【问题标题】:How can I use tenant id, client id and client secret to connect to and manage directories and files in Azure Data Lake Storage Gen2?如何使用租户 ID、客户端 ID 和客户端密码连接和管理 Azure Data Lake Storage Gen2 中的目录和文件?
【发布时间】:2021-03-03 18:33:58
【问题描述】:

我想在 azure blob storage gen2 中上传文件。但问题是无法使用租户 ID、客户端 ID 和客户端密码进行连接。我指的是文档->https://docs.microsoft.com/en-us/azure/storage/blobs/data-lake-storage-directory-file-acl-java#upload-a-file-to-a-directory中给出的Java代码。

static public DataLakeServiceClient GetDataLakeServiceClient
    (String accountName, String clientId, String ClientSecret, String tenantID){

    String endpoint = "https://" + accountName + ".dfs.core.windows.net";
        
    ClientSecretCredential clientSecretCredential = new ClientSecretCredentialBuilder()
    .clientId(clientId)
    .clientSecret(ClientSecret)
    .tenantId(tenantID)
    .build();
           
    DataLakeServiceClientBuilder builder = new DataLakeServiceClientBuilder();
    return builder.credential(clientSecretCredential).endpoint(endpoint).buildClient();
 }

但在上述代码的最后一行出现端点错误。

来自邮递员:

URI http://localhost:8081/upload/
Request param : <file to be uploaded>

"error": "Internal Server Error",
"message": "java.lang.NoClassDefFoundError: com/azure/core/implementation/util/ImplUtils"

【问题讨论】:

  • 由于 SAS 令牌错误来自 DataLakeServiceClientBuilder::endpoint() 似乎有些问题,但不知道为什么!!!

标签: java azure spring-boot azure-storage


【解决方案1】:

如果要访问 Azure 数据湖 gen2 vai Azure AD 身份验证,我们需要为 sp 或用户分配一个特殊的 Azure RABC 角色(Storage Blob Data OwnerStorage Blob Data ContributorStorage Blob Data Reader)。更多详情请参考here

例如

  1. 创建服务主体并将 Storage Blob Data Contributor 分配给存储帐户级别的 sp
az login
az ad sp create-for-rbac -n "MyApp" --role 'Storage Blob Data Contributor' \
    --scopes /subscriptions/<subscription>/resourceGroups/<resource-group>/providers/Microsoft.Storage/storageAccounts/<storage-account>
  1. 代码(下载文件)
String clientId="<sp appId>";
        String ClientSecret="<sp password>";
        String tenantID="";
        ClientSecretCredential clientSecretCredential = new ClientSecretCredentialBuilder()
                .clientId(clientId)
                .clientSecret(ClientSecret)
                .tenantId(tenantID)
                .build();
        String accountName="";
        DataLakeServiceClient serviceClient  = new DataLakeServiceClientBuilder()
                 .credential(clientSecretCredential)
                 .endpoint("https://" + accountName + ".dfs.core.windows.net")
                .buildClient();

        DataLakeFileSystemClient fileSystemClient =serviceClient.getFileSystemClient("test");
        DataLakeFileClient fileClient = fileSystemClient.getFileClient("test.txt");
        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
        fileClient.read(outputStream);
        byte[] data =outputStream.toByteArray();
        System.out.println("The file content : "+new String(data));

【讨论】:

猜你喜欢
  • 2020-01-09
  • 2018-04-25
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 2017-10-18
  • 2018-06-05
  • 1970-01-01
  • 1970-01-01
相关资源
最近更新 更多