Exporter (0) Imprimer
Développer tout
EN
Ce contenu n’est pas disponible dans votre langue. Voici la version anglaise.

SharedAccessPolicy Class

Updated: April 24, 2013

[This topic is part of the Windows Azure Storage Client Library 1.7, which has been deprecated. The current recommended version is Storage Client Library 3.0.]

Represents a shared access policy, which specifies the start time, expiry time, and permissions for a shared access signature.

Namespace: Microsoft.WindowsAzure.StorageClient
Assembly: Microsoft.WindowsAzure.StorageClient (in Microsoft.WindowsAzure.StorageClient.dll)

'Utilisation

public class SharedAccessPolicy

The following code example creates a shared access signature for a blob. The shared access policy is created on the signature itself.

static void CreateSAS()
{
// Retrieve storage account information from an app.config file.
// This is one way to store and retrieve a connection string when
// you are writing an application that runs locally, rather than in Windows Azure.
CloudStorageAccount storageAccount = CloudStorageAccount.Parse
    (ConfigurationManager.AppSettings["StorageAccountConnectionString"]);

// Create the blob client object.
CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();

// Get a reference to the container for which the shared access signature will be created.
CloudBlobContainer container = blobClient.GetContainerReference("mysascontainer");
container.CreateIfNotExist();

// Create a permission policy, consisting of a shared access policy 
// and a public access setting, and store it on the container. 
BlobContainerPermissions containerPermissions = new BlobContainerPermissions();

// The public access setting explicitly specifies that the container is private, 
// so that it can't be accessed anonymously.
containerPermissions.PublicAccess = BlobContainerPublicAccessType.Off;

//Set the permission policy on the container.
container.SetPermissions(containerPermissions);

//The container-level access policy provides read/write access to the container for 10 hours.
containerPermissions.SharedAccessPolicies.Add("mypolicy", new SharedAccessPolicy()
{
    //If valid immediately, don’t set SharedAccessStartTime,
    //to avoid failures caused by small clock differences.
    // 
    // This policy goes live one hour from now.
    SharedAccessStartTime = DateTime.UtcNow.AddHours(1),
    SharedAccessExpiryTime = DateTime.UtcNow.AddHours(11),
    Permissions = SharedAccessPermissions.Write | SharedAccessPermissions.Read
});

// The shared access signature then can be used to create a service client. 
// This code would likely be run from a different client, but is included here to 
// demonstrate how to consume the shared access signature.

// Create the blob client directly, using the shared access signature.
// The parameter for StorageCredentialsSharedAccessSignature is
// the query parameter portion (after the question mark) 
// of a URL that uses an SAS. 
// For example: 
// Console.WriteLine(blob.Uri.AbsoluteUri + sas);

CloudBlobClient sasBlobClient = new CloudBlobClient(storageAccount.BlobEndpoint,
    new StorageCredentialsSharedAccessSignature(sas));

// Return a reference to a blob.
CloudBlob blob = sasBlobClient.GetBlobReference("mysascontainer/myblob.txt");

// Upload text to the blob. If the blob does not yet exist, it will be created. 
// If the blob does exist, its existing content will be overwritten.
blob.UploadText("Write to a blob using shared access credentials.");
}

The following example creates a shared access policy at the container level, and then creates a shared access signature that is associated with the policy.

static void CreateSASUsingContainerAccessPolicy()
{
  // Retrieve storage account information from an app.config file.
  // This is one way to store and retrieve a connection string if you are writing an application 
  // that will run locally, rather than in Windows Azure.
  CloudStorageAccount storageAccount = CloudStorageAccount.Parse
      (ConfigurationManager.AppSettings["StorageAccountConnectionString"]);
  
  // Create the blob client object.
  CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();

  // Get a reference to the container for which shared access signature will be created.
  CloudBlobContainer container = blobClient.GetContainerReference("mysascontainer");
  container.CreateIfNotExist();

  // Create a permission policy, consisting of a container-level access policy 
  // and a public access setting, and store it on the container. 
  BlobContainerPermissions blobPermissions = new BlobContainerPermissions();

  // The container-level access policy provides read/write access to the container for 10 hours.
  blobPermissions.SharedAccessPolicies.Add("mypolicy", new SharedAccessPolicy()
    {
        //If valid immediately, don’t set SharedAccessStartTime,
        //to avoid failures caused by small clock differences.
        // 
        // This policy goes live one hour from now.
        SharedAccessStartTime = DateTime.UtcNow.AddHours(1),
        SharedAccessExpiryTime = DateTime.UtcNow.AddHours(11),
        Permissions = SharedAccessPermissions.Write | SharedAccessPermissions.Read
    });

  // The public access setting explicitly specifies that the container is private, 
  // so that it can't be accessed anonymously.
  blobPermissions.PublicAccess = BlobContainerPublicAccessType.Off;

  // Set the permission policy on the container.
  container.SetPermissions(blobPermissions);

  // Get the shared access signature to share with clients.
  // Note that this call passes in an empty access policy, so that the shared access signature 
  // will use the 'mypolicy' access policy that's defined on the container.
  string sas = container.GetSharedAccessSignature(new SharedAccessPolicy(), "mypolicy");

  // Clients can use the signature to create a service client.
  StorageCredentialsSharedAccessSignature sasCreds = new StorageCredentialsSharedAccessSignature(sas);
  CloudBlobClient sasBlobClient = new CloudBlobClient(storageAccount.BlobEndpoint,
    new StorageCredentialsSharedAccessSignature(sas));

  // Return a reference to a blob.
  CloudBlob blob = sasBlobClient.GetBlobReference("mysascontainer/myblob.txt");

  // Upload text to the blob. If the blob does not yet exist, it will be created. 
  // If the blob does exist, its existing content will be overwritten.
  blob.UploadText("Hello SAS World");
}

A container-level shared access policy defines a set of parameters that may be applied to shared access signatures on the container or its blobs. The access policy, represented by a SharedAccessPolicy object, defines a start time, an expiry time, and a set of permissions for shared access.

Note that a single SharedAccessPolicy object may also be defined for the shared access signature itself. A container may have a collection of shared access policies, represented by the SharedAccessPolicies class.


System.Object
  Microsoft.WindowsAzure.StorageClient.SharedAccessPolicy

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Development Platforms

Windows Vista, Windows 7 and Windows Server 2008

Target Platforms

Afficher:
© 2014 Microsoft