When working with Shared Access Signatures of Table Storage, there is a property SharedAccessExpiryTime.
Sometimes I do not want to use original access keys and want to use Share Access Signature instead. But, the question is what is the maximal allowed value of SharedAccessExpiryTime?
Right now, maximal value which can be used in years is 1000 years.
| // Create the CloudTable object that represents the "people" table.
CloudTable table = tableClient.GetTableReference(cTableName);
// creating a shared access policy that expires in 30 minutes.
// No start time is specified, which means that the token is valid immediately.
// The policy specifies full permissions.
SharedAccessTablePolicy policy = new SharedAccessTablePolicy()
{
SharedAccessExpiryTime = DateTime.UtcNow.AddYears(1000),
Permissions = SharedAccessTablePermissions.Query
};
// Generate the SAS token. No access policy identifier is used which
// makes it a non-revocable token
// limiting the table SAS access to only the request customer's id
string sasToken = table.GetSharedAccessSignature(
policy /* access policy */,
null /* access policy identifier */,
null /* start partition key */,
null /* start row key */,
null/* end partition key */,
null /* end row key */);
return sasToken; |
Remarks:
Be careful when using long living tokens, because their revocation is not easy!
Posted
Sep 24 2013, 10:14 AM
by
Damir Dobric