如何在StorageCredentials for Azure表存储上使用SAS？

Question

我对给定表创建一个SAS，使用.NET API：

 var tablePolicy = new SharedAccessTablePolicy() 
     { 
      SharedAccessExpiryTime = DateTime.Now.Add(TimeSpan.FromHours(2)), 
      Permissions = SharedAccessTablePermissions.Query 
     }; 
     var permissions = new TablePermissions(); 

     permissions.SharedAccessPolicies.Add("myPolicy", tablePolicy); 

     var credentials = new StorageCredentials(
      "#my account here#", 
      "#my account secondary key here#"); 
     var tableClient = new CloudTableClient(
      new Uri("https://#my account here#.table.core.windows.net/"), 
      credentials); 
     var logTable = tableClient.GetTableReference("WADLogsTable"); 

     logTable.SetPermissions(permissions); 

     var sas = logTable.GetSharedAccessSignature(tablePolicy, "myPolicy", null, null, null, null); 

然后我抓住这一最后“SAS的变量，并用它来创建证书并执行一个查询：

 var credentials = new StorageCredentials(sas); 
     var tableClient = new CloudTableClient(
      new Uri("#my account URI here#"), 
      credentials); 
     var logTable = tableClient.GetTableReference("WADLogsTable"); 
     var rows = logTable.ExecuteQuery(new TableQuery()).ToArray(); 

然后我收到一个403（禁止）的错误。

我做错了什么？

Answer 1

我相信你会得到这个错误，因为你在创建SAS时同时定义了SharedAccessTablePolicy和Policy Name。所以，如果您使用以下的应工作：

var sas = logTable.GetSharedAccessSignature(tablePolicy, null, null, null, null, null); 

或

var sas = logTable.GetSharedAccessSignature(null, "myPolicy", null, null, null, null);