You can control the authentication to a TCP/IP application server with the TCP/IP Application Server Logon exit point. This exit point allows FTP server access based on the originating session's address. It also allows you to specify an initial working directory that is different from those that are in the user profile.
When you add an exit program to the exit point,
the FTP server calls the logon exit program each time a user attempts to log on. The exit program sets the return code output parameter to indicate whether the FTP server will continue the logon operation. Alternate return code settings are available for processing the logon, and initializing directory information.
Notes:
- There can be only one exit program registered for the FTP server logon exit point. You must decide which of the three exit point formats you want to use.
- For the FTP application, this exit point provides the capability to implement anonymous FTP, including the information required to log and control access.
- For all character parameters in exit point formats TCPL0100 and TCPL0200,
and all character parameters without an associated CCSID in exit point format TCPL0200: Character data passed to the exit program is in the CCSID of the job. If the job CCSID is 65535, the character data is in the default CCSID of the job. Any character data that is returned by the exit program in these parameters is expected to be in this same CCSID.
Server logon exit program for anonymous FTP
For anonymous FTP, write the FTP server logon program to perform the following functions:
- Accept logons from user ID ANONYMOUS.
- Request an e-mail address as a password. It is customary to require a valid e-mail address for the password. The valid e-mail address is misleading because the exit program only verifies if there is an @ symbol in the middle of a string of alphanumeric characters. This is why it is important to log the user's IP address.
- Check for the @ symbol in the password string.
- Force ANONYMOUS users to your public access library only. See return code 3 of parameter 8 for TCPL0200 Format).
What your program should include:
- Exception handling
- Debugging
- Logging
- Log the IP address and e-mail address (sent as a password) of the FTP requester.
Is there an exit program timeout feature?
There is no time-out for FTP exit programs. If the exit program has an error or exception that it cannot handle, the FTP server will abort the session.
QTCP needs authority
When the application calls the FTP server logon exit program, the FTP server job is running under the QTCP user profile.
Make sure that QTCP has sufficient authority to access and write to any log files or other satellite files associated with the exit programs.
Example programs
Example programs are available to help you set up anonymous FTP on your system. These examples are for illustration purposes. They do not contain enough features to run on a production machine as is. You can use these examples as a starting point to build your own programs. By copying portions of the code from the examples,
you can add them to programs that you write yourself. It is suggested that you run the example programs on a system other than your production system.
- Example: FTP Server Logon exit program in CL code
This is an example of a simple File Transfer Protocol (FTP) Server Logon exit program. It is written in control language (CL).
- Example: FTP server logon exit program in C code
This is an example of a simple File Transfer Protocol (FTP) Server Logon exit program. It is written in C programming language.
- Example: FTP server logon exit program in ILE RPG code
This is an example of a simple File Transfer Protocol (FTP) Server Logon exit program. It is written in ILE RPG.
- TCPL0100 exit point format
The exit point for File Transfer Protocol (FTP) Server Logon is QIBM_QTMF_SVR_LOGON. The exit point for Remote Execution Protocol (REXEC) Server Logon is QIBM_QTMX_SVR_LOGON. TCPL0100 is one of the interfaces that controls the parameter format for these exit points. This topic discusses the parameters of the TCPL0100 exit point format.
- TCPL0200 exit point format
The exit point for File Transfer Protocol (FTP) Server Logon is QIBM_QTMF_SVR_LOGON. TCPL0200 is one of the interfaces that controls the parameter format for these exit points. This topic discusses the parameters of the TCPL0200 exit point format.
- TCPL0300 exit point format
The exit point for File Transfer Protocol (FTP) Server Logon is QIBM_QTMF_SVR_LOGON. The exit point for Remote Execution Protocol (REXEC) Server Logon is QIBM_QTMX_SVR_LOGON. TCPL0300 is one of the interfaces that controls the parameter format for these exit points. This topic discusses the parameters of the TCPL0300 exit point format.
Parent topic:
File Transfer Protocol exit programs
Related concepts
Controlling File Transfer Protocol access Managing access using File Transfer Protocol exit programs Configuring anonymous File Transfer Protocol Determining problems with File Transfer Protocol