In this blog, we'll take a look at how to leverage the Apache Commons Net library to build an FTP client running in Azure Spring App and interacts with an external FTP server.
During the set up, I encountered several SSL connections issues for different reasons. So, I would also like to discuss how to troubleshoot SSL connection issue and useful tools we could leverage.
Step 1: Create a simple Spring Web application with FTPClient or FTPSClient SDK
1. create the project
import org.apache.commons.net.ftp.FTPClient;
import org.apache.commons.net.ftp.FTPSClient;
import org.apache.commons.net.ftp.FTPFile;
public static void main(String[] args){
FTPClient client = new FTPClient();
FTPClient client = new FTPSClient();
try{
int reply;
client.connect("FTP_server_hostname");
System.out.print(client.getReplyString());
reply = client.getReplyCode();
if(reply==0) {
client.disconnect();
System.err.println("FTP server refused connection.");
System.exit(1);
}
else{
System.out.println("===============================Successfully Connected to FTP server ===============================");
}
client.login("username", "password");
String reply2 = client.getStatus();
if(reply==0) {
client.disconnect();
System.err.println("FTP server login failed.");
System.exit(1);
}
else{
System.out.println("===============================Successfully login to FTP server ===============================");
}
//list all available files
client.enterLocalPassiveMode();
client.changeWorkingDirectory("/path");
FTPFile[] files = client.listFiles();
System.out.println("===============================Available files on FTP server ===============================");
for (FTPFile file : files) {
System.out.println(file.getName());
}
}catch (Exception ex){
ex.printStackTrace();
}
}
}
2. Build the project using Maven:
mvn clean package
3. Run the project locally:
java -jar target\ftpclient-0.0.1-SNAPSHOT.jar
4. Below is the output. I tried to connect another Azure App Service via FTPs.
Step 2: Deploy the FTP client to your Azure Spring App
Assume you already have your Azure Spring App service created. If you do not have any Azure Spring Cloud instance created, please create one according to https://docs.microsoft.com/en-us/azure/spring-cloud/quickstart?tabs=Azure-CLI&pivots=programming-lan.... Now we are going to deploy the project to Azure Spring App via Azure CLI command line.
1. Make sure you have installed the Azure CLI version 2.38.0 or higher and the Azure Spring Cloud extension with the command:
az extension add--name spring-cloud
2. Login your account
az login
az account set--subscription <Name or ID of a subscription>
3. Deploy the jar file to the app
az spring app deploy --resource-group xx --service xx --name xx --artifact-path target/ftpclient-0.0.1-SNAPSHOT.jar
Step3: Review application logs
-
In the Azure portal, go to your Azure Spring Apps instance.
-
To open the Log Search pane, select Logs.
-
In the Tables search box, enter a simple query:
AppPlatformLogsforSpring
| limit 50
- We get the same output as local. We can see the app is running successfully in Azure Spring App.
Step 4: Troubleshooting
If you encounter any network related issues, you could have a try to use below ways for troubleshooting.
Method1: enable debug logs
Understanding SSL/TLS connection problems can sometimes be difficult, especially when it is not clear what messages are actually being sent and received. At this stage, we could add "-Djavax.net.debug=all" under App -> Configuration -> JVM options.
Once the debug log is enabled, we could see very detailed TLS handshake process in application logs.
For more details, please refer to: https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/ReadDebug.html.
Method2: If there are any network restrictions on outbound traffics, we could follow this blog A Simple Network Connection Test Tool for Azure Spring Cloud - Microsoft Community Hub to build a simple test app for DNS resolution or TCP ping test.
Method3: If there are any SSL certificate related issues, we could connect to the App instance and check all the trusted certificate on server.
- Before connecting to the app instances, you must be granted the RABAC role "Azure Spring Apps Connect Role" in Azure portal.
- Run command "az login".
- Run command "az spring app connect --name xx --resource-group xx --service xx --deployment default --instance xx --shell-cmd /bin/bash" to connect to the App instance.
- Run command "cd /usr/lib/jvm/msopenjdk-11/lib/security", then "keytool -list -keystore ./cacerts" to list all the certificates.
Please kindly note "az spring app connect" is a new command still in preview. We will release more features in November to connect to the interactive shell of an app instance for troubleshooting, please follow us on this website.