Saturday, December 12, 2015

Why AdroitLogic AS2 Gateway/Station

Why AS2?

There are two popular specifications published for business to business communication over a network.

1. File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files from one host to another host over TCP based network such as internet.

2. Application Statement 2 (AS2) is a specification about how to transport data securely and reliably over the internet.

If we are going to compare the above two protocols we have to consider the following key factors to ensure which one works best in this domain.

The first factor that I'm going to compare is security. It is really important to transfer the enterprise data securely from one endpoint to another. The plain FTP protocol does not support security but the enhanced versions of FTP commonly known as SFTP (Secure File Transfer Protocol) does. By using the SFTP protocol you can secure your business data by encrypting the complete communication channel and through that channel you can send and receive your business data without worrying about securing the data itself. But adding this additional security for plain FTP will increase the cost. On the other hand AS2 protocol support security by securing the data itself rather than securing the transport channel. To do that AS2 supports encryption of data for the security, signing the data for validation and hashing process to ensure data has not been changed while transferring. Also if you want additional security you can encrypt the data transfer channel with SSL on top of payload encryption.

The second factor I'm going to discuss here is non-repudiation. That is ability to ensure the authenticity of the senders signature on the data at the receivers end. Unfortunately FTP any related protocol doesn't support any kind of non-repudiation ensuring mechanism. AS2 protocol uses the idea of digital certificates to ensure messages are securely transported to the intended business partner.

In the B2B communication another important feature required is to get to know whether messages got where they were intended to and at that receivers end message got successfully decrypted and verified. FTP partially support this by replying the number of bytes received at the receivers end to the sender but there is no guarantee to ensure whether the data got processed and verified without an issue. But AS2 uses the idea of Message Disposition Note commonly known as the MDN file which contains all the details about processing at the receivers end. That file will be replied back to the original sender.

The final factor I'm going to discuss here is the cost of using these two protocols for your B2B communication. FTP is very popular so setting up a FTP gateway can be done very quickly and the administrative overhead of the gateway will be very low. That will increase only by adding additional features mentioned in the above sections. On the other hand AS2 B2B communication will require specific software and technical expertise, that means the cost of a AS2 gateway will be very high compared to FTP gateway.

Why AdroitLogic AS2 Gateway/ Station?

From the above section you will understand the AS2 protocol is way better than FTP protocol for your B2B communication. The only issue regarding AS2 is the cost to set up and the technical expertise that you require to maintain and manage the service. So we at adroitlogic provides you with a perfect solution. If you are a small scale businessman who can't afford AS2, you can register at our hosted AS2Gateway service at which is completely free of charge to use. There are some limitations enforced on number of messages that you can send and receive for a month but you can try it out for free of charge.

The solution that we recommend for enterprise grade customers is hosted at where we guarantee 24x7 up time and many other additional features. You can find the difference here at our pricing page To guide you on how to use these portals there are many guides published. I recommend the white paper submitted in our company web page and this blog post.

Other than these two solutions now we provide a onsite deploy-able AS2 Station solution for the enterprise B2B communication with extra features like file polling from the file system. For this solution we'll provide development support and after deployment 24x7 production support.

So I'll be back soon with the new introducing features of our solution. Thank you!

Sunday, September 13, 2015

ACL (Access Control List) is one of the functionalities that is not widely used among Apache zookeeper users. But zookeeper provides a powerful API which makes it really easier for the users to add security to clustering environments. Zookeeper ACL is a similar idea to Linux File Systems Access Control Lists. After starting the zookeeper server by running zkCli commands it is possible to view and setup ACLs for data directories.

To view data in a directory:
        get <path-to-directory>
To view ACL of the directory:
        getAcl <path-to-directory>
To authenticate a user:
        addauth <scheme> <username>:<password>
Following are the built in schemes of Apache Zookeeper: {quoting from Apache Zookeeper Docs.}

* world: has a single id, anyone, that represents anyone.
* auth: doesn't use any id, represents any authenticated user.
* digest: uses a username:password string to generate MD5 hash which is then used as an ACL ID identity. Authentication is done by sending the username:password in clear text. When used in the ACL the expression will be the username:base64 encoded SHA1 password digest.
* host: uses the client host name as an ACL ID identity. The ACL expression is a hostname suffix. For example, the ACL expression matches the ids and, but not
* ip: uses the client host IP as an ACL ID identity. The ACL expression is of the form addr/bits where the most significant bits of addr are matched against the most significant bits of the client host IP.

To set an ACL:
        setAcl <path-to-directory> <scheme>:<username>:<password>:<permission>
Following are the declared permissions of Apache Zookeeper: {quoting from Apache Zookeeper Docs.}

* CREATE: you can create a child node
* READ: you can get data from a node and list its children.
* WRITE: you can set data for a node
* DELETE: you can delete a child node
* ADMIN: you can set permissions

Ex: scheme - digest; path to directory - /zookeeper/temp; username - user; password - pwd;
addauth digest user:pass
setAcl /zookeeper/temp auth:user:pwd:crw

You can also use the Java API provided by Apache ZooKeeper to implement this ACL within your code. I'll write a blog post soon to guide you on how to do that.

Friday, May 8, 2015

IntelliJ IDEA: How to restore default settings [Ubuntu]

Recently my IDE started to act weird. There were issues like I can't use the key board short cuts (ie: can't use at least to keys at once). So the IDE did almost act like the vi editor ;)

Anyhow I did solve this issue by restoring default IDE UI settings.

You can easily do it by deleting the current configurations by running the following commands.

rm ~/.IntelliJIdeaXX/config        (lets you reconfigure user-specific settings.)
rm ~/.IntelliJIdeaXX/system        (lets you reconfigure IntelliJ IDEA data caches.)