Scope
- YADE should support file transfer operations with Azure Blob Storage.
- Technically speaking Azure file transfer operations make use of the HTTPS protocol and a number of query parameters and headers. The implementation therefore is fairly straightforward.
- The sticking point is about what authentication methods should be supported.
- If blob containers are made publicly available and require no authentication then the YADE supports this out-of-the-box.
- If Azure authentication methods are applied then different implementations are to be considered:
- Azure supports a range of authentication methods - we picked two of them for this proposal:
Authentication Methods
Find a preliminary comparison of authentication methods:
Capability | Shared Key | Shared Access Signature |
---|
Scope | - uses a single Shared Key for access at container level or at blob level
| - allows a single SAS token to be used for access to any blobs in a container
- allows individual SAS tokens to be used per blob and per file transfer operation
|
Access Duration | | - makes use of expiration dates
|
Permissions | - enables full access at container level or at blob level for any file transfer operations
| - offers permissions (read, write, delete, list) per resource type (container, object) and service (blob, queue, table, file)
- allows a single SAS token to be used that includes any permissions and file transfer operations (get, put, list)
- allows individual SAS tokens to be used specifying permissions per blob and per file transfer operation
|
- From the above comparison Shared Access Signatures are superior concerning more fine-grained access to resources.
Operation
xxxx
References
Jira |
---|
server | SOS JIRA |
---|
columns | key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution |
---|
serverId | 6dc67751-9d67-34cd-985b-194a8cdc9602 |
---|
key | YADE-561 |
---|
|
...