[jira] [Commented] (JCLOUDS-1428) Support for SAS token based Authentication for Azure Blob Storage

Sun, 31 Mar 2019 11:16:34 -0700 


    [ 
https://issues.apache.org/jira/browse/JCLOUDS-1428?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16806226#comment-16806226
 ] 

Ignasi Barrera commented on JCLOUDS-1428:
-----------------------------------------

It is called 
[here|https://github.com/apache/jclouds/blob/master/providers/azureblob/src/main/java/org/jclouds/azureblob/blobstore/functions/BlobPropertiesToBlobMetadata.java#L58].
 That {{BlobPropertiesToBlobMetadata}} function is called everytime a blob is 
retrieved using the {{AzureBlobStore}}. If you look at the usages of [these 
two|https://github.com/apache/jclouds/blob/master/providers/azureblob/src/main/java/org/jclouds/azureblob/blobstore/AzureBlobStore.java#L93-L94]
 variables and [this 
one|https://github.com/apache/jclouds/blob/master/providers/azureblob/src/main/java/org/jclouds/azureblob/blobstore/AzureBlobStore.java#L96],
 you'll see when that gets called, which is basically when getting a blob, or 
getting a list of blobs, so, in practice, it will always fail for SAS tokens,

I wonder if it would make sense to disable getting that info when we already 
know it can't be retrieved with the provided credntials? [~gaul] WDYT?



> Support for SAS token based Authentication for Azure Blob Storage
> -----------------------------------------------------------------
>
>                 Key: JCLOUDS-1428
>                 URL: https://issues.apache.org/jira/browse/JCLOUDS-1428
>             Project: jclouds
>          Issue Type: Improvement
>          Components: jclouds-blobstore
>            Reporter: Himanshu Jain
>            Priority: Major
>              Labels: azureblob
>             Fix For: 2.2.0, 2.1.3
>
>         Attachments: azure_stacktrace.txt
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> Hi,
> We have one use case where we want to provide limited access to objects in 
> our storage accounts. We figured that the best way to do  this is by using 
> SAS token based authentication mechanism to upload/download objects to Azure 
> Blob Storage - [SAS based 
> Authentication|https://docs.microsoft.com/en-us/azure/storage/common/storage-dotnet-shared-access-signature-part-1]
> We found that JClouds client library provides support for Azure Blob Storage 
> using account keys which might not fit our use case because of security 
> reasons.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to