Azure CDN Token with Verizon Premium

I have configured a token and following are the settings at the Verizon Premium token config for the token generation.

My CDN is pointing to static files on storage account. But apart from home page rest all pages are giving 403 error. I have '/' on the ec_url_allow. I am unable to solve this problem any idea?

enter image description here

1

1 Answer

• You are getting this 403 error for all the other pages other than the home page because though ‘/’ is allowed in the ‘ec_url_allow’ section in the token configuration section, you will have to define the correct paths in the rule’s engine, enable the token authentication feature and enable the additional token authentication related capabilities.

For the above purpose, you will have to create a rule set to define the asset or path for which you want to apply token authentication with the condition ‘if the URL Path Directory Matches value equals to <directory path>, then the token authentication will take place and be enabled’. To do the same as discussed above, kindly follow the below documentation: -

• Also, you will need to ensure that the value given in the ‘ec_url_allow’ is a comma-separated list of page URLs that will be allowed access with the given token. This field can be used to restrict token auth strings to individual files, preventing a token auth string from being reused with a different file inside the same directory. The requested URL will first have any leading "protocol://hostname.com" stripped. The resulting URL will then be tested against each item in the "ec_url_allow" list. If any "ec_url_allow" item matches the URL, or matches the initial characters of the URL, then access is allowed. If the URL does not match any of the "ec_url_allow" items, then access is denied. Thus, the allowed ‘ec_url_allow’ list should be as follows: -

 ALLOWED: ALLOWED: ALLOWED: ALLOWED: ’ 

As a result, the ‘custom name’ option defined in the ‘Name’ option only contains valid URL characters that defines the name of the query string parameter where Token-Based Authentication will expect a token value. Hence, as per in the example below, the custom name should be specified post enabling the token authentication parameter: -

 

Thus, you should enable the rule and configure it accordingly to allow the custom path name in it to be able to access the files inherent in that path and avoid the ‘403’ error.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like