Page History

Table of Contents

Authentication methods

The JADE YADE Client provides a number of authentication methods.These are specified in the Fragments branch of the XSD Schema at the end of various ProtocolFragments branches in the schema. This is because the authentication method(s) that can be used as for a connection depend on the protocol used.

Note that any number of ProtocolFragments can be specified within a configuration, allowing a number of authentication methods to be predefined for a particular file transfer operation. The AlternativeFragments element can be used to specify a number of alternative connections and authentication methods for a file transfer profile.

The protocol-dependency of the various authentication methods is integrated into the XSD Schema and explains why authentication methods lie below ProtocolFragments in the XML hierarchy. This integration in the Schema ensures that the only authentication methods that are supported by a protocol can be specified.The authentication methods that are supported are:

• BasicAuthentication:
  • an Account (i.e. user name) is required
  • AND an optional Password
  • BasicAuthentication can be used with the following protocol fragments:
    • FTP FTPFragment and FTPS fragments  FTPSFragment 
    • HTTP HTTPFragment and HTTPS fragments HTTPSFragmentWebDAV fragments
    • WebDAVFragment
  • Note that BasicAuthentication requires that the Passwords are  is stored in the configuration files, bringing a.
  • The Simple File Transfer with Basic Authentication article describes the considerations behind an example with BasicAuthentication. The configuration file for this example is available as a working download.
• SSHAuthenticationSSHAuthentication:
  • an Account (i.e. user name) is required
  • AND either:
    • AuthenticationMethodPassword with a (required) Password
    • OR AuthenticationMethodPublickey
      • with a (required) AuthenticationFile location
      • AND an optional Passphrase that protects the Filefile
  • SSHAuthentication can be used with with the following protocol fragments:
    • SFTPFragment 
    • SFTP fragments 
    jump fragments
    • JumpFragment
  • The File Transfer with SSH authentication article describes the considerations behind an example with SSHAuthentication. The configuration file for this example is available as a working download.
• SMBAuthentication (in conjunction with SMBFragment elements / the SMB protocol and a Hostmane Hostname)
  • an Account (i.e. user name) is required
    
    • AND an optional Domain
    • AND an optional Password
  • SMBAuthentication can only be used with with the SMB protocol fragment.

Specifying Authentication Methods

Authentication methods are specified in the Fragments elements of the XSD Schema at the end of various ProtocolFragments branches in the schema. This is because the authentication method(s) that can be used as for a connection depend on the protocol used. This hierarchy is shown schematically below:

• Fragments
  • ProtocolFragments
    • FTPFragment
      • BasicConnection
      • BasicAuthentication
        • Account
        • Password (optional)
    • FTPSFragment
      • BasicConnection
      • BasicAuthentication
        • Account
        • Password (optional)
    • HTTPFragment
      • etc ...
    • etc ...

The protocol-dependency of the various authentication methods is integrated into the schema and explains why authentication methods lie below ProtocolFragments in the XML hierarchy. This integration in the schema ensures that the only authentication methods that are supported by a protocol can be specified.

Note that any number of ProtocolFragments can be specified within a configuration, allowing a number of authentication methods to be predefined for a particular file transfer operation. The AlternativeFragments element can be used to specify a number of alternative connections and authentication methods for a file transfer profile.

Optional Authentication-Related Elements

Note that the following additional authentication elements can be optionally specified:

Proxies

Proxies can be specified for each connection in the relevant connection fragment. For example, the ProxyForFTP element is specified as a child of the FTPFragment.

Alternative Connections

Alternative protocols and thereby alternative authentication methods can be specified using the AlternativeFragments element.

This element is used to define a series of connections that are tried one after the other in the event of a primary connection not being available.

Strict Host Key Checking

• StrictHostkeyChecking can be specified for some protocol fragments SFTPFragments and JumpFragments to provide maximum security against Trojan horse attacks.

Untrusted Certificates

• AcceptUntrustedCertificate can be used to allow self-signed certificates to be accepted with FTPSFragments, HTTPSFregments and WebDAVFragments.

Authentication using the SOS Credential Store

JADE YADE can use the SOS Credential Store to securely access authentication credentials. StatuscolourYellowtitleADD Link to CS