[ckan-dev] Restricting Access to Private Resources on CKAN

Sajan Ravindran sajanravindran at gmail.com
Thu Jan 30 14:47:13 UTC 2014


Thank you Nigel. Was not aware of this. I will try out the solution
suggested by Steve, otherwise will wait for the release next week and make
the corresponding changes for storage,


On Thu, Jan 30, 2014 at 1:36 AM, Nigel Babu <nigel.babu at okfn.org> wrote:

> We are aware of this problem and this is why the filestore was changed in
> 2.2 (to be released next week). The new filestore checks if the user
> accessing a file is logged in and if they have access. However, it doesn't
> support S3 or Google Cloud anymore because of the implementation change.
>
> Nigel Babu
>
> Developer  |  @nigelbabu <https://twitter.com/nigelbabu>
>
> The Open Knowledge Foundation <http://okfn.org/>
>
> Empowering through Open Knowledge
>
> http://okfn.org/  |  @okfn <http://twitter.com/OKFN>  |  OKF on Facebook<https://www.facebook.com/OKFNetwork> |
> Blog <http://blog.okfn.org/>  |  Newsletter<http://okfn.org/about/newsletter>
>
>  CKAN | http://ckan.org/ | @CKANproject <http://twitter.com/CKANproject> |the world's leading open-source data portal platform
>
>
> On 29 January 2014 23:00, Sajan Ravindran <sajanravindran at gmail.com>wrote:
>
>> Hi,
>>
>> We have currently a setup of CKAN ( 2.1 ) on EC2 and have the filestore
>> installed on S3. Currently, the data which we have is a combination of
>> public and private ( as it needs to be verified ).  We are running into an
>> issue with the private resources.
>>
>> Though access to the private resources is restricted via CKAN, once
>> someone gets access to the S3 url of CKAN's filestore, the resource gets
>> easily downloaded. We are especially concerned about this as this data is
>> unverified. Is there any way by which downloading resources via this URL
>> can be restricted without affected CKAN's functionality?
>>
>> Any help would be greatly appreciated.
>>
>> Thanks,
>> Sajan
>>
>> _______________________________________________
>> ckan-dev mailing list
>> ckan-dev at lists.okfn.org
>> https://lists.okfn.org/mailman/listinfo/ckan-dev
>> Unsubscribe: https://lists.okfn.org/mailman/options/ckan-dev
>>
>>
>
> _______________________________________________
> ckan-dev mailing list
> ckan-dev at lists.okfn.org
> https://lists.okfn.org/mailman/listinfo/ckan-dev
> Unsubscribe: https://lists.okfn.org/mailman/options/ckan-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/ckan-dev/attachments/20140130/f0dd1a31/attachment-0003.html>


More information about the ckan-dev mailing list