How to share Azure Blob storage with external users using password protection
Sharing an ‘Azure Blob storage’ with external users may come as a need for business purposes. In this blog, we will discuss how to share a specific file or folder of the Azure Blob container to an external user and set Form based authentication with username and password using NirvaShare. The steps or process remains the same for both Azure Blob and Azure File Shares – storage types.
Azure access keys
Before you could begin to configure NirvaShare, it is essential to get the access keys.
- To generate access keys, select your storage account from your Azure Portal.
- Within the storage account, click on Access Keys tab as shown below.
- Make a note of the connection string, this is required while configuring storage in Admin Console of NirvaShare.
With the installation being ready and having connection string, the next step is to configure NirvaShare to point to your Azure Blob and share file/folder using a Form-based authentication.
Assuming, deployment was successful, please open the Admin Console URL -> http://(your ip):8080
Login to admin console with default credentials as admin/admin . It is advisable to change the password after your first login. To change the password, please refer to the documentation Change Password. You can also create more than one administrative user under Users & Roles tab. Make sure you give given full access to the new user, so to reset another admin user password. To reset forgotten password refer to Password Reset.
NOTE: Please note that the default in-built user store does not support password reset functionality for AdminConsole. For a proper production deployment, you can integrate with any of your identity stores such as keycloak, Active Directory, etc for better password management policy and SSO.
- After login into the application, click on Settings at the left menu tab.
- Click on edit File Storage, select a storage type as Azure Blob and provide your storage connection string.
- Save it.
- Go to the next section, edit User Application URL and provide the user application URL as http://(instance ip):8081, and save it.
Note – During production use, a proper domain with HTTPS is required here.
- Other settings such as email, audit, etc can be configured later and is optional for now. For more detail, refer to Settings