【Azure Blob】关闭Blob 匿名访问,iOS Objective-C SDK连接Storage Account报错
问题描述
iOS Objective-C 应用,连接Azure Storage Account, 根据官网Example代码,在没有关闭Storage Account的匿名访问时,程序正常运行。
但是,只要关闭了匿名访问,上传blob到Container中,就会报错:Public access is not permitted on this storage account
问题解答
查看示例代码:
-(void)createContainerWithPublicAccess{ NSError *accountCreationError; // Create a storage account object from a connection string. AZSCloudStorageAccount *account = [AZSCloudStorageAccount accountFromConnectionString:@"DefaultEndpointsProtocol=https;AccountName=your_account_name_here;AccountKey=your_account_key_here" error:&accountCreationError]; if(accountCreationError){ NSLog(@"Error in creating account."); } // Create a blob service client object. AZSCloudBlobClient *blobClient = [account getBlobClient]; // Create a local container object. AZSCloudBlobContainer *blobContainer = [blobClient containerReferenceFromName:@"containerpublic"]; // Create container in your Storage account if the container doesn't already exist [blobContainer createContainerIfNotExistsWithAccessType:AZSContainerPublicAccessTypeContainer requestOptions:nil operationContext:nil completionHandler:^(NSError *error, BOOL exists){ if (error){ NSLog(@"Error in creating container."); } }]; }
关键就是 blobContainer createContainerIfNotExistsWithAccessType:AZSContainerPublicAccessTypeContainer 这一句代码。因为示例代码中使用的是Public Access方式create container,虽然连接字符串中由Account Key,但是代码中使用的是Public Access。所以当关闭Public Access后,程序就会报错。
把 AZSContainerPublicAccessTypeContainer 修改为 AZSContainerPublicAccessTypeOff 就可以了。
NOTES:
- No public read access: The container and its blobs can be accessed only with an authorized request. This option is the default for all new containers.
- Public read access for container and its blobs: Container and blob data can be read by anonymous request, except for container permission settings and container metadata. Clients can enumerate blobs within the container by anonymous request, but cannot enumerate containers within the storage account.
- Public read access for blobs only: Blobs within the container can be read by anonymous request, but container data is not available anonymously. Anonymous clients cannot enumerate the blobs within the container.
参考资料
设置Storage Account Container容器权限 : https://learn.microsoft.com/zh-cn/previous-versions/azure/storage/blobs/storage-ios-how-to-use-blob-storage#set-container-permissions
[END]
当在复杂的环境中面临问题,格物之道需:浊而静之徐清,安以动之徐生。 云中,恰是如此!
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· DeepSeek 开源周回顾「GitHub 热点速览」
· 物流快递公司核心技术能力-地址解析分单基础技术分享
· .NET 10首个预览版发布:重大改进与新特性概览!
· AI与.NET技术实操系列(二):开始使用ML.NET
· 单线程的Redis速度为什么快?
2023-07-05 【Azure App Service for Windows】 PHP应用出现500 : The page cannot be displayed because an internal server error has occurred. 错误
2022-07-05 【Azure 环境】 介绍两种常规的方法来监视Window系统的CPU高时的进程信息: Performance Monitor 和 Powershell Get-Counter