The FTP and FTPS protocol server node should be usable by any client with the appropriate client tools. The problem with FTP is that it transmits passwords unencrypted. If the Content Services FTP protocol server were to prompt for and validate the users’ Oracle Internet Directory Single Sign-On passwords, the whole security structure would be blown apart; a malicious user could monitor the network traffic, intercept a user’s username and password as transmitted with an FTP connection request, and then use them to access the user’s complete Oracle Collaboration Suite environment, and indeed any other Single Sign-On–enabled applications.
This is a problem with the FTP protocol. To counter this, before a user can connect to an FTP protocol server, he must create a separate FTP password. It is this password, not his Single Sign-On password that he must provide when using FTP with Content Services. The FTP password is stored within the Oracle Internet Directory and has no other purpose.
The WebDAV protocol, layered on top of HTTP, lets users lock documents when they download them. It is also possible to enable versioning, so that saving the document back to the server will create a new version while retaining the previous version. This functionality is not available with FTP. To use WebDAV, users need an appropriate client.Probably the most commonly used WebDAV-capable client is Windows XP Explorer, through the My Network Places desktop icon.
No comments:
Post a Comment