question

AkashKadia-9275 avatar image
0 Votes"
AkashKadia-9275 asked AkashKadia-9275 commented

How can I add Conditional CDN Authentication in Verizon CDN Rules ?

I have setup CDN auth for all Request on Azure Storage.
There are some public blob container for which I do not want to apply CDN auth but I want to use CDN url for them.

I have tried with match condition as following



135765-2021-09-28-10h54-31.png



as rules added below I want to apply CDN auth only for files from
xyz and xy-xyz folder.

 <match.url.url-path.wildcard result="match" value="*/xyz/* */xy-xyz/*" ignore-case="true" relative-to="root" encoded="true">
                 <feature.access.token-auth enabled="true"/>
             </match.url.url-path.wildcard>
             <match.always>
                 <feature.url.url-rewrite source="/xxxxxxxx/mycdn/(.*.\w+)" destination="/xxxxxxxx/mycdn/$1&SASToken"/>
                 <feature.headers.modify-client-response-header action="append" name="Content-Disposition" value="inline"/>
             </match.always>



but when I try to get file from other folders without authtoken
Ex.

https://staging.wpc.xxxxxx.alphacdn.net/XXXXXX/mycdn/abc-xy/public_container_file.mp4


it returns 404

Error>
<Code>BlobNotFound</Code>
<Message>The specified blob does not exist. RequestId:5fd1e0d9-701e-009a-5928-b43658000000 Time:2021-09-28T05:22:49.0857827Z</Message>
</Error>

but when I try with cdn token

https://staging.wpc.xxxxxx.alphacdn.net/XXXXXX/mycdn/abc-xy/public_container_file.mp4?CDNAuth

it works

I want only private container xyz and xy-xyz should be validated for CDNAuth not others

mycdn/abc-xy is public container and do not required SAS token so I want it to access without CDN auth token




azure-cdn
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

suvasara-MSFT avatar image
0 Votes"
suvasara-MSFT answered AkashKadia-9275 commented

@AkashKadia-9275, Apologies for the delay in response. Like Azure-CDN you cannot add specific rules to each endpoint. The rule is applied on the top of all endpoints. But I see your requirement should be achievable by just toggling yes/no option on token auth with independent conditional expressions. Could you please verify this from your side?

137811-image.png



Note: A successful match will prevent further processing within the current "select first match" section. However, this will not prevent the request from being processed by match conditions defined outside of this section.

Please do let us know if this doesn't work in your case for further troubleshooting.


image.png (95.9 KiB)
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Sure I will try this and let you know if worked or not

Thanks

0 Votes 0 ·

Hi,

I have applied rule like following

138082-rule-4.png

I want to apply cdn auth only for path containing /abc/
not for /xyz/

but if i try with https://mycdn.net/xyz/myfile.mp4 it give me following error

<Error>
<Code>BlobNotFound</Code>
<Message>The specified blob does not exist. RequestId:a5218f40-201e-004e-7d83-ba7f78000000 Time:2021-10-06T07:28:17.7584031Z</Message>
</Error>

with token it works.

not sure what to specify for file containing path based authentication

can you suggest anything



0 Votes 0 ·
rule-4.png (67.9 KiB)