Introduction
At my current project incoming data files, located at a third party FTP server, have to be read using SFTP.
Despite of several blog posts and the FTP Adapter documentation of Oracle, it took us a full day to get a working SFTP configuration. I use this blogpost to document this for myself in case I have to do it again, and for others who need to do (about) the same.
Prerequisite
First of all start with ensuring that no firewall is blocking traffic from the weblogic server to the FTP server using the specified SFTP port (default this is 22). On a linux (or unix) server you can verify this by opening a command prompt on the weblogic server (eg. with Putty) and use command “ssh “.
SFTP Configuration
Two configuration steps are required now:
A. Create a private and public key file
B. Add a FTP Adapter Outbound Configuration for SFTP
A. Create a private and public key file (linux/unix):
- Log in with a command prompt as the oracle user (the user under which weblogic runs) on the weblogic server
- Navigate to the .ssh directory under the user home directory:
- Generate a public and private key with ssh-keygen (and accept defaults): (4 x Enter).
Two files are created: id_rsa and id_rsa.pub - Add the public key to the ‘autorized keys’:
In a production environment these files should be write protected (even for the oracle account itself).
B. Add a FTP Adapter Outbound Configuration for SFTP:
- Log in with admin privileges on the weblogic console
- Click on “Deployments” (second item in menu on left side of page)
- Search in the list of deployments for the “FtpAdapter” (you may have to navigate to the next page with “Next”) and click on its name (it’s a link): (hint: Customize this table -> Number of rows 100 -> Apply)
- Select tab “Configuration” and its subtab “Outbound Connection Pools”
- Expand “javax.resource.cci.ConnectionFactory” by clicking on the + icon :
- We’re going the make configuration changes, so create a session with button “Lock & Edit” (upper top left of screen)
- De button “New” is enabled. Click on it.
- Select the only option “javax.resource.cci.ConnectionFactory” and click “Next”
- Enter a descent JNDI name, e.g. eis/Ftp/TimeCardsSftp (Be precise! This name is used in the software to connect)
- Click on “Finish”
- Expand “javax.resource.cci.ConnectionFactory” again
- Click on the outbound connection you’ve just created, e.g. on eis/Ftp/TimeCardsSftp.
We’re going the change some properties.
Attention! The UI is a little awkward. Be sure to use the ENTER button after changing a property otherwise the change will not be saved! Unfortunately this causes the UI to navigate back to the first property page 🙁
Property adjustments (different from default values):
<host name or ip address of ftp server>
<password of ftp account>
<path to private key file> e.g.
<username of ftp account>
(below this post you can find screenprints of all the properties) - Now press button “Save” to store these settings in the deployment plan of the FtpAdapter.
(The first you’re asked in which file these settings has to be saved. My advise is to rename Plan.xml to a more descriptive name, e.g. FtpAdapterPlan.xml) - The FtpAdapter has to be redeployed with these new settings. Go back to the list of “Deployments”.
(second item in menu on left side or use the ‘breadcrumbs’ in top of page) - Do NOT click on the FtpAdapter, but select it!
- Click on button “Update” (on top or button of list)
- Accept the already chosen option “Redeploy this application using the following deployment files” and click on button “Finish”
- Finally you have to activate these changes by clicking on button “Release Configuration” (upper left top of page)
Resources
- https://docs.oracle.com/cd/E23943_01/integration.1111/e10231/adptr_file.htm#TKADP411
- http://hcgupta.blogspot.nl/2013/03/configuring-ftp-adapter-in-soa-11g-for.html
Screenprints of all properties set
(values for host, username and password have been made unreadable)
Hey,Ithink you’re doing here an authentification with password. So no need for generating public and private key.
Thanks very much, it was of great help
Hi Emiel,
Is it possible without creating private and public key file?
I mean we will just do a protocol switch by setting the parameter useSftp = true.
Will this work?
We could see that we could write but not read.We were wondering why.
Any lead will help!
TIA.
Rgds,
Deb
Nice work emiel.