Skip to main content  
  Easy400   |       iSeries home
Public-Source
 
Introduction
File upload utilities
File download utility
 
Download this tool

 
 
File Upload/Download for iSeries
by Giovanni B. Perotti, Italy  

This public source tool allows to upload / download via HTTP IFS stream files to / from an iSeries server.

1. Updates
2. Installation
2. Running the utilities
4. Protection
5. HTTP access to the uploaded files


1. Updates
  • Updates to this package are documented on this page.
  • To find out the release date of a FUPLOAD package installed on your IBM i, run command FUPLOAD/RELEASED .
2. Installation
Download
Download it from the Easy400 site. Registration is required.
Prerequisites
  1. OS/400 V5R2 or subsequent
  2. Library QHTTPSVR (product 5722DG1)
  3. RPG-ILE compiler (just for the installation)
Installation procedure
  1. unzip the fupload.zip file you have downloaded.
    It contains a readme.txt instructions file and file fupload.savf
  2. crtsavf qgpl/fupload
  3. use FTP to load PC file fupload.savf into save file qgpl/fupload
  4. rstlib fupload *savf savf(qgpl/fupload)
  5. to complete the installation, run the following REXX procedure:
    strrexprc srcmbr(install) srcfile(fupload/qrexsrc)
    This procedures performs the following
    1. compiles modules, creates programs
    2. restores directory /fupload
    3. displays the stream file /fupload/conf/httpd.conf containing the directives for an HTTP instance able to run this tool.
      To install the HTTP instance, run command
      cpyf fromfile(fupload/qatmhinstc) tofile(qusrsys/qatmhinstc)
          frommbr(fuploadapa) tombr(fuploadapa)
          mbropt(*replace) crtfile(*yes)
    4. To start the HTTP instance
      strtcpsvr server(*http) httpsvr(fuploadapa)
3. Running the utilities
  • To run the File Upload utilities, see this page.
  • To run the File Download utility, see this page.

4. Protection

Most likely you will need to protect your file upload / download service, in such a way that only authorized users may access it.
We have already provided for some basic protection, based on the validation list "FUPLOADDT/FUPLOAD".
Should you feel unconfortable with validation lists for protecting sensitive programs, may we recommend that you take a look at a very popular Easy400 delivery: Work with Validation Lists.
Here is how you can easily take advantage of the existing protection set up:

  1. run command
    CHGSYSVAL SYSVAL(QRETSVRSEC) VALUE('1')
  2. create the following user profile:
    crtusrprf usrprf(fupload) inlmnu(*signoff)
        text('To implement file upload protection') aut(*use)
  3. enable HTTP protection directives:
    • uncomment the following HTTP directives in the IFS stream file /fupload/conf/httpd.conf :
      #<Location /fuploadp/*>
      #   AuthType Basic
      #   AuthName FILE_UPLOAD
      #   PasswdFile FUPLOADDT/FUPLOAD
      #   UserID FUPLOAD
      #   Require valid-user
      #</Location>
    • STRTCPSVR SERVER(*HTTP) RESTART(*HTTP) HTTPSVR(FUPLOADAPA)
  4. Validation list FUPLOADDT/FUPLOAD is delivered with a single entry:
    user name: fred
    password: fred
    You may want to take advantage of this to test our basic protection.
  5. use command "fupload/wrkvldle" to maintain the validation list "FUPLOADDT/FUPLOAD":
                         Wrk with a vldl entry (WRKVLDLE)
    
     Type choices, press Enter.
    
     action . . . . . . . . . . . . .                 *ADD, *CHG, *RMV
     user name for logon  . . . . . .                      
     password for logon . . . . . . .                      
     'user full name' . . . . . . . .                                                     
    
     validation list  . . . . . . . .   FUPLOAD       Name
       library  . . . . . . . . . . .     FUPLOADDT   Name, *LIBL, *CURLIB
                        
    This command also maintains database file "FUPLOADDT/USERS" that can be used for a local customized version of an upload program.
  6. If you want to create a customized tool for maintaining authorized users:
    • review ILE-RPG module "wrkvldle"
    • note that program "fupload" retrieves the logged-in user name in variable "UserName".
    • program "fuploadX" can be added a routine to make sure that the logged-in user ("UserName") is authorized to the IFS target directory (variable "ServerDir")

5. HTTP access to the uploaded files
If you want to enable the HTTP access to the uploaded files
(as an example, the files in the IFS directory /sales/2012)
you must:

  1. grant *public authority for the objects, like
    CHGAUT OBJ('/sales') USER(*PUBLIC) DTAAUT(*RX)
    CHGAUT OBJ('/sales/2012') USER(*PUBLIC) DTAAUT(*RX)
    CHGAUT OBJ('/sales/2012/*') USER(*PUBLIC) DTAAUT(*RX)
  2. provide some HTTP directives to the configuration file of the HTTP instance.
    The following example shows how to enable access to the files uploaded to IFS directory
       /sales/2012 :
    Alias /sales/  /sales/
    <Directory /sales>
       Options None     
       order allow,deny 
       allow from all
    </Directory>
    If you also want to restrict the access to the only people authorized to upload PC files, use the following HTTP directives instead:

    Alias /sales/  /sales/
    <Directory /sales>
       AuthType Basic
       AuthName RESTRICTED_MATERIAL
       PasswdFile FUPLOADDT/FUPLOAD
       UserID FUPLOAD
       Require valid-user
    </Directory>

    Contact