File/FTP, JDBC, JMS, and Mail Adapters

The common feature of adapters in this section is that the external protocol provides a quite generic data store, from which the data is read and transformed into an XI message on the inbound side, and to which the data contained in an XI message is written on the outbound side.

The data stores and access protocols for the particular adapters are as follows:

File

FTP

JDBC

JMS

Mail

Data store

NFS file system

FTP server

JDBC database

JMS queuing system

Mail server

Access protocol

Specific to operating system or file system.

May use operating system functions to secure access.

FTP/FTPS

Secure FTP (FTPS) should be used if possible.

Specific to JDBC database provider.

Access should be secured if supported by the provider.

Specific to JMS queuing system provider.

Access should be secured if supported by the provider.

IMAP4, POP3, SMTP.

All protocols should be secured with SSL.

S/MIME and user authentication are supported.

The FTP adapter is the variant of the File adapter in which the transport protocol of the corresponding channel of type File is set to FTP.

The connection to the data store is always established from the Adapter Engine; read and write access are both required for the inbound and outbound side. The user who actually reads from or writes to the data store can either be defined in the adapter-specific sender or receiver channels or be an anonymous technical user under which the J2EE engine process of the Adapter Engine is running.

If possible, the connection between the JMS server and the adapter should also be encrypted, if this is supported by the JMS client library. This depends on the messaging provider and the client library used and is not part of this documentation.

From a security perspective, only necessary authorizations should be given to these users (least privilege principle).

The following table summarizes the access data for the data store of both the sender inbound side and the receiver outbound side.

Access Data for Data Store

File

FTP

JDBC

JMS

Mail

User on inbound side

J2EE engine process user

Configured in File (FTP) sender channel

Configured in JDBC sender channel

Configured in JMS sender channel

Configured in mail sender channel

User authority on data store

Read and write access to configured file/directory

Read and write access to configured file/directory

Read and write access to configured database tables

Read and write access to configured queues

imap4 or pop3 access rights for reading and deleting messages in the configured folder

User on outbound side

J2EE engine process user

Configured in File (FTP) receiver channel

Configured in JDBC receiver channel

Configured in JMS receiver channel

Configured in mail receiver channel

User authority on outbound side

Read and write access to configured file/directory

Read and write access to configured file/directory

Read and write access to configured database tables

Read and write access to configured queues

smtp or imap4 access rights for sending messages (smtp) or storing messages in the configured folder (imap4)