FTP file from remote server to client

Report · Apr 15, 2010

What is the recommended way to trigger a file download to a user's web browser that lives on a remote (to the CF server) FTP hosted site?

I've looked high and low and can find hardly anything on this topic. The download file is not to made public so I can't just put it into the anonymous account workspace and cflocation to it. This file must come from a restricted access account with username and password required. I do not want to do a CFFTP getfile and then CFFILE read as that is a two-hop transfer doubling the download time. In that case I may as well serve up the file from the web server. The whole point of serving the file from an FTP server is the faster transfer time and offloading our web server. Also note that the download file is huge... >1GB.

I've heard something about using CFFTP and then CFCONTENT but that sounds like a two-hop approach again. If not please provide example of how this would be done.

Another approach may be to use CFFTP to access the FTP server, create an alias (is this even possible with CFFTP?) link that points to the file in another workspace, provide the link to this temp alias that triggers the download, then remove the alias link when done or using a scheduled task. If you know how CFFTP can do these kind of operations let me know how.

If you know how to accomplish what I'm trying to do, please enlighten me.

Thanks!

Report · Apr 16, 2010

If authentication is required in order to get the file then this must be done by the user's browser, so I'm not sure if this is possible without, as you say, some kind of double-hop approach.

What are you using for FTP software? Is there any scope for using CF to create the user their own username and password and delete it later on? I know software like Gene6 just uses text files for its user config, so it would be very easily to generate someone their own unique username and password, then just redirect their browser to the ftp link. Doing any kind of proxying through your web page would defeat the object and land you with a big ol' bandwidth bill.

O.

Report · Apr 16, 2010

Cffile is for file operations within the Coldfusion server, or for file uploads from the client to the Coldfusion server. It therefore isn't needed here.

In any case, I fail to see the two-hop action you describe. If the destination server has FTP server software, then cfftp alone is sufficient to transfer the file. Coldfusion then plays the role of FTP client. If you wish to transfer the file from your Coldfusion server to the client's browser, then cfcontent is sufficient.

I can see your point about sparing web resources. Both cfftp and cfcontent will keep Coldfusion busy. Then, why not just install an FTP server at your end, equipped with authentication. (FileZilla -- FTP client or FTP server -- is free, and great software!)From what I understand, your client already has FTP client software. If not, he can easily install it. And, voilà.

Report · Apr 16, 2010

What is the recommended way to trigger a file download to a user's web browser that lives on a remote (to the CF server) FTP hosted site?
I've looked high and low and can find hardly anything on this topic. The download file is not to made public so I can't just put it into the anonymous account workspace and cflocation to it. This file must come from a restricted access account with username and password required. I do not want to do a CFFTP getfile and then CFFILE read as that is a two-hop transfer doubling the download time. In that case I may as well serve up the file from the web server. The whole point of serving the file from an FTP server is the faster transfer time and offloading our web server. Also note that the download file is huge... >1GB.

This is not possible. You cannot use the CF server to open the FTP connection, but then get the FTP server to send the file to the client. How could this possibly work? Even if you could say to the FTP server "look, I know it's me asking for the file, but can you please send it to this other IP address" (which you can't), how is the client's PC supposed to deal with a barrage of (unsolicited, by them ~) data suddenly coming at them from an FTP server?

If the CF server is marshalling the request for the file from the client, and the authentication to and fetching of the file from the FTP server, then the file is going to have to be FTPed down to the CF server and then HTTPed down to the client.

About the only way I can think of doing this is to check out something like Zeus' ZXTM product (or another vendor's similar offering) to see if the traffic manager can deflect incoming FTP requests from your FTP domain to the actual FTP domain, but rather than require the client to provide authentication details, see if ZXTM can make the connection behind the scenes. Now I dunno if this sort of thing is possible, but it might be worth looking at.

But CF cannot do it.

--

Adam

Report · Apr 16, 2010

Although you can buy a heck of a lot of bandwidth for the cost of a ZXTM

General agreement seems to be that it's just not possible - would the extra bandwidth from the server be a prohibitive factor? Because by far the simplest solution will be to just get the users to download the file from your webserver.

O.

Report · Apr 16, 2010

You want to use the FTP server's bandwidth, but don't want the user to make

a direct connection with the ftp server to download the file?

I fail to see why you don't just use <a href ftp://user

@password:url/path/to/your/file>

Report · Apr 16, 2010

I fail to see why you don't just use <a href ftp://user
@password:url/path/to/your/file>

Other than the fact you're advocating exposing a password in clear text, you mean?

--

Adam

Report · Apr 16, 2010

Thanks all for your responses! Very interesting discussion.

To clarify my intent, the flow is:

User visits our site
User clicks link for a large download file
Various authentication steps presented
User accepts click-thru license displayed which (from their perspective) transparently prompt them for where to save the file on their system.

On the backend of this flow...

The file actually lives on a remote hosted FTP site
Authentication is required so others can casually browse to and find the file (if placed in anonymous account)
Ideally don't want to pass user/password in the clear as this provides the key to the storage shed

From your responses, it appears

I can't use CFFTP to direct the download anywhere but our website server
CFFile is for local server operations
CFFTP combined with CFCONTENT can be done but is a two-hop solution only (correct me if there's another way using the variable param) This defeats the point of having a fast FTP server serving up the huge file.
I could use the ftp://user@pass link approach and while that hides the link up front, a right-click on the FF Download monitor as well as other means are available to determine what that link is.
I could use our local server but this burdens down our web site.

If I missed something let me know.

At this point I'm trying to think of a creative way to get around these limitations...such as present the link then remove it upon download completion. However I'm not aware of a way to detect when file download completes.

Does anyone have any creative ideas on this?

Report · Apr 16, 2010

@cameron

I assumed it would be an anonymous account or a throwaway account.

@cfcoder

I see... Here's another suggestion, but requires your FTP server to support

ODBC user/group (http://en.wikipedia.org/wiki/List_of_FTP_server_software --

see Serv-U FTP Server) - from the feature description I think it is able to

connect to a database table of usernames/password and authenticate an FTP

session. That opens up a lot ofpossibilities!

What you might be able to do is expire/activate a user account based on the

authentication outcome in step 3 of your flow, and then present them them

with the FTP download link. You would then expire this account after x

hours, where the user would have either completed the download or if they

haven't, would need to authenticate through your webpage to re-activate

their ftp account to resume the download.

Report · Apr 16, 2010

cfcoder2 wrote:
To clarify my intent, the flow is:
User visits our site
User clicks link for a large download file
Various authentication steps presented
On the backend of this flow...
The file actually lives on a remote hosted FTP site
Authentication is required so others can casually browse to and find the file (if placed in anonymous account)

There are 3 machines: The FTP server where the file resides, the Coldfusion server where your site resides and the client where the user is at.

* User visits your site
* Site presents various authentication steps to user
* Upon successful authentication, site gives user instructtions on downloading and installing the FileZilla FTP client on his machine. Site also gives him the URL, username and password of the FTP server.

Remember your title, "FTP file from remote server to client". The Coldfusion site shouldn't stand in the way.

Adobe Community

FTP file from remote server to client