Imagine the following use case:
You have a basecamp style application hosting files with S3. Accounts all have their own files, but stored on S3.
How, therefore, would a developer go about securing files so users of account 1, couldn't somehow get to files of account 2?
We're talking Rails if that's a help.
-
If you want to restrict control of those remote resources you could proxy the files through your app. For something like S3 this may defeat the purpose of what you are trying to do, but it would still allow you to keep the data with amazon and restrict access.
You should be careful with an approach like this as it could cause your ruby thread to block while it is proxying the file, which could become a real problem with the application.
Jacek Konieczny : It doesn't have to be proxied directly by the RoR. The HTTP server below may be configured to do the proxying and RoR would only provide some kind of security credentials (probably a cookie value to test). This setup may be quite complicated, depends on the HTTP server used, requires access to server configuration and may require extra helpers (like FastCGI authenticator app or some authentication hook). Though, the performance gain may be worth it in some cases.Neil Middleton : I wonder if a simple proxy -> server side redirect would provide enough to stop the vast majority of idle surfers rather than going the whole hog... -
Serve the files using an EC2 Instance
If you set your S3 bucket to private, then start up an EC2 instance, you could serve your files on S3 via EC2, using the EC2 instance to verify permissions based on your application's rules. Because there is no charge for EC2 to transfer to/from S3 (within the same region), you don't have to double up your bandwidth consumption costs at Amazon.
Neil Middleton : I'm not really wanting to have a bucket per account as I think this won't scale particularly well...John Douthat : you can still keep all your objects in one S3 bucket. -
I haven't tackled this exact issue. But that doesn't stop me from having an opinion :)
Check out cancan:
It allows custom authorization schemes, without too much hassle.
0 comments:
Post a Comment