Is there any way to access blobs in private blob container without Shared Access Secret key ? i mean any User / Role based security or domain level security i.e only our domain should be able to access blobs in private container etc.
Actually i don't want to append SAS key after each blob url to access it, i want my container to be private and also i want to access each blob in that container without SAS key
any way currently available or planned in future release ?
can create a http handler to serve and secure files from blob storage. When the browser send a request to your service viahttp://xxx.cloudapp.net/courses/index.html orhttp://xxx.cloudapp.net/courses/style.css,
it will be actually served by your own http handler. The http handler will get the actual file content (no matter it is a html, js or image file) from blob storage and return the content. By using this way, we can protect the http handler using the the
built-in ASP.NET authorization and authentication functionality. Or you can use your own way to authenticate users as you have full control of the http handler.
If you have questions regarding serving blob storage using http handler, please let me know.
If I understood correctly, it seems that you have met your original requirement "accessing blobs in private blob container without Shared Access Secret key". Now the question becomes that you want to capture the request when the web role accesses blob
HttpModule is used to capture the request to pages, not the outgoing request. Why do you want to capture the outgoing request? As the outgoing request is made by your code, you can implement access control in your own code before accessing blob storage.
Before running the project, please replace blobContainerName with your own blob container that contains both html and related files. Then start debugging the Azure service project and then you can use the following address to access the page:
Namespace WebApplication Public Class BlobProxy Implements IHttpHandler ' Please replace this with your blob container name. Const blobContainerName As String = "eldata"
Public ReadOnly Property IsReusable() As Boolean Implements IHttpHandler.IsReusable Get Return False End Get End Property
Public Sub ProcessRequest(ByVal context As HttpContext) Implements IHttpHandler.ProcessRequest ' Get the file name. Dim fileName As String = context.Request.Path.Replace("/BlobProxy/", String.Empty)
' Get the blob from blob storage. Dim storageAccount = CloudStorageAccount.FromConfigurationSetting("DataConnectionString") Dim blobStorage = storageAccount.CreateCloudBlobClient Dim blobAddress As String = blobContainerName & "/" & fileName Dim blob As CloudBlob = blobStorage.GetBlobReference(blobAddress) Dim bool As Boolean = EL_ComFun.BlobExists(blob)
' Read blob content to response. context.Response.Clear() Try blob.FetchAttributes() context.Response.ContentType = blob.Properties.ContentType blob.DownloadToStream(context.Response.OutputStream) Catch ex As Exception context.Response.Write(ex.ToString()) End Try context.Response.[End]() End Sub End Class End Namespace