Java客户端在Azure上设置SAS、策略和COR
我正在尝试使用Java客户端在Azure上设置CORS属性。执行代码后,我运行HTML5代码上传文件,在chrome javascript控制台中遇到以下错误: 最大块大小=47276 总区块=1 https:myacc.blob.core.windows.net/mycon/ch1.jpg?sr=c&sv=2015-04-05&sig=djbvibly18bv0skqnsl1n9efavcyngy3vsgkis%3D&si=champ 当前文件指针=0字节读取=47276 块id=块-000000 https:myacc.blob.core.windows.net/mycon/ch1.jpg?sr=c&sv=2015-0…kqNSLql1n9efAVcYnGy3VsGKis%3D&si=champ&comp=block&blockid=ymxvy2stmdaw 加载资源失败:服务器响应状态为403(CORS未启用或未找到此请求的匹配规则)。 无法加载XMLHttpRequest https:myacc.blob.core.windows.net/mycon/ch1.jpg?sr=c&sv=2015-0…kqNSLql1n9efAVcYnGy3VsGKis%3D&si=heath&comp=block&blockid=ymxvy2stmdaw 对飞行前请求的响应未通过访问控制检查:请求的主机上不存在“访问控制允许原点”标头 资源。因此,不允许访问源“file://”。这个 响应的HTTP状态代码为403。 我想知道的是,如果Java客户端成功执行,为什么不设置CORS?此外,如何验证规则策略“champ”是否正确配置,生成的SA是否正确,以及是否创建了CORS属性 以下是Java客户端代码:Java客户端在Azure上设置SAS、策略和COR,java,azure,cors,Java,Azure,Cors,我正在尝试使用Java客户端在Azure上设置CORS属性。执行代码后,我运行HTML5代码上传文件,在chrome javascript控制台中遇到以下错误: 最大块大小=47276 总区块=1 https:myacc.blob.core.windows.net/mycon/ch1.jpg?sr=c&sv=2015-04-05&sig=djbvibly18bv0skqnsl1n9efavcyngy3vsgkis%3D&si=champ 当前文件指针=0字节读取=47276 块id=块-0000
public class CORS_and_SAS {
public static void main(String[] args) {
// Define the connection-string with your values
final String storageConnectionString ="DefaultEndpointsProtocol=http;" + "AccountName=myacc;" + "AccountKey=B2q4AGp6YoRsTREXIkOv3e/Sxf46YzqzfnM9F8U+o7VA5Y3EiKc+CuritnvuyZxGXKNOQ5nJy2KfkniF970on1dQ==";
try {
// Retrieve storage account from connection-string.
CloudStorageAccount storageAccount = CloudStorageAccount.parse(storageConnectionString);
// Create the blob client.
CloudBlobClient blobClient = storageAccount.createCloudBlobClient();
// Get a reference to a container.
// The container name must be lower case
CloudBlobContainer container = blobClient.getContainerReference("mycon");
// Create the container if it does not exist.
//container.createIfNotExists();
// Set CORS support
//ServiceProperties blobServiceProperties = blobClient.GetServiceProperties();
ServiceProperties propers = getCORS();
blobClient.uploadServiceProperties(propers);
SharedAccessBlobPolicy policy = new SharedAccessBlobPolicy();
GregorianCalendar calendar =
new GregorianCalendar(TimeZone.getTimeZone("UTC"));
calendar.setTime(new Date());
policy.setSharedAccessStartTime(calendar.getTime()); //Immediately applicable
calendar.add(Calendar.HOUR, 3000); //Applicable time-span is 3000 hours
policy.setSharedAccessExpiryTime(calendar.getTime());
policy.setPermissions(EnumSet.of(SharedAccessBlobPermissions.READ,
SharedAccessBlobPermissions.WRITE, SharedAccessBlobPermissions.DELETE,
SharedAccessBlobPermissions.LIST));
BlobContainerPermissions containerPermissions = new BlobContainerPermissions();
//Private container with no access for anonymous users
containerPermissions.setPublicAccess(BlobContainerPublicAccessType.OFF);
//Name the shared access policy: heath
containerPermissions.getSharedAccessPolicies().put("champ", policy);
container.uploadPermissions(containerPermissions);
//Generate the policy SAS string for heath access
String sas = container.generateSharedAccessSignature(
new SharedAccessBlobPolicy(),"champ");
System.out.println("The stored access policy signature:");
System.out.println(sas);
} catch (Exception e) {
// Output the stack trace.
e.printStackTrace();
}
}
private static ServiceProperties getCORS() {
// TODO Auto-generated method stub
ServiceProperties propers = new ServiceProperties();
CorsProperties corsprop = propers.getCors();
CorsRule cr = new CorsRule();
List<String> allowedHeaders = new ArrayList<String>();
allowedHeaders.add("x-ms-*");
List<String> exposedHeaders = new ArrayList<String>();
exposedHeaders.add("x-ms-*");
cr.setAllowedHeaders(allowedHeaders);
cr.setExposedHeaders(exposedHeaders);
EnumSet<CorsHttpMethods> allowedMethod = EnumSet.of(CorsHttpMethods.PUT,CorsHttpMethods.GET,CorsHttpMethods.POST,CorsHttpMethods.HEAD,CorsHttpMethods.DELETE);
//EnumSet<CorsHttpMethods> allowedMethod1 = EnumSet.of(CorsHttpMethods.GET);
cr.setAllowedMethods(allowedMethod);
List<String> allowedOrigin = new ArrayList<String>();
allowedOrigin.add("*");
cr.setAllowedOrigins(allowedOrigin);
cr.setMaxAgeInSeconds(600);
corsprop.getCorsRules().add(cr);
//corsprop.getCorsRules().add(cr);
propers.setCors(corsprop);
return propers;
}
}
公共类CORS_和SAS{
公共静态void main(字符串[]args){
//使用您的值定义连接字符串
最终字符串storageConnectionString=“DefaultEndpointsProtocol=http;“+”AccountName=myacc;“+”AccountKey=B2q4AGp6YoRsTREXIkOv3e/Sxf46YzqzfnM9F8U+o7VA5Y3EiKc+CuritnVuYZXGKNOQ5NJY2KFKF970ON1DQ=”;
试一试{
//从连接字符串中检索存储帐户。
CloudStorageAccount-storageAccount=CloudStorageAccount.parse(storageConnectionString);
//创建blob客户端。
CloudBlobClient blobClient=storageAccount.createCloudBlobClient();
//获取对容器的引用。
//容器名称必须为小写
CloudBlobContainer container=blobClient.getContainerReference(“mycon”);
//如果容器不存在,请创建该容器。
//container.createIfNotExists();
//设置CORS支架
//ServiceProperties blobServiceProperties=blobClient.GetServiceProperties();
ServiceProperties propers=getCORS();
blobClient.uploadServiceProperties(属性);
SharedAccessBlobPolicy策略=新的SharedAccessBlobPolicy();
公历=
新格雷戈里安日历(时区。getTimeZone(“UTC”));
calendar.setTime(新日期());
policy.setSharedAccessStartTime(calendar.getTime());//立即适用
calendar.add(calendar.HOUR,3000);//适用的时间跨度为3000小时
policy.setSharedAccessExpirTime(calendar.getTime());
policy.setPermissions(EnumSet.of)(SharedAccessBlobPermissions.READ,
SharedAccessBlobPermissions.WRITE、SharedAccessBlobPermissions.DELETE、,
SharedAccessBlobPermissions.LIST);
BlobContainerPermissions containerPermissions=新BlobContainerPermissions();
//匿名用户无法访问的专用容器
containerPermissions.setPublicAccess(BlobContainerPublicAccessType.OFF);
//将共享访问策略命名为:heath
containerPermissions.getSharedAccessPolicys().put(“champ”,policy);
container.uploadPermissions(containerPermissions);
//为健康访问生成策略SAS字符串
字符串sas=container.generateSharedAccessSignature(
新SharedAccessBlobPolicy(),“champ”);
System.out.println(“存储的访问策略签名:”);
系统输出打印LN(sas);
}捕获(例外e){
//输出堆栈跟踪。
e、 printStackTrace();
}
}
私有静态ServiceProperties getCORS(){
//TODO自动生成的方法存根
ServiceProperties propers=新的ServiceProperties();
CorsProperties corsprop=propers.getCors();
CorsRule cr=新CorsRule();
List allowedHeaders=new ArrayList();
allowedHeaders.add(“x-ms-*”);
List exposedHeaders=new ArrayList();
exposedHeaders.add(“x-ms-*”);
cr.SetAllowedHeader(AllowedHeader);
cr.setExposedHeaders(exposedHeaders);
EnumSet allowedMethod=EnumSet.of(CorsHttpMethods.PUT,CorsHttpMethods.GET,CorsHttpMethods.POST,CorsHttpMethods.HEAD,CorsHttpMethods.DELETE);
//EnumSet allowedMethod1=EnumSet.of(CorsHttpMethods.GET);
cr.setAllowedMethods(allowedMethod);
List allowedOrigin=new ArrayList();
allowedOrigin。添加(“*”);
cr.setAllowedOrigins(AllowedOrigins);
cr.setMaxAgeInSeconds(600);
corsprop.getCorsRules().add(cr);
//corsprop.getCorsRules().add(cr);
地产公司(corsprop);
返回推进器;
}
}
我试图重现这个问题,并仔细检查了JS控制台中的Java客户端代码和错误。我发现这个问题是由于对上传文件url使用blob容器共享访问签名造成的
这是您修改的Java代码
private static final String accountName = "<account-name>";
private static final String accountKey = "<account-key>";
private static final String connectionStringTemplate = "DefaultEndpointsProtocol=http;AccountName=%s;AccountKey=%s";
private static final String containerName = "<block-blob-container-name>";
private static final String blobFileName = "<blob-file-name>";
public static void main(String[] args) throws InvalidKeyException, URISyntaxException, StorageException {
String connectionString = String.format(connectionStringTemplate, accountName, accountKey);
CloudStorageAccount account = CloudStorageAccount.parse(connectionString);
CloudBlobClient blobClient = account.createCloudBlobClient();
/*
* Enable CORS
*/
// CORS should be enabled once at service startup
// Given a BlobClient, download the current Service Properties
ServiceProperties blobServiceProperties = blobClient.downloadServiceProperties();
// Enable and Configure CORS
CorsProperties cors = new CorsProperties();
CorsRule corsRule = new CorsRule();
List<String> allowedHeaders = new ArrayList<String>();
allowedHeaders.add("*");
EnumSet<CorsHttpMethods> allowedMethods = EnumSet.of(CorsHttpMethods.PUT, CorsHttpMethods.GET, CorsHttpMethods.HEAD, CorsHttpMethods.POST);
System.out.println(Arrays.toString(allowedMethods.toArray()));
List<String> allowedOrigins = new ArrayList<String>();
allowedOrigins.add("*");
List<String> exposedHeaders = new ArrayList<String>();
exposedHeaders.add("*");
int maxAgeInSeconds = 1800;
corsRule.setAllowedHeaders(allowedHeaders);
corsRule.setAllowedMethods(allowedMethods);
corsRule.setAllowedOrigins(allowedOrigins);
corsRule.setExposedHeaders(exposedHeaders);
corsRule.setMaxAgeInSeconds(maxAgeInSeconds);
cors.getCorsRules().add(corsRule);
blobServiceProperties.setCors(cors);
// Commit the CORS changes into the Service Properties
blobClient.uploadServiceProperties(blobServiceProperties);
/*
* Generate the SAS for the uploading url
*/
CloudBlobContainer container = blobClient.getContainerReference(containerName);
CloudBlockBlob blockBlob = container.getBlockBlobReference(blobFileName);
SharedAccessBlobPolicy sharedAccessBlobPolicy = new SharedAccessBlobPolicy();
GregorianCalendar calendar = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
calendar.setTime(new Date());
sharedAccessBlobPolicy.setSharedAccessStartTime(calendar.getTime());
calendar.add(Calendar.HOUR, 1);
sharedAccessBlobPolicy.setSharedAccessExpiryTime(calendar.getTime());
sharedAccessBlobPolicy.setPermissions(EnumSet.of(SharedAccessBlobPermissions.WRITE));
String sas = blockBlob.generateSharedAccessSignature(sharedAccessBlobPolicy, null);
System.out.println(sas);
String blobUploadSASURL = String.format("https://%s.blob.core.windows.net/%s/%s?%s", accountName, containerName, blobFileName, sas);
System.out.println(blobUploadSASURL);
}
private static final String accountName=“。我试图重现该问题,并仔细检查了JS控制台中的Java客户端代码和错误。我发现该问题是由于对上载文件url使用blob容器共享访问签名造成的
这是您修改的Java代码
private static final String accountName = "<account-name>";
private static final String accountKey = "<account-key>";
private static final String connectionStringTemplate = "DefaultEndpointsProtocol=http;AccountName=%s;AccountKey=%s";
private static final String containerName = "<block-blob-container-name>";
private static final String blobFileName = "<blob-file-name>";
public static void main(String[] args) throws InvalidKeyException, URISyntaxException, StorageException {
String connectionString = String.format(connectionStringTemplate, accountName, accountKey);
CloudStorageAccount account = CloudStorageAccount.parse(connectionString);
CloudBlobClient blobClient = account.createCloudBlobClient();
/*
* Enable CORS
*/
// CORS should be enabled once at service startup
// Given a BlobClient, download the current Service Properties
ServiceProperties blobServiceProperties = blobClient.downloadServiceProperties();
// Enable and Configure CORS
CorsProperties cors = new CorsProperties();
CorsRule corsRule = new CorsRule();
List<String> allowedHeaders = new ArrayList<String>();
allowedHeaders.add("*");
EnumSet<CorsHttpMethods> allowedMethods = EnumSet.of(CorsHttpMethods.PUT, CorsHttpMethods.GET, CorsHttpMethods.HEAD, CorsHttpMethods.POST);
System.out.println(Arrays.toString(allowedMethods.toArray()));
List<String> allowedOrigins = new ArrayList<String>();
allowedOrigins.add("*");
List<String> exposedHeaders = new ArrayList<String>();
exposedHeaders.add("*");
int maxAgeInSeconds = 1800;
corsRule.setAllowedHeaders(allowedHeaders);
corsRule.setAllowedMethods(allowedMethods);
corsRule.setAllowedOrigins(allowedOrigins);
corsRule.setExposedHeaders(exposedHeaders);
corsRule.setMaxAgeInSeconds(maxAgeInSeconds);
cors.getCorsRules().add(corsRule);
blobServiceProperties.setCors(cors);
// Commit the CORS changes into the Service Properties
blobClient.uploadServiceProperties(blobServiceProperties);
/*
* Generate the SAS for the uploading url
*/
CloudBlobContainer container = blobClient.getContainerReference(containerName);
CloudBlockBlob blockBlob = container.getBlockBlobReference(blobFileName);
SharedAccessBlobPolicy sharedAccessBlobPolicy = new SharedAccessBlobPolicy();
GregorianCalendar calendar = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
calendar.setTime(new Date());
sharedAccessBlobPolicy.setSharedAccessStartTime(calendar.getTime());
calendar.add(Calendar.HOUR, 1);
sharedAccessBlobPolicy.setSharedAccessExpiryTime(calendar.getTime());
sharedAccessBlobPolicy.setPermissions(EnumSet.of(SharedAccessBlobPermissions.WRITE));
String sas = blockBlob.generateSharedAccessSignature(sharedAccessBlobPolicy, null);
System.out.println(sas);
String blobUploadSASURL = String.format("https://%s.blob.core.windows.net/%s/%s?%s", accountName, containerName, blobFileName, sas);
System.out.println(blobUploadSASURL);
}
private static final String accountName=“。感谢您的回复。用户将动态选择文件,所以我事先没有blobFileName。在这个场景中,我应该能够使用以下语法在“container”上生成SAS,对吗。。。。。。。。。。。字符串sas=