app that can do that bridging? Hosted Targets (uses nodejs) might be an option. You would need to build that yourself. (maybe starting here)

Or in some other way, expose the thing that is being served via an HTTPS endpoint. Maybe Google Cloud Storage, for example, and use a signedurl for security.

Or build an App Engine app that is implemented in Java and does the SFTP thing.

That's what I would try. a Java callout will not be the right place to implement an SFTP client.

nithyabalusamy

As it fails in the line JSch jsch =new JSch(), try importing the required jsch jar in resources/scripts section in your proxy/environment/organisation. If you have required jar already in place, then click on the small rectangle shape icon 'Error' right after your javacallout policy in trace, to understand the root cause

henryhpan

Saluting Dino again for your sound advice.

Cheers

HP