none
CloudFileShare & GetPermissions = 403 error

Toate mesajele

  • When a client provides a SAS URI to Azure Storage as part of a request, the service checks the SAS parameters and signature to verify that it is valid for authenticating the request. If the service verifies that the signature is valid, then the request is authenticated. Otherwise, the request is declined with error code 403 (Forbidden).

    Could you little elaborate the scenario?

    403 Forbidden error is typically caused by authentication failure, please ensure the SAS has enough permission.

    Refer : Best practices when using SAS , Constructing a Service SAS and SAS Error Codes




    10 mai 2018 18:16
    Moderator
  • thank you very much for your prompt reply. Here is my code in question; All is well until 

    • var permissions = fileShare.GetPermissions();

    Thanks again!


            static FileHelper()
            {
                StorageAccount = new CloudStorageAccount(new StorageCredentials(SasToken), "account name", "core.windows.net", true);
            }

            private static CloudStorageAccount StorageAccount { get; }

            private const string SasToken = "1 year token";

            public static string GetFile(EnShareType shareType, string filename, string directory = "")
            {
                var fileClient = StorageAccount.CreateCloudFileClient();
                var fileShare = fileClient.GetShareReference("test");

                if (!fileShare.Exists())
                {
                    return string.Empty;
                }

                var rootDirectory = fileShare.GetRootDirectoryReference();

                if (!rootDirectory.Exists())
                {
                    return string.Empty;
                }

                CloudFile cloudFile;

                var directorySpecified = !string.IsNullOrWhiteSpace(directory);

                if (directorySpecified)
                {
                    var fileDirectory = rootDirectory.GetDirectoryReference(directory);

                    if (!fileDirectory.Exists())
                    {
                        return string.Empty;
                    }

                    cloudFile = fileDirectory.GetFileReference(filename);
                }
                else
                {
                    cloudFile = rootDirectory.GetFileReference(filename);
                }

                var sharedPolicy = new SharedAccessFilePolicy
                {
                    Permissions = SharedAccessFilePermissions.Write | SharedAccessFilePermissions.Read |
                                  SharedAccessFilePermissions.List,
                    SharedAccessExpiryTime = DateTime.UtcNow.AddHours(1)
                };

                var permissions = fileShare.GetPermissions();
                //var permissions = new FileSharePermissions();

                var policyName = "fileSharePolicy" + DateTime.UtcNow.Ticks;

                permissions.SharedAccessPolicies.Add(policyName, sharedPolicy);
                fileShare.SetPermissions(permissions);

                var sasToken = cloudFile.GetSharedAccessSignature(null, policyName);
                var fileSasUri = new Uri($"{cloudFile.Uri.AbsoluteUri}{sasToken}");

                return fileSasUri.ToString();
            }

    10 mai 2018 18:40
  • Anybody have some feedback. Stuck...
    11 mai 2018 19:17
  • Can you specifically provide the full error message you are getting ? Also, Are you using the File service rest API ? https://docs.microsoft.com/en-us/rest/api/storageservices/file-service-rest-api

    Could you also try to give us more details on what you are trying to accomplish ? Is is it only accessing a file share ?

    Thanks,
    Adam
    15 mai 2018 21:51
    Moderator