Edit com.jeroenwijering.player.Player.as
Change:
token:undefined,
To:
token:"YourSecretToken",
Then in Wowza, in the Properties at the bottom of your Application.xml, match the token:
<Properties>
<!-- Properties defined here will be added to the IApplication.getProperties() and IApplicationInstance.getProperties() collections -->
<Property>
<Name>secureTokenSharedSecret</Name>
<Value>YourSecretToken</Value>
</Property>
</Properties>
Richard
Take a look at StorageDir in the Application.xml. This is where Wowza is looking for the video:
<Streams>
<StreamType>default</StreamType>
<StorageDir>${com.wowza.wms.ConfigHome}/content</StorageDir>
</Streams>
Richard
If SecureToken module is set up on the Wowza app you are connecting to with JW player, you just have to match the tokens. The one in Application.xml and the “token” Flashvar in JW Player
It’s setup already in recent JW player versions. Modify the “token” Flashvar in com.jeroenwijering.player.Player.as, rather than in your html. Look for:
token:undefined,
change to
token:'yourSecretToken',
Richard
I think the instructions at the beginning of this post were written for a previous version of JW Player. All you should have to do is add your token to Player.as. That’s what I do anyway. You don’t have to modify RTMPModel.as for securetoken.
Richard
I downloaded version 4.5, and the instructions at the top of this thread still work, that’s how you should do it.
Richard
Download the MediaSecurity Addon Package here:
http://community.wowza.com/t/-/45
And look at:
package/client/securetoken.fla
package/client/fastplaysecure.fla
Richard
There is another layer you can add that should address this concern: Hotlink denial. This the server-side version;
https://www.wowza.com/forums/showthread.php?t=5239
And this is a client-side version:
if (ExternalInterface.available)
{
var loc:String = ExternalInterface.call("function(){return window.location.href;}");
trace("This player served from: " + loc); // you can do client-side hotlink denial here
}
Richard
I have not had a problem.
Richard
Yes, SecureToken will help prevent downloading of your content. And it will help prevent other players from playing your videos. It is important to use RTMPE protocol.
Hotlinking is another issue, where someone embeds your player on a page in another web site, is sometimes encouraged, but if you don’t want that, this is a solution for that.
https://www.wowza.com/forums/showthread.php?t=5239
Still, these are just measures of security.
Richard
There’s nothing in [wowza-install-dir]/examples ?
Richard
In JW Player 5 RTMPModel.as is now this:
com.longtailvideo.jwplayer.media.RTMPMediaProvider
The instructions will be the same, the line to edit is about line 229:
_connection.call(“secureTokenResponse”, null, TEA.decrypt(evt.info.secureToken, config.token));
Also, JW Player 5 is compiled with Flex.
Richard
I’ve did it with Flex Builder 3. Created a new Actionscript project, copied the JW Player source code to /src, then modified the class file as per #4 in your list:
package {
import com.longtailvideo.jwplayer.player.Player;
public class JW50rc1 extends Player
{
public function JW50rc1()
{
}
}
}
Richard
I will update the post, but that’s not the issue you are having really. You are not able to compile the new version, so new instructions for secure token won’t help. Work on getting the new environment working, then add SecureToken to the new RTMPMediaProvider file as in previous post.
Richard
Also, having Flex Builder makes it very easy:
Richard
Great instructions and I have implimented it with JW’s version 4.1.60 player so it does work just fine.
Just an aside, I’m not sure the version you used is the same as mine. I say that because the secureTokenResponse callback in the RTMPModel I have is located at line 178
I downloaded the source files from http://code.jeroenwijering.com/trac/browser/trunk/as3/com and I suspect yours may have come from the http://www.jeroenwijering.com/?item=JW_FLV_Media_Player page.
Both you and Jeroen have absolutely great products & support.
Regards - Jimb
Yes you can. I have it running here. You MIGHT also want to look at the Secure URL option. Others her may correct me but as I understand it that option insures that a request to access your sever stream is coming from a domain that you authorized. Coupled with secure token you have an extra layer of security.
Regards - Jimb
These issue are fixed in the 4.4.198 version currently available on the JW website. My temporary fix was for 4.4.189
Regards - Jimb
yeah the code in the RTMPModel.as is just different now.
On a side note, does this have any performance hit on the server? More importantly does rtmpe have major performance hits over rtmp?
Thanks for your time,