Managing Virtual Folders

webMethods.io MFT enables you to create a Virtual File System (VFS) to provide an abstract view of resources in your remote server such as FTP and SFTP protocols. This capability enables users and client applications to access a variety of file structures in a uniform way.

Understanding webMethods.io MFT Virtual File System

You can create a VFS by creating one or more virtual folders, which you typically arrange in a file system hierarchy. Although the information in a virtual folder might be stored across remote file systems in your enterprise, it appears as a cohesive data collection in the VFS.

For example, you can create a group of virtual folders to categorize your organization’s sales for various years. At the top level of folders, you can create a group of separate virtual folders, each representing one year of sales. Inside each yearly virtual folder, you can create 12 virtual folders to represent the monthly sales data for that year.

After you create a virtual folder, you can assign users to the folder and specify each user’s access privileges to the folder. When the users log on to webMethods.io MFT, they can view the folders they have access to and resources within those folders.

webMethods.io MFT provides a default virtual folder backed by a cloud storage. You cannot access the location information for the default virtual folder.

A VFS also bridges the differences between file systems on various operating systems so that users and applications can access files without having to know the type of file system they access.

Features in Virtual Folders

This topic provides information about specific features you can use to configure virtual folders in webMethods.io MFT.

Encryption and Decryption Options for a Virtual Folder

You can define specific file-based encryption and decryption PGP keys for a virtual folder. When files are uploaded or downloaded to the virtual folder through the webMethods.io MFT , it encrypts or decrypts the files in the stream. Encrypted files are decrypted only if they are transferred back through webMethods.io MFT using the same key that was used to encrypt them.

The encryption and decryption settings are applicable only when a user connects to the cloud instance and performs an upload or download operation. webMethods.io MFT does not use these keys when the virtual folder is used in an action. If you want to use the encryption and decryption keys in an action, create an encryption or decryption task in the action.

When encryption and decryption keys are configured at multiple levels (user, listener, and virtual folder), webMethods.io MFT enforces the following order of preference:

  1. Users

  2. Virtual folders

  3. Listeners

For example, if user A accesses port 10 and uploads a file in VFS MN, then webMethods.io MFT checks if the encryption or decryption key is available for user A. If no key is available at the user level, then webMethods.io MFT checks for the virtual folder settings for a key. If no key is present at the folder level, then webMethods.io MFT checks the server level settings for the key.

User Permission Propagation for a Folder

webMethods.io MFT propagates user permissions for virtual folders as follows:

webMethods.io MFT allows you to use the following special characters in search strings.

You can either use an asterisk or question mark as wildcard characters, depending on whether you want a broad or narrow search result containing the search strings provided.

For exact keyword searches, place the search string within single quotation marks.

Example: The search string 'abc.txt' returns only abc.txt as the search result.

Adding a Virtual Folder

You can add a virtual folder using the quick add feature. To configure additional settings for the virtual folder, see Configuring Additional Settings for a Virtual Folder.

To create a virtual folder

  1. On the navigation pane, select Virtual folders.

  2. On the Virtual folders page, click .

  3. In the Add virtual folder dialog box, specify the following details:

    Field Description
    Folder name Type a unique name for the virtual folder.
  4. Click Add. The new virtual folder appears in the folders list.

Configuring Additional Settings for a Virtual Folder

You can configure additional settings for a virtual folder.

To configure additional settings

  1. On the navigation pane, select Virtual folders.

  2. On the Virtual folders page, click on the virtual folder for which you want to configure additional settings, and specify the required details:

    Field Description
    Folder name Type a different virtual folder name.
    Partner You can perform one of the following:
    • If you do not want to associate the virtual folder with a partner or your enterprise, select No partner.
    • If you want to associate the virtual folder with your enterprise, then select Enterprise or type a new enterprise name and click Create.

      If you want to associate the virtual folder with a partner:

      1. Select Partner.
      2. Select a partner from the list or type a new partner name.
      3. Click Create.
    Remote path To specify a file path in a remote server, select this option, a protocol (transport mechanism) from the list, and type the file path location. For example, FTP://host:port/DestinationFolder/.
    • Type a User name and Password for the remote server.
    • If you select FTPES, FTPS, or HTTPS protocol, type the certificate alias in the Key alias.
    • For the SFTP protocol, select Two-factor authentication if you want webMethods.io MFT to authenticate the user with both password and private key when establishing a connection with an SFTP server.

      You can configure the preferred cipher from the list of supported cipher in the Preferred cipher field. Additionally, if you want to remove a cipher from the supported cipher list, then you can configure it in the Excluded cipher field.

    • If you want to configure the VFS with Amazon-S3 storage type, then use the following fields:
      Fields Description/Action
      Bucket name Specify the Amazon-S3 bucket name.
      Folder path Specify the folder path for the bucket which you define in the Bucket name.
      Note: If you do not specify the folder path, then the root of the bucket will be considered by default.
      Region name Choose the AWS ( Amazon Web Services ) region from the drop-down list. This is the location where your bucket resides.
      Access key ID Specify the access key id to access the Amazon-S3 bucket.
      Secret cccess key Specify the secret key which corresponds to the Access Key ID that has the access to Amazon-S3 bucket.
      Note: For more information about Amazon-S3 service, refer Amazon documentation.
      Note: For a list of known endpoint specific limitations, see Limitations of webMethods.io MFT.
    • If you want to configure the VFS with Azure storage type, then select the AZURE-FILE or AZURE-BLOB from the drop-down list.
      Note: webMethods.io MFT currently supports only AZURE-FILE shares and AZURE-BLOB containers.
      • To configure the VFS with AZURE-FILE, use the following fields:
        Fields Description/Action
        Authentication type

        Specifies the authentication information that must be sent to the Azure storage type for authorizing the access to specific resources. File shares supports Shared Key and Shared access signature (SAS) authentication type. Choose one of the following ways to provide the authentication information:

        • Shared Key: The shared key type passes a header with each request that is signed using the respective storage account access key. Enter the values for the following fields:
          • Account name: Specify the account name that corresponds to the Azure account for the AZURE-FILE location.
          • Account key: Specify the key which you create at the Azure portal for the corresponding Account name.
        • Shared access signature (SAS): The shared access signature type provides secure delegated access to resources in your storage account without compromising the security of your data.

          Additionally you can control what resources the client may access, what permissions they have on those resources, and how long the SAS is valid, among other parameters.

          • Account name: Specify the account name that corresponds to the Azure account for the AZURE-FILE location.
          • SAS token: The SAS token is a string that you generate in the Azure portal for an account.
        Location Specify the location where the folder for the file shares resides.
      • To configure the VFS with AZURE-BLOB, use the following fields:
        Fields Description
        Authentication type
        Specifies the authentication information that must be sent to the Azure storage for authorizing the access to resources. The AZURE-BLOB supports Shared Key, Shared access signature (SAS), and Anonymous public access authentication types. Choose one of the following ways to provide the authentication information:
        • Shared Key: The shared key type passes a header with each request that is signed using the respective Storage Account Access Key. Enter the values for the following fields:
          • Account name: Specify the account name that corresponds to the Azure account for the blob location.
          • Account key: Specify the key which you create at the Azure portal for the corresponding Account name.
        • Shared access signature (SAS): The shared access signature type provides secure delegated access to resources in your storage account without compromising the security of your data.

          Additionally, you can control what resources the client may access, what permissions they have on those resources, and how long the SAS is valid, among other parameters.

          • Account name: Specify the account name that corresponds to the Azure account for the blob location.
          • SAS token: The SAS token is a string that you generate in the Azure portal for an account.
        • Anonymous public read access: The anonymous public read access type provides you with read access within a publicly accessible container without authorizing the request.
        Storage sub-type The below mentioned are the two types of storage sub-type:
        • Block Blob: It stores the unstructured data such as files, media, images, documents, and so on in blocks.
        • Append Blob: It appends the unstructured data such as files, media, images, documents and so on.
        Location Specify the location where the folder for blob container resides.
        Note: You cannot specify the location for a default VFS.
        Advanced
        Storage size Specifies the size of each part of the file which gets uploaded to the blob container.
        Azure headers
        Add the additional header parameters to set the extra metadata for the blob container. Click to add the Header key and Header value information respectively. The following are the list if supported headers:
        • cacheControl
        • contentType
        • contentEncoding
        • contentLanguage
        • contentDisposition
        Note: For more information on AZURE-FILE shares and AZURE-BLOB containers, refer Azure documentation.
        Note:
      • Sending MKDIR or CWD to a directory with no files results in error.
      • Sending RMD after deleting all files in the directory results in error.
    • Click Test Connection to check the connection to the remote location.
    • Select Connection pool size to limit the number of connections created using a particular VFS. The default value is unlimited, which does not restrict the number of connections created using a particular VFS.
    • Select High availability download recovery if you want webMethods.io MFT to recover from a download that was not completed.
    • Select High availability upload recovery if you want webMethods.io MFT to recover from a upload that was not completed.
    • Select Passive if you want to enable webMethods.io MFT to connect to a remote server using the passive mode. webMethods.io MFT uses the active mode by default. This option is applicable for FTP, FTPS, and FTPES protocols.
    • Select Force CWD to extract directory if the FTP server you are connecting to allows file operations only on the current directory. Enabling this option forces a change to the target directory before executing the file operations.
    Permissions Add a user to the virtual folder and configure the permissions with the User name. The user can now view, download, upload, delete, create folder, delete folder, or rename the folder.
    • If you grant permissions to a parent folder, the user will inherit the same permissions to all the child folders.
    • If you grant permissions to a child folder, the user will be able to traverse through the parent folders.

    Note: You cannot configure the create directory and rename permissions for a default VFS.
    Encryption/Decryption
    File-based encryption Select the public PGP certificate alias in the Public PGP Key alias box.
    Note: When a file is uploaded, it gets encrypted.
    File-based decryption Select the private PGP certificate alias in the Private PGP Key alias box.
    Note: When the same file is downloaded, it gets decrypted.
  3. (Optional) Click to configure pagination for virtual folders, specify the following details, and click Apply:

    • No. of folders to display: Type the number of folders for display in the Virtual folders page.
    • Count folder depth up to: Type the folder depth up to which you want to apply the folder count. The folder depth value is 1 for root folder and 2, 3, and so on for subfolder depths.

    For example, if No. of folders to display is 100 and Count folder depth up to is 3, then each page in the folder frame displays 100 folders with a depth of 1, 2, or 3. All sub folders after depth level 4 appear but not be considered for pagination.

  4. Click Save.

    The virtual folder is updated with the additional settings.

Modifying a Virtual Folder

You can edit the configuration settings of an existing virtual folder.

To modify a virtual folder

  1. On the navigation pane, select Virtual folders.

  2. On the Virtual folders page, click on a virtual folder that you want to edit.

  3. Modify the required configuration settings for the virtual folder.

  4. Click Save.

    The virtual folder is updated with the modified settings.

Searching for Virtual Folders

You can search the virtual folder list to locate a virtual folder based on the folder name, its associated users or partners by specifying the required search criteria.

To search for a virtual folder

  1. On the navigation pane, select Virtual folders.

  2. On the Virtual folders page, specify all or one of the following search criteria:

    Field Description
    Partner Select one of the following:
    • All partners: To search for virtual folders associated with all the partners in webMethods.io MFT.
    • Specific partner: To search for virtual folders associated with a specific partner in webMethods.io MFT. Select this option, type the name of the partner, and click Ok.
    User Select one of the following:
    • All users: To search for virtual folders associated with all the users in webMethods.io MFT.
    • Specific user: To search for virtual folders associated with a specific user in webMethods.io MFT. Select this option, type the name of the user, and click Ok.
    Folder name Type the name of the specific virtual folder you want to view.
  3. Click Reset to reset values and Apply for the changes to take effect. The virtual folders list is populated with the virtual folders matching your search criteria.