stackoom
  简体   繁体   中英

Download file redirecting from Amazon S3 to Client

 原文  2016-11-21 09:18:10       amazon-web-services/ amazon-s3/ http-headers/ aws-sdk

Question

I'm very novice with Amazon S3 and I would like to build a solution that maybe not exist.

I have to build a web application (Java or PHP Backend) where the user logins and downloads files. The web server (Tomcat or Apache) validates the user and allows the download from Amazon S3. When I've worked with a CMS the files were small and there were few requests. So, the flow was: 

Client (User) > Server (user validation) > CMS (get file) > Server > Client (User)

Now, the files are bigger and I would like to get the next flow: 

Client (User) > Server (user validation) > Amazon S3 > Client (User)

My goal is to improve the performance of my server and avoid the excess traffic of files when the user gets one. Is it possible?

My first approach (not implemet yet!) is a sendredirect from my server to Amazon S3:

User requests /file1 => Server "translates" /file1 to /company.s3.amazon/mybucket/file1.pdf and does the sendredirect to Amazon S3 link.

With this approach I think I can't validate IAM user (I don't use any API) but I also think I can protect the content with a Bucket Policy filtering by server IP address .

Thanks.

1 answers

solution1
 1 ACCPTED  2016-11-21 10:01:46

I would recommend using a Pre-Signed URL , which is a way of providing temporary access to private objects that are stored in Amazon S3.

The pre-signed URL consists of:

  • The file URL
  • An Access Key associated with a user that has permissions to GET the file
  • An expiration timestamp
  • A hashed signature based on the authorised user's Secret Key (which is matched with their Access Key)

The pre-signed URL can be generated from a few lines of code and is only evaluated when the GET request is sent to Amazon S3.

When your application (on the server) determines that the user is entitled to access the file , it can generate the pre-signed URL and return it as part of a web page (eg in a hyperlink). When the user clicks the link, the file will be served directly out of S3 . After the expiry period, the URL will no longer provide access to the file.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Amazon S3 download a file at client location Unable to download file from Amazon S3 How do I download a file from a signed URL from Amazon S3 to a client machine using PHP? Force download from amazon s3 private file in laravel Download file from Amazon S3 using REST API Download and save file from Amazon S3 with Unity C# Javascript to download a file from amazon s3 bucket? script to download file from Amazon S3 bucket Amazon boto3 download file from S3 to tempfile Download file from Amazon S3 with lumen/php
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM