SFTP Transport Reference
| Mule Runtime Engine versions 3.5, 3.6, and 3.7 reached End of Life on or before January 25, 2020. For more information, contact your Customer Success Manager to determine how you can migrate to the latest Mule version. |
The Secure Shell (SSH) File Transfer Protocol (SFTP) transport allows files to be read and written to and from directories over SFTP. Unlike the Virtual File System (VFS) transport, it can handle large files because it streams message payloads. The SFTP transport can be used as an inbound or an outbound endpoint. Files can be retrieved from an SFTP server and processed as Mule messages, or Mule messages can be uploaded as files to an SFTP server. Mule uses the JCraft library for SFTP SSH.
Notes:
-
Mule 3.7 and newer supports SFTP retries.
-
In code examples in this guide,
spring-beans-current.xsdis a placeholder. To locate the correct version, see http://www.springframework.org/schema/beans/ — Mule 3.7 and newer supports Spring 4.1.6.
| Transport |  |
|---|---|
Doc |
|
Inbound |
|
Outbound |
|
Request |
|
Transactions |
|
Streaming |
|
Retries |
|
MEPs |
|
Default MEP |
|
Maven Artifact |
org.mule.transports:mule-transport-sftp |
SFTP |
Namespace and Syntax
This section lists namespace, schema, and connector syntax information.
XML Schema Location
http://www.mulesoft.org/schema/mule/sftp http://www.mulesoft.org/schema/mule/sftp/3.7/mule-sftp.xsdSchema
You can view the full schema for the SFTP transport here.
Connector Syntax
<sftp:connector name="sftp-default" archiveDir="" archiveTempReceivingDir="/tmp/get"
archiveTempSendingDir="/tmp/send" autoDelete="true"
duplicateHandling="throwException" fileAge="60000"
identityFile="/home/test/.ssh/id_rsa" keepFileOnError="false"
outputPattern="#[message.inboundProperties.originalFilename]" passphrase="passPhrase"
pollingFrequency="10000" sizeCheckWaitTime="30000"
tempDirInbound="/tmp/inbound" tempDirOutbound="/tmp/outbound"
useTempFileTimestampSuffix="true" />Endpoint Syntax
You can define your endpoints two different ways:
-
Prefixed endpoint:
<sftp:inbound-endpoint user="mule" password="test123" path="/tmp/sftp" host="myhost.com" pollingFrequency="500" name="inboundEndpoint1"/> <sftp:outbound-endpoint user="mule" password="test123" path="/tmp/sftp" host="myhost.com" name="outboundEndpoint2" keepFileOnError="false"/> -
Non-prefixed URI:
<inbound-endpoint address="sftp://mule:test123@myhost.com/tmp/sftp"/>
<outbound-endpoint address="sftp://mule:test123@myhost.com/tmp/sftp"/>Considerations
You can use the SFTP transport to download from or upload to a secured resource accessible via SFTP. This transport does not currently support transactions policies. Some uses for the SFTP transport are downloading data into a database and picking up files and uploading them via SFTP. You can use this transport to implement the file transfer Enterprise Integration Pattern. As explained in the EIP book, the file transfer pattern allows you to loosely couple two applications together, with delays in processing time. If your integration is time-sensitive, you may want to look at implementing the messaging pattern with the JMS transport which can give you closer to real-time processing.
| You need to have the proper permissions for the folder and files that the connector points to. If not, an exception is raised and no more files are processed after the first failed attempt. |
Using the SFTP transport allows you to optionally use streaming support for larger files and asynchronous and synchronously chain other endpoints with an SFTP endpoint. It also allows you to use Mule’s robust error handling in your Mule application.
The examples on this page show how to define SFTP inbound and outbound endpoints in your Mule application.
Features
-
Streaming support of resources
-
For inbound endpoints, poll the resource at a specified interval
-
For outbound endpoints, choices on how to handle duplicate files: throw and exception, overwrite, append a sequence number to the file name
Usage
To include the SFTP transport in your configuration:
-
Define these namespaces:
<?xml version="1.0" encoding="utf-8"?> <mule xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sftp="http://www.mulesoft.org/schema/mule/sftp" xsi:schemaLocation=" http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd http://www.mulesoft.org/schema/mule/sftp http://www.mulesoft.org/schema/mule/sftp/current/mule-sftp.xsd"> -
Define a connector:
<sftp:connector name="sftp-default"/> -
Define an inbound and/or outbound endpoint:
-
Use an inbound endpoint if you want new files found on the SFTP site to trigger a Mule flow
-
Use an outbound endpoint if you want to upload files to an SFTP site. These files typically start as Mule messages and are converted to files.
<sftp:inbound-endpoint name="inboundEndpoint1" connector-ref="sftp" address="sftp://user:password@host/~/data1"/> <sftp:outbound-endpoint address="sftp://user:password@host/~/data" outputPattern="#[function:count]-#[function:systime].dat"/>
-
Rules for Using the Transport
On the connector, you define the connection pool size, and your inbound and outbound temporary directories. The endpoint is where you define the authentication information, polling frequency, file name patterns, etc. See below for the full list of configuration options.
One-way and request-response exchange patterns are supported. If an exchange pattern is not defined, 'one-way' is the default.
This is a polling transport. The inbound endpoint for SFTP uses polling to look for new files. The default is to check every second, but it can be changed via the 'pollingFrequency' attribute on the inbound endpoint.
Streaming is supported by the SFTP transport and is enabled by default. Transactions are not currently supported.
Example Configurations
The following example saves any files found on a remote SFTP server to a local directory. This demonstrates using an SFTP inbound endpoint and a file outbound endpoint.
Important: Before running this example, create an SFTP properties file:
-
Create the sftp.properties properties file in your Classpath or set your PATH variable to the file’s location. For information on specifying SFTP server access information for a username, password, host, and port, using Anypoint Studio, see SFTP Connector.
-
Provide these parameters:
sftp.user=user sftp.host=host sftp.port=port sftp.password=passwordSubstitute each value to the right of the equal sign with SFTP access information. For example:
sftp.user=memyselfandi sftp.host=localhost sftp.port=8081 sftp.password=icannottellyou
Example SFTP-to-File Flow
Downloading files from SFTP using a Flow
<mule xmlns="http://www.mulesoft.org/schema/mule/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sftp="http://www.mulesoft.org/schema/mule/sftp"
xmlns:file="http://www.mulesoft.org/schema/mule/file"
xmlns:spring="http://www.springframework.org/schema/beans"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-current.xsd
http://www.mulesoft.org/schema/mule/sftp
http://www.mulesoft.org/schema/mule/sftp/current/mule-sftp.xsd
http://www.mulesoft.org/schema/mule/file
http://www.mulesoft.org/schema/mule/file/current/mule-file.xsd
http://www.mulesoft.org/schema/mule/core
http://www.mulesoft.org/schema/mule/core/current/mule.xsd">
<!-- This placeholder bean lets you import the properties from the sftp.properties file. -->
<spring:bean id="property-placeholder"
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<spring:property name="location" value="classpath:sftp.properties"/> ❶
</spring:bean>
<flow name="sftp2file">
<sftp:inbound-endpoint host="${sftp.host}" port="${sftp.port}"
path="/home/test/sftp-files" user="${sftp.user}" password="${sftp.password}"> ❷
<file:filename-wildcard-filter pattern="*.txt,*.xml"/> ❸
</sftp:inbound-endpoint>
<file:outbound-endpoint path="/tmp/incoming"
outputPattern="#[message.inboundProperties.originalFilename]"/> ❹
</flow>
</mule>A properties file which holds the SFTP server login credentials is defined on ❶. Next a SFTP inbound endpoint is declared on ❷ which checks the /home/test/sftp-files directory for new files every one second by default. ❸ defines a file filter which only sends files ending with .txt or .xml to the outbound endpoint. Any conforming files found on the inbound endpoint are then written to the /tmp/incoming local directory with the same file name it had on the sftp server ❹.
The following example uploads files found in a local directory to an SFTP server. This demonstrates using a file inbound endpoint and an SFTP outbound endpoint.
Uploading files via SFTP using a Flow
<mule xmlns="http://www.mulesoft.org/schema/mule/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sftp="http://www.mulesoft.org/schema/mule/sftp"
xmlns:file="http://www.mulesoft.org/schema/mule/file"
xmlns:spring="http://www.springframework.org/schema/beans"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-current.xsd
http://www.mulesoft.org/schema/mule/sftp
http://www.mulesoft.org/schema/mule/sftp/current/mule-sftp.xsd
http://www.mulesoft.org/schema/mule/file
http://www.mulesoft.org/schema/mule/file/current/mule-file.xsd
http://www.mulesoft.org/schema/mule/core
http://www.mulesoft.org/schema/mule/core/current/mule.xsd">
<!-- This placeholder bean lets you import the properties from the sftp.properties file. -->
<spring:bean id="property-placeholder"
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<spring:property name="location" value="classpath:sftp.properties"/> ❶
</spring:bean>
<flow name="file2sftp">
<file:inbound-endpoint path="/tmp/outgoing"> ❷
<file:filename-wildcard-filter pattern="*.txt,*.xml"/> ❸
</file:inbound-endpoint>
<sftp:outbound-endpoint host="${sftp.host}" port="${sftp.port}"
path="/home/test/sftp-files" user="${sftp.user}" password="${sftp.password}"/> ❹
</flow>
</mule>A properties file which holds the SFTP server login credentials is defined on ❶. Next a file inbound endpoint is declared on ❷ which checks the /tmp/outgoing directory for new files every one second by default. ❸ defines a file filter which only sends files ending with .txt or .xml to the outbound endpoint. Any conforming files found on the inbound endpoint are then written to the /home/test/sftp-files remote SFTP directory with the same file name it had on the local filesystem ❹.
Exchange Patterns and Features of the Transport
See transport matrix.
Connector
SFTP connectivity.
Attributes of the connector Element
| Name | Description |
|---|---|
|
Type: string. Required: no. Comma-separated list of authentication methods used by the SFTP client. Valid values are: gssapi-with-mic, publickey, keyboard-interactive and password. |
|
Type: integer. Required: no. Default: disabled. If the number of active connections is specified, then a connection pool is used with active connections up to this number. Use a negative value for no limit. If the value is zero no connection pool is used. |
|
Type: long. Required: no. Default: 1000 ms. The frequency in milliseconds that the read directory should be checked. Note that the read directory is specified by the endpoint of the listening component. |
|
Type: boolean. Required: no. Default: true. Whether to delete the file after successfully reading it. |
|
Type: long. Required: no. Default: disabled. minimum age (in ms) for a file to be processed. This can be useful when consuming large files. It tells Mule to wait for a period of time before consuming the file, allowing the file to be completely written before the file is processed. WARNING: The |
|
Type: long. Required: no. Default: disabled. Wait time (in ms) between size-checks to determine if a file is ready to be processed. Disabled if not set or set to a negative value. This feature can be useful to avoid processing not yet completely written files (such as, consuming large files). It tells Mule to do two size checks waiting the specified time between the two size calls. If the two size calls return the same value Mule consider the file ready for processing. Note: See attribute fileAge for an alternate method of determining if a incoming file is ready for processing. |
|
Type: string. Required: no. Default: disabled. Archives a copy of the file in the specified directory on the file system where mule is running. The archive folder must have been created before Mule is started and the user Mule runs under must have privileges to read and write to the folder. |
|
Type: string. Required: no. Default: disabled. If specified then the file to be archived is received in this folder and then moved to the archiveTempSendingDir while sent further on to the outbound endpoint. This folder is created as a subfolder to the archiveDir. Note: Must be specified together with the archiveTempSendingDir and archiveDir attributes. |
|
Type: string. Required: no. Default: disabled. If specified then the file to be archived is sent to the outbound endpoint from this folder. This folder is created as a subfolder to the archiveDir. After the file is consumed by the outbound endpoint or the component itself (that is, when the underlying InputStream is closed) it is moved to the archive folder. Note: Must be specified together with the archiveTempReceivingDir and archiveDir attributes. |
|
Type: string. Required: no. Default: the message ID, for example, |
|
Type: boolean. Required: no. Default: true. If true, the file on the inbound-endpoint is not deleted if an error occurs when writing to the outbound-endpoint. Note: This assumes that both the inbound and outbound endpoints are using the SFTP-Transport. |
|
Type: duplicateHandlingType. Required: no. Default: throwException. Determines what to do if a file already exist on the outbound endpoint with the specified name.
|
|
Type: string. Required: no. Default: disabled. An identityFile location for a PKI private key. |
|
Type: string. Required: no. Default: disabled. The passphrase (password) for the identityFile if required. |
|
Type: string. Required: no. Default: disabled. If specified then Mule tries to create the temp-directory in the endpoint folder if it doesn’t already exist. Ensure that the user Mule is configured to use to access the SFTP server has privileges to create a temp folder if required! For inbound endpoints: A temporary directory on the ftp-server from where the download takes place. The file is moved (locally on the sftp-server) to the tempDir, to mark that a download is taking place, before the download starts. Note: A file in the tempDir of an inbound endpoint is always correct (has only been moved locally on the sftp-server) and can therefore be used to restart a failing file transfer. |
|
Type: string. Required: no. Default: disabled. If specified, then Mule tries to create the temp-directory in the endpoint folder if it doesn’t already exist. Ensure that the user Mule configured to use to access the SFTP server has privileges to create a temp folder if required. For outbound endpoints: A temporary directory on the sftp-server to first upload the file to. When the file is fully uploaded the file is moved to its final destination. The tempDir is created as a sub directory to the endpoint. Note: A file in the tempDir of an outbound endpoint might not be correct (since the upload takes place to this folder) and can therefore NOT be used to restart a failing file transfer. |
|
Type: boolean. Required: no. Default: disabled. Used together with the tempDir - attribute to give the files in the tempDir a guaranteed unique name based on the local time when the file was moved to the tempDir. |
Inbound Endpoint
Attributes of the inbound-endpoint Element
| Name | Description |
|---|---|
|
Type: string. Required: no. A file location. |
|
Type: string. Required: no. A username. |
|
Type: string. Required: no. A password. |
|
Type: string. Required: no. An IP address (for example, |
|
Type: port number. Required: no. A port number. |
|
Type: long. Required: no. Default: 1000 ms. The frequency in milliseconds that the read directory should be checked. Note that the read directory is specified by the endpoint of the listening component. |
|
Type: long. Required: no. Default: disabled. Age (in ms) for a file to be processed. This can be useful when consuming large files. It tells Mule to wait for a period of time before consuming the file, allowing the file to be completely written before the file is processed. WARNING: The fileAge attribute only works properly if the servers where Mule and the sftp-server runs have synchronized time. Note: See attribute sizeCheckWaitTime for an alternate method of determining if a incoming file is ready for processing. |
|
Type: long. Required: no. Default: disabled. Wait time (in ms) between size-checks to determine if a file is ready to be processed. Disabled if not set or set to a negative value. This feature can be useful to avoid processing not yet completely written files (such as when consuming large files). It tells Mule to do two size checks waiting the specified time between the two size calls. If the two size calls return the same value Mule consider the file ready for processing. Note: See attribute fileAge for an alternate method of determining if a incoming file is ready for processing. |
|
Type: string. Required: no. Default: disabled. Archives a copy of the file in the specified directory on the file system where mule is running. The archive folder must have been created before Mule is started and the user Mule runs under must have privileges to read and write to the folder. |
|
Type: string. Required: no. Default: disabled. If specified then the file to be archived is received in this folder and then moved to the archiveTempSendingDir while sent further on to the outbound endpoint. This folder is created as a subfolder to the archiveDir. NOte: Must be specified together with the archiveTempSendingDir and archiveDir attributes. |
|
Type: string. Required: no. Default: disabled. If specified then the file to be archived is sent to the outbound endpoint from this folder. This folder is created as a subfolder to the archiveDir. After the file is consumed by the outbound endpoint or the component itself (that is, when the underlying InputStream is closed) it is moved to the archive folder. Note: Must be specified together with the archiveTempReceivingDir and archiveDir attributes. |
|
Type: string. Required: no. Default: disabled. An identityFile location for a PKI private key. |
|
Type: string. Required: no. Default: disabled. The passphrase (password) for the identityFile if required. |
|
Type: string. Required: no. Default: disabled. If specified then Mule tries to create the temp-directory in the endpoint folder if it doesn’t already exist. Ensure that the user Mule is configured to use to access the sftp server has privileges to create a temp folder if required! For inbound endpoints: A temporary directory on the sftp-server from where the download takes place. The file is moved (locally on the sftp-server) to the tempDir, to mark that a download is taking place, before the download starts. Note: A file in the tempDir of an inbound endpoint is always correct (has only been moved locally on the sftp-server) and can therefore be used to restart a failing file transfer. For outbound endpoints: A temporary directory on the sftp-server to first upload the file to. When the file is fully uploaded the file is moved to its final destination. The tempDir is created as a sub directory to the endpoint. Note: A file in the tempDir of an outbound endpoint might not be correct (since the upload takes place to this folder) and can therefore NOT be used to restart a failing file transfer. |
|
Type: boolean. Required: no. Default: disabled. Used together with the tempDir - attribute to give the files in the tempDir a guaranteed unique name based on the local time when the file was moved to the tempDir. |
No child elements for inbound-endpoint.
Outbound Endpoint
Attributes of outbound-endpoint
| Name | Description |
|---|---|
|
Type: string. Required: no. A file location. |
|
Type: string. Required: no. A username. |
|
Type: string. Required: no. A password. |
|
Type: string. Required: no. An IP address (for example, www.mulesoft.com, localhost, 127.0.0.1). |
|
Type: port number. Required: no. A port number. |
|
Type: string. Required: no. Default: the message ID, for example, ee241e68-c619-11de-986b-adeb3d6db038 The pattern to use when writing a file to disk. This can use the patterns supported by the filename-parser configured for this connector. By default the File Transport Reference is used. See this same document section for information on how to override the default parser. |
|
Type: boolean. Required: no. Default: true. If true the file on the inbound-endpoint is not deleted if an error occurs when writing to the outbound-endpoint. Note: This assumes that both the inbound and outbound endpoints are using the SFTP-Transport. |
|
Type: duplicateHandlingType. Required: no. Default: |
|
Type: string. Required: no. Default: disabled. An |
|
Type: string. Required: no. Default: disabled. The passphrase (password) for the identityFile if required. |
|
Type: string. Required: no. Default: disabled. If specified then Mule tries to create the temp-directory in the endpoint folder if it doesn’t already exist. Ensure that the user Mule is configured to use to access the SFTP server has privileges to create a temp folder if required! For inbound endpoints: A temporary directory on the ftp-server from where the download takes place. The file is moved (locally on the sftp-server) to the tempDir, to mark that a download is taking place, before the download starts. Note: A file in the tempDir of an inbound endpoint is always correct (has only been moved locally on the sftp-server) and can therefore be used to restart a failing file transfer. For outbound endpoints: A temporary directory on the sftp-server to first upload the file to. When the file is fully uploaded the file is moved to its final destination. The tempDir is created as a sub directory to the endpoint. Note: A file in the tempDir of an outbound endpoint might not be correct (since the upload takes place to this folder) and can therefore NOT be used to restart a failing file transfer. |
|
Type: boolean. Required: No. Default: disabled. Used together with the tempDir - attribute to give the files in the tempDir a guaranteed unique name based on the local time when the file was moved to the tempDir. |
No child elements for outbound-endpoint.