如何使用 Camel FTP 处理“主机尝试数据连接 xxxx 与服务器 yyyy 不同”错误?
[英]How to handle "Host attempting data connection x.x.x.x is not the same as server y.y.y.y" error with Camel FTP?
问题描述
I'm trying to send a file to a third party ftp server (hosted by Amazon it would appear) with a Camel FTP Producer, and am having an issue where I am getting Writing File failed with: File operation failed... Host attempting data connection xxxx is not the same as server yyyy which I've not seen before.
我正在尝试使用 Camel FTP Producer 将文件发送到第三方 ftp 服务器(由 Amazon 托管,它会出现),并且遇到了一个问题,我正在Writing File failed with: File operation failed... Host attempting data connection xxxx is not the same as server yyyy我以前从未见过的Writing File failed with: File operation failed... Host attempting data connection xxxx is not the same as server yyyy 。
The producer is configured to be in passive mode, and according to the logs at TRACE level, this is enabled.生产者被配置为被动模式,根据TRACE级别的日志,这是启用的。 (Although the error message sounds like it would relate more to an active mode issue) (虽然错误消息听起来更像是与活动模式问题有关)
The yyyy IP address is one of those listed by nslookup for the target domain, so that bit makes sense. yyyy IP 地址是 nslookup 为目标域列出的 IP 地址之一,因此该位是有意义的。 However, the xxxx IP relates to a different Amazon hosting server, and so I presume some sort of hand-off or load-balancing has been performed, and the FTP client doesn't like that.但是, xxxx IP 与不同的 Amazon 托管服务器有关,因此我假设已经执行了某种切换或负载平衡,而 FTP 客户端不喜欢那样。
Is there some way of configuring Camel FTP to allow this (I'm presuming this is a security feature), or should passive mode allow this anyway?是否有某种方法可以配置 Camel FTP 以允许这样做(我假设这是一个安全功能),还是被动模式应该允许这样做?
I have no influence with the ftp server provider, so unfortunately I can't change anything but my client options.我对 ftp 服务器提供商没有影响,所以很遗憾,除了我的客户端选项之外,我无法更改任何内容。
Thanks for looking!感谢您的关注!
1 个解决方案
解决方案1
6 已采纳 2019-08-23 10:10:46
After some digging, and grepping the source code for Apache Commons FTP, the message in question is caused by a validation in the client which checks that the passive mode connection is the same as the initial server connection.在对 Apache Commons FTP 的源代码进行一些挖掘和 grep 之后,有问题的消息是由客户端中的验证引起的,该验证检查被动模式连接是否与初始服务器连接相同。
Given that this appears to be a load-balanced system, the passive mode data connection is a different IP from the target IP, and this fails the validation.鉴于这似乎是一个负载平衡系统,被动模式数据连接是与目标 IP 不同的 IP,因此验证失败。
It can be fixed using Camel FTP by creating a specific instance of the FTPClient and setting remove verification off.可以使用 Camel FTP 通过创建 FTPClient 的特定实例并将删除验证设置为关闭来修复它。
FTPClient ftp = new FTPClient();
ftp.setRemoteVerificationEnabled(false);
registry.put("FTPClient", ftp);
and then referencing this object in the URI for FTP然后在 FTP 的 URI 中引用此对象
ftp://user@host:21/path?password=xxxx&passiveMode=true&tempPrefix=part.&ftpClient=#FTPClient
Clearly, by disabling this remote verification test you are making yourself more vulnerable to the FTP data being redirected or intercepted and your data being sent somewhere you didn't intend, but I guess if you're worried about that you wouldn't be using still be using unencrypted FTP in the first place.显然,通过禁用此远程验证测试,您会使自己更容易受到被重定向或拦截的 FTP 数据以及您的数据被发送到您不想要的地方的影响,但我想如果您担心自己不会使用首先仍然使用未加密的FTP。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.