How to Share Files and Manage Access to Oracle Cloud Storage

Oracle Cloud Object Storage is an internet-scale, high-performance storage platform that offers reliable and cost-efficient data durability. The Object Storage service can store an unlimited amount of unstructured data of any content type. In this document, we will discuss how to install NirvaShare and manage access by sharing files/folders from Oracle object storage with external users using a simple form-based authentication. NirvaShare can be installed in any operating system and has advanced features to integrate with external identity providers, but in this tutorial, we shall consider Linux Ubuntu operating system with a simple form-based authentication while sharing files from object storage. You can create a virtual machine in the cloud platform or on-premise.

As a prerequisite, make sure you have access to your Oracle cloud and Storage account with admin rights.

Installation

Login to your Oracle cloud platform and create a virtual machine or alternatively, you can use on-premise machine as well. User the operating system with Linux Ubuntu 20.04 and refer to below documentation on how to install NirvaShare on a Ubuntu box.

Storage Credentials

To configure NirvaShare to manage access on Oracle object storage, you will require Application API keys from your Oracle account . To create application keys, follow the steps below.

  • Login to  account Oracle Cloud console
  • From the left menu list, click on Identity and then on Users 
  • Click on a existing user and go to Resources. In case if you want to have a separate user for API access, please create a new user. Make sure the user have the admin privilege to manage object storage.
  • From the bottom right corner, click on Customer Secret Keys > Generate Secret Key 
user-list1-create-key-button
  • To Generate Secret key provide a Name  and click on Generate Secret Key
  • Copy the generated Secret key and keep it safe (it will be not shown again).
  • Copy the Access key by clicking on to the access key link in the list
Generated-access-key

*Important: Please note down these keys, it will be required during the configuration.

  • You need the Namespace which is mentioned in the bucket information  tab and OCI region is also required which you can find in your dashboard URL  
namespace
cloud-location

Configuration

With the installation being ready and having both access and secret keys, the next step is to configure NirvaShare to point to your Oracle storage and then share file/folder using a Form-based authentication.

Assuming, deployment was successful after installation steps being followed, please open the Admin Console URL  -> http://(your ip):8080

Login to admin console with default credentials as admin/admin . It is advisable to change the password after your first login. To change the password, please refer to the documentation Change Password. You can also create more than one admin user under Users & Roles -> Admin Users tab and make sure to give full access to the user. To reset another admin user password refer to Password Reset.

NOTE: Please note that the default in-built user store does not support password reset functionality for AdminConsole. For a proper production deployment, you can integrate with any of your identity stores such as keycloak, Active Directory, etc for better password management policy.

  • After login into the application, click on Settings at the left menu tab.
  • Click on edit File Storage, select a storage type as Oracle  and provide your storage Access Key and Secret Key along with  Storage Region and Namespace 
  • Save it.
  • Go to the next section, edit User Application URL and provide the user application URL as http://(you ip):8081, and save it.
    Note – During production use, a proper domain with HTTPS is required here.
  • Other settings such as email, audit, etc can be configured later and is optional for now. For more detail, refer to Settings

File Sharing using a Form based Authentication

To Share a folder with form based Authentication, please refer to Setup Form based Authentication.

Leave a Comment

Your email address will not be published. Required fields are marked *