Introduction:
This is a SFTP Viewer/Editor built in UI5 – I named it, VORTEX.
Why did I think that we need something like VORTEX?
I have witnessed first hand how teams download open source tools like fileZilla and WINSCP ( which by the way despite all their open source goodness have been branded as unsafe by some organization for internal use.) to explore file servers, view or edit files.
These could be Integration developers who try to access the file servers for troubleshooting or these could be functionals who would like to view the files for auditing purpose or verification or for any other reason.
Now coming to the Why!
1) It’s not okay to share credentials – sometimes common credentials with team members only for them to store it locally in the FileZilla or WinSCP repo. This introduces unacceptable risk!
2) There is no logging so as to who tried to access which file or edited what?
3) Sometimes people leave the organization but they still have your remote SFTP server cred right? Again a risk!
4) There is no trail of any kind to track unauthorized changes to a file.
5) If the team members access these SFTP servers for example from their own desktop what about the firewall? Do you request a specific firewall rule just so that a team member can access the file server from their local desktop?
6) Private Keys! Some sftp servers need a private key for authentication, like bank SFTP servers. How do you connect to them if you have to from your desktop? Do you ask for the private key from the security team? (Don’t request that now, there is high chance they wont share it. They are private for a reason.)
7) Some third party SFTP servers are only accessible from whitelisted IP’s, for example you may have multiple connections from SAP CI to such SFTP servers and SAP CI / CF IP’s have been whitelisted by the third party.
If you have multiple SFTP servers to connect to , credential management is a nightmare and because of multiple reasons above it’s sometimes not possible to have a holistic centralized and controlled access.
Solution:
This is where VORTEX comes in. I wanted to learn UI5 but couldn’t find anything interesting that would drive me to learn it. Then I got this idea about VORTEX. I thought why not. And here we are 1 week later.
VORTEX is a tool build using SAP BAS, UI5, which connects with SAP CI using my state of the art custom API’s which leverage Connectivity service for accessing cloud connector, data stores, JSCH sessions, leveraging existing virtual host on your cloud connector.
The architecture is pretty neat, I will add a diagram later but the app in SAP BTP CF , connects to SAP CI via a destination and SAP CI custom code does the rest.
Here is how it looks…
VORTEX will display all your SAP Integration Suite IFLOWS, and then allows you to pull SFTP connection details from these iflows, all at once , or selectively.
VORTEX then shows you the available connections with the relevant info
Connections blank at first
Scanning
After I do the “Scan All” We can see the pulled connections.
Now you will see “Unique” connections here, I have a algorithm in place to determine the uniqueness of connections. If you have new iflows , you can just again come back to this tool and scan the new flows selectively or scan everything again. This wont edit / remove existing connections but will just add new connections in the list.
Now comes the interesting part!! Hmmm.. what If I need to connect to a SFTP server which doesn’t have a filow in SAP CI??
Okay…You ask too much! Fine…. Just add a new connection manually!
VORTEX allows you to add new connections, Edit connections and Delete connections. (Delete button is on the extreme right)
Result!
VORTEX will now allow you to make the connection to this SFTP server through SAP CI! But there is a condition, the credential or the private key should be already there in SAP CI Secure store / keystore for VORTEX to use. This guarantees that users DO NOT have access to any secure material.
Now comes the Fun part……..Let’s Connect!
Notice that connect column with a play button? That’s what we use to connect to a particular connection!
And now we are connected! You can see all the files and folders and they have different icons depending on their type.
The navigation bar on top is full functionals, allows you to go back and forth between folders, delete folders and shows you the path too. since we are on root it shows “/”
Lets open a File? Okay
You can now see the file in a text editor that allows you to edit / save / view the file, nothing more.
If its a pdf file it opens in UI5 PDF Viewer.
The salient Feature?
It connects to all 6 SFTP Connection types, Internet – Basic auth, Internet – Cert Auth, Cloud connector – Basic auth, Cloud connector – Cert auth, Internet – Dual and Internet – Cert auth
Everything is logged and tracked and logs can be seen in a log viewer utility. This logs each action from logging in , to reading a file content, to editing it, deleting it etc.
So….. Let me know what do you think. I am happy given this was my first UI5 product. Also The UI5 is just the tip of the iceberg. The real deal lies in the custom code I have built in SAP CI which enables this to work seamlessly and allows any I mean ANY thing even postman to read, edit files or do anything on the file servers.
Introduction:This is a SFTP Viewer/Editor built in UI5 – I named it, VORTEX.Why did I think that we need something like VORTEX? I have witnessed first hand how teams download open source tools like fileZilla and WINSCP ( which by the way despite all their open source goodness have been branded as unsafe by some organization for internal use.) to explore file servers, view or edit files.These could be Integration developers who try to access the file servers for troubleshooting or these could be functionals who would like to view the files for auditing purpose or verification or for any other reason.Now coming to the Why!1) It’s not okay to share credentials – sometimes common credentials with team members only for them to store it locally in the FileZilla or WinSCP repo. This introduces unacceptable risk!2) There is no logging so as to who tried to access which file or edited what?3) Sometimes people leave the organization but they still have your remote SFTP server cred right? Again a risk!4) There is no trail of any kind to track unauthorized changes to a file.5) If the team members access these SFTP servers for example from their own desktop what about the firewall? Do you request a specific firewall rule just so that a team member can access the file server from their local desktop?6) Private Keys! Some sftp servers need a private key for authentication, like bank SFTP servers. How do you connect to them if you have to from your desktop? Do you ask for the private key from the security team? (Don’t request that now, there is high chance they wont share it. They are private for a reason.)7) Some third party SFTP servers are only accessible from whitelisted IP’s, for example you may have multiple connections from SAP CI to such SFTP servers and SAP CI / CF IP’s have been whitelisted by the third party.If you have multiple SFTP servers to connect to , credential management is a nightmare and because of multiple reasons above it’s sometimes not possible to have a holistic centralized and controlled access. Solution: This is where VORTEX comes in. I wanted to learn UI5 but couldn’t find anything interesting that would drive me to learn it. Then I got this idea about VORTEX. I thought why not. And here we are 1 week later.VORTEX is a tool build using SAP BAS, UI5, which connects with SAP CI using my state of the art custom API’s which leverage Connectivity service for accessing cloud connector, data stores, JSCH sessions, leveraging existing virtual host on your cloud connector.The architecture is pretty neat, I will add a diagram later but the app in SAP BTP CF , connects to SAP CI via a destination and SAP CI custom code does the rest.Here is how it looks…VORTEX will display all your SAP Integration Suite IFLOWS, and then allows you to pull SFTP connection details from these iflows, all at once , or selectively.VORTEX then shows you the available connections with the relevant infoConnections blank at first Scanning After I do the “Scan All” We can see the pulled connections. Now you will see “Unique” connections here, I have a algorithm in place to determine the uniqueness of connections. If you have new iflows , you can just again come back to this tool and scan the new flows selectively or scan everything again. This wont edit / remove existing connections but will just add new connections in the list.Now comes the interesting part!! Hmmm.. what If I need to connect to a SFTP server which doesn’t have a filow in SAP CI??Okay…You ask too much! Fine…. Just add a new connection manually!VORTEX allows you to add new connections, Edit connections and Delete connections. (Delete button is on the extreme right) Result! VORTEX will now allow you to make the connection to this SFTP server through SAP CI! But there is a condition, the credential or the private key should be already there in SAP CI Secure store / keystore for VORTEX to use. This guarantees that users DO NOT have access to any secure material.Now comes the Fun part……..Let’s Connect!Notice that connect column with a play button? That’s what we use to connect to a particular connection!And now we are connected! You can see all the files and folders and they have different icons depending on their type. The navigation bar on top is full functionals, allows you to go back and forth between folders, delete folders and shows you the path too. since we are on root it shows “/”Lets open a File? OkayYou can now see the file in a text editor that allows you to edit / save / view the file, nothing more.If its a pdf file it opens in UI5 PDF Viewer. The salient Feature?It connects to all 6 SFTP Connection types, Internet – Basic auth, Internet – Cert Auth, Cloud connector – Basic auth, Cloud connector – Cert auth, Internet – Dual and Internet – Cert authEverything is logged and tracked and logs can be seen in a log viewer utility. This logs each action from logging in , to reading a file content, to editing it, deleting it etc.So….. Let me know what do you think. I am happy given this was my first UI5 product. Also The UI5 is just the tip of the iceberg. The real deal lies in the custom code I have built in SAP CI which enables this to work seamlessly and allows any I mean ANY thing even postman to read, edit files or do anything on the file servers. Read More Technology Blog Posts by Members articles
#SAP
#SAPTechnologyblog
