Rails的实施为确保S3文件 [英] Rails implementation for securing S3 documents

问题描述

我想通过Rails应用程序，以保护我的S3文件后面，这样如果我去：

I would like to protect my s3 documents behind by rails app such that if I go to:

www.myapp.com/attachment/5应该显示/下载文件之前验证用户身份。

www.myapp.com/attachment/5 that should authenticate the user prior to displaying/downloading the document.

我已经阅读计算器类似的问题，但我不知道我看到什么好的结论。

I have read similar questions on stackoverflow but I'm not sure I've seen any good conclusions.

这是我看过有几件事情可以做，以保护你的S3文件。

From what I have read there are several things you can do to "protect" your S3 documents.

1）混淆的网址。我已经做到了这一点。我觉得这是一个很好的事情，所以没有人能猜的URL。例如，它会很容易地走的网址，如果你的S3的网址是显而易见的：<一href="https://s3.amazonaws.com/myapp.com/attachments/1/document.doc">https://s3.amazonaws.com/myapp.com/attachments/1/document.doc.具有一个URL，例如： <一href="https://s3.amazonaws.com/myapp.com/7ca/6ab/c9d/db2/727/f14/document.doc">https://s3.amazonaws.com/myapp.com/7ca/6ab/c9d/db2/727/f14/document.doc看起来好多了。 这是伟大的做，但不能解决通过电子邮件或网站，通过各地的URL的问题。

1) Obfuscate the URL. I have done this. I think this is a good thing to do so no one can guess the URL. For example it would be easy to "walk" the URL's if your S3 URLs are obvious: https://s3.amazonaws.com/myapp.com/attachments/1/document.doc. Having a URL such as: https://s3.amazonaws.com/myapp.com/7ca/6ab/c9d/db2/727/f14/document.doc seems much better. This is great to do but doesn't resolve the issue of passing around URLs via email or websites.

2）使用过期网址如下所示：<一href="http://stackoverflow.com/questions/3897837/rails-3-paper-clip-s3-howto-store-for-an-instance-and-protect-access">Rails 3，Paper_Clip + S3 - HOWTO商店的实例和保护访问 但对我来说这不是一个很好的解决方案，因为URL暴露（即使只是一个时间周期短）和其他用户或许可以及时快速地重新使用的URL。你必须调整时间，以允许下载而不进行复印提供太多的时间。这似乎只是错误的解决方案。

2) Use an expiring URL as shown here: Rails 3, Paper_Clip + S3 - Howto Store for an Instance and Protect Access For me, however this is not a great solution because the URL is exposed (even for just a short period of time) and another user could perhaps in time reuse the URL quickly. You have to adjust the time to allow for the download without providing too much time for copying. It just seems like the wrong solution.

3）代理服务器通过应用程序的文件下载。起初，我试图只使用由send_file：<一href="http://www.therailsway.com/2009/2/22/file-downloads-done-right">http://www.therailsway.com/2009/2/22/file-downloads-done-right但问题是，这些文件只能是你服务器上的静态/本地文件，并通过其他网站（S3 / AWS）没有送达。不过，我可以用SEND_DATA并加载文件到我的应用程序，并立即将文件服务给用户。这种解决方案的问题是显而易见的 - 两倍的带宽和两倍的时间（该文件加载到我的应用程序，然后返回给用户）

3) Proxy the document download via the app. At first I tried to just use send_file: http://www.therailsway.com/2009/2/22/file-downloads-done-right but the problem is that these files can only be static/local files on your server and not served via another site (S3/AWS). I can however use send_data and load the document into my app and immediately serve the document to the user. The problem with this solution is obvious - twice the bandwidth and twice the time (to load the document to my app and then back to the user).

我正在寻找一个解决方案，它提供了＃3的完整的安全，但不要求额外的带宽和时间装载。它看起来像的Basecamp是保护文件背后的应用程序（通过身份验证），我认为其他网站都在做类似的事情，但他们使用的是我的＃3解决方案，我不认为。

I'm looking for a solution that provides the full security of #3 but does not require the additional bandwidth and time for loading. It looks like Basecamp is "protecting" documents behind their app (via authentication) and I assume other sites are doing something similar but I don't think they are using my #3 solution.

建议将不胜AP preciated。

Suggestions would be greatly appreciated.

更新

我带着4解决方法：

4）使用亚马逊斗策略来控制访问基于引荐的文件： <一href="http://docs.amazonwebservices.com/AmazonS3/latest/dev/index.html?UsingBucketPolicies.html">http://docs.amazonwebservices.com/AmazonS3/latest/dev/index.html?UsingBucketPolicies.html

4) Use amazon bucket policies to control access to the files based on referrer: http://docs.amazonwebservices.com/AmazonS3/latest/dev/index.html?UsingBucketPolicies.html

再次更新：

好了＃4可以很容易地通过浏览器开发人员的工具，工作围绕。所以，我仍然在寻找一个固溶体。

Well #4 can easily be worked around via a browsers developer's tool. So I'm still in search of a solid solution.

推荐答案

我一直在试图做类似的相当长的一段时间了东西的过程。如果你不希望使用的带宽的两倍，那么唯一的方式，这是可能是允许S3中做到这一点。现在，我完全同意你关于暴露的URL。您是否能够拿出任何替代方案？

I have been in the process of trying to do something similar for quite sometime now. If you dont want to use the bandwidth twice, then the only way that this is possible is to allow S3 to do it. Now I am totally with you about the exposed URL. Were you able to come up with any alternative?

我发现的东西，可能在这方面非常有用 - 的http://docs.aws.amazon.com/AmazonS3/latest/dev/AuthUsingTempFederationTokenRuby.html

I found something that might be useful in this regard - http://docs.aws.amazon.com/AmazonS3/latest/dev/AuthUsingTempFederationTokenRuby.html

在中，一个AWS会话与他的IP作为AWS策略的一部分的用户登录应该创建，然后这可以被用来生成签名的网址。这样的情况下，其他人抓住该URL的签名将不匹配，因为该请求的来源将是一个不同的IP。让我知道，如果这是有道理的，是足够安全的。

Once a user logs in, an aws session with his IP as a part of the aws policy should be created and then this can be used to generate the signed urls. So in case, somebody else grabs the URL the signature will not match since the source of the request will be a different IP. Let me know if this makes sense and is secure enough.

这篇关于Rails的实施为确保S3文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！