Brad Bansner
asked on
How to control access to files on an Amazon S3 host
I have a client with an Amazon S3 host (http://docs.aws.amazon.com/AmazonS3/latest/dev/Welcome.html) that contains a "bucket" with hundreds of PDF and other files.
They want a user to login against a database, and if successful have access to all the files in the bucket (one of the files in the bucket is a Table of Contents that links to all the other files).
I haven't worked with Amazon S3 before. If I were doing this on a regular Windows or Linux host, I would probably secure the directory somehow, write an ASP or PHP script to log the user in, then find some way to authenticate the user if they have an active session logged in.
I would like to do the login from an HTML page using a form, rather than having the user login as a system-level user on the server. I need to make it so trying to access URLs to the files in the bucket directly are not allowed (i.e., if the user would happen to know the filename of a file in the bucket, they couldn't just enter the URL and bypass the login).
I briefly looked at the Amazon S3 documentation related to Managing Access Permissions but got quickly confused. I don't know if this is beyond my capabilities or not. Would appreciate any advice on the best way to proceed.
Thank you!
They want a user to login against a database, and if successful have access to all the files in the bucket (one of the files in the bucket is a Table of Contents that links to all the other files).
I haven't worked with Amazon S3 before. If I were doing this on a regular Windows or Linux host, I would probably secure the directory somehow, write an ASP or PHP script to log the user in, then find some way to authenticate the user if they have an active session logged in.
I would like to do the login from an HTML page using a form, rather than having the user login as a system-level user on the server. I need to make it so trying to access URLs to the files in the bucket directly are not allowed (i.e., if the user would happen to know the filename of a file in the bucket, they couldn't just enter the URL and bypass the login).
I briefly looked at the Amazon S3 documentation related to Managing Access Permissions but got quickly confused. I don't know if this is beyond my capabilities or not. Would appreciate any advice on the best way to proceed.
Thank you!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
No problem, glad it got you on your way, good luck!
ASKER