Hi You may not want to use the BlobStore if any form of access control is required. Whilst the url's of the entities in the Blobstore are not guessable, once someone has the url you have no way of preventing them or someone else getting the entity in the future as there is no form of permission/restriction on accessing the resource.
The only way of restricting access once someone has the url is by deleting the entity from the BlobStore. Maybe in the future some sort of access control like S3 has might be introduced. Rgds Tim -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
