locked
Azure Storage Static Sites - Authentication? RRS feed

  • Question

  • Is there any way to secure a static site on Blob storage using Azure AD in a similar way to full App Services?
    Thursday, January 17, 2019 12:30 PM

All replies

  • Hi Jimmywim,

    You can use the Azure App Service Authentication

    https://docs.microsoft.com/en-us/azure/app-service/overview-authentication-authorization

    I have used it together with a Static site and a Azure Function.

    Thursday, January 17, 2019 12:58 PM
  • Can this be configured on a Static Site in an Azure Storage Account, though?

    See here: https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-static-website


    • Edited by Jimmywim Thursday, January 17, 2019 1:20 PM added link
    Thursday, January 17, 2019 1:18 PM
  • Hi Jimmywim,

    No, not as far as i know. So i ended up integrating my serverless webpage (Static site) with Azure functions to get the authentication possibility, and alot of other serverless functions on the website. 

    Thursday, January 17, 2019 1:35 PM
  • I ended up just creating a normal App Service for now with the standard Authentication settings. Might add to UserVoice for this to be able to add the Authentication settings to the Static Website option in a Storage Account.
    Thursday, January 17, 2019 2:45 PM
  • Adding more Information to the above query: Storage won't deal with active content (reason it is called static website).

    If you are willing to use authorization to access your content and won’t use cookies. Storage blobs can be accessed using the bearer token in the Authorization header

      The option which you have select i.e. azure app services is the best one for now

    Additional information: Easy auth is a .Net filter module which intercepts requests meant for the website and performs the auth operations storage won’t use IIS and storage already has authentication modules which, by using a static website,

      

    Storage already had public containers where you could host static content. the only additional feature with static websites is the ability to specify a default document that would provide the website root path

    Please feel free to contact us, If you need further assistance on this issue.


    Wednesday, January 23, 2019 7:53 AM
  • Hi,

    I'm trying to secure my static web site hosted on a azure storage account by using a azure app service (azure function in my case).

    It works but I am still able to access the static content directly using the blob storage url.

    Is it normal or did I miss something ?

    Thanks

    Monday, April 8, 2019 3:19 PM
  • Hi,

    Maybe you have your blob storage access level set to other than Private? See https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-static-website

    Note that according to the linked docs your static web site blob container $web will still always be accessible by anonymous users. Acces level just controls the blob storage endpoint

    -T-

    Wednesday, January 8, 2020 2:20 PM