Authentication method B - Domain Management| Alibaba Cloud Documentation Center

Authentication method B

Edit in Github

Last Updated: Jul 14, 2019 Edit in Github

Principles

Formats of the encrypted URL for user access

* The user access URL is as follows:

http://DomainName/timestamp/md5hash/FileName

Encrypted URL structure: domain name/URL generation time (accurate to minutes) (timestamp)/md5 value (md5hash)/real path of the source server (FileName). The URL validity period is 1,800 s.

When the request passes the authentication, the back-to-source URL is as follows.

http://DomainName/FileName

Authentication fields

Note: PrivateKey is set by CDN clients.
* Validity period of 1,800 seconds: The user fails the authentication if attempting to access the client source server 1,800 seconds (specified in the Timestamp field) later than the preset access time. For example, if the preset access time is 15:00:00 on August 15, 2020, the link expires at 15:30:00 on the same day.


Field	Description
DomainName	CDN client domain name.
timestamp	Resource failure time, as part of the URL and as a factor in the calculation of `md5hash` , is formatted: `YYYYMMDDHHMM` , effective time 1800 s
md5hash	//md5hash: The "timestamp", "FileName", and preset "PrivateKey" are used in the MD5 algorithm to get this string, i.e., (`PrivateKey` + `timestamp` + `FileName`)"
FileName	The actual URL of the origin access. Note that FileName must start with a slash (/) in authentication.

Example

Back-to-source request object.

http://cdn.example.com/4/44/44c0909bcfc20a01afaf256ca99a8b8b.mp3

The key is set to aliyuncdnexp1234 (user-defined).
The time for the user to access the client source server is 201508150800 (format: YYYYMMDDHHMM).
The CDN server constructs a signature string used to calculate the "md5hash":
```
aliyuncdnexp1234201508150800/4/44/44c0909bcfc20a01afaf256ca99a8b8b.mp3
```

The CDN server calculates the "md5hash" according to the signature string:

md5hash = md5sum("aliyuncdnexp1234201508150800/4/44/44c0909bcfc20a01afaf256ca99a8b8b.mp3") = 9044548ef1527deadafa49a890a377f0

The URL to request CDN:
```
http://cdn.example.com/201508150800/9044548ef1527deadafa49a890a377f0/4/44/44c0909bcfc20a01afaf256ca99a8b8b.mp3
```
The calculated "md5hash" is the same as the "md5hash = 9044548ef1527deadafa49a890a377f0" value in the user request, so the request passes authentication