我想使用亚马逊S3 / CloudFront的保存的Flash文件。这些文件必须是私有的，因为他们将通过成员访问。这将通过保存每个文件使用MySQL数据库链接到亚马逊来完成。我的问题是这样的...谁有权访问大量的Flash文件和内容，可以简单地找出URL，然后使用地址栏浏览到它，并与其他成员分享这方面的一个高级别成员。由于他们是使用HTTP协议双方，这是否意味着我不能prevent呢？

I want to use Amazon S3/CloudFront to store flash files. These files must be private as they will be accessed by members. This will be done by storing each file with a link to Amazon using a mysql database. My problem is this... A high level member who has access to lots of flash files and content can simply find out the URL and then browse to it using the address bar, and share this with other members. As they are both using the http protocol, does this mean I can't prevent this?

我想过htaccess，但作为亚马逊自己的服务器我不知道。我看着访问控制文件，但它是一个有点不清楚。

I thought about htaccess but as its Amazon's own server I'm not sure. I looked at the Access Control documentation but it was a bit unclear.

此外，而我在这里没有人知道从显示在Firefox的工具>页面信息>媒体停止了对闪存介质工作方法？我看到这里后约一个虚拟的装载机，但他们没有工作的人士指出，因为你可以下载和更改文件扩展名。有网站在那里，做到这一点，但我wan't，以避免昂贵的软件许可等。

Also while im here does anyone know a working method for stopping the flash media from showing up in the firefox Tools > Page Info > Media? I saw a post on here about a dummy loader but they don't work as pointed out because you can just download and change the file extension. There are sites out there that do it but I wan't to avoid expensive software licences etc.

抱歉，多数民众赞成这样冗长的:) 非常感谢！

Sorry thats so lengthy :) Big thanks!

推荐答案

您可以维护ACL中最终并就S3私人所有文件。检查是否有特定的部件能够得到某种​​文件，如果是，则产生用于该特定文件的标识的URL（可以设置链路的期满时间），在应用端和给用户。

You can maintain ACL at your end and make every file on S3 private. Check if a particular member has access to some file, if yes then generate the signed URL for that particular file(you can set the expiry time of the link) at application end and give to user.