MediaSecurity AddOn Package (SecureToken, RTMP & RTSP Authentication and more)

Wowza Developer Dojo
81

Thanks for your reply :slight_smile:

Unfortunately the suggested connection string is not working as well (same error as before). I also tried:

/auth/_definst_/first?doPublish=54321&doConnect=12345

but with the same result.

The doConnect property is in use because i dont want others (some funny guy on the web or so) to connect with it. I`m not sure, but i could imagine that the “real publisher” can’t connect if a “fake publisher” is connecting with the application. Can you verify this?

The missing left angle brackets were missing due to an user error (read: sloppy copy/paste) :wink:

82

Next, i took out the doConnect property;

And even then i got the same error. I`m starting to wonder if this is going to work with ffmpeg?

83

I did restart Wowza, but i think the log is a little different than before.

2010-08-17      15:20:11        CEST    connect-pending session INFO    100     wowzaip    -       _defaultVHost_  auth    _definst_       0.03    [any]1935     rtmp://wowzaip:1935/auth  wowzaip    rtmp    -       FMLE/3.0 (compatible; Lavf52.78.0)      1471110005      3235    3073    -    --       -       -       -       -       -       -       -       -       -       -       rtmp://wowzaip:1935/auth  -
2010-08-17      15:20:11        CEST    connect session INFO    200     wowzaip    -       _defaultVHost_  auth    _definst_       0.031   [any]   1935 rtmp://wowzaip:1935/auth   wowzaip    rtmp    -       FMLE/3.0 (compatible; Lavf52.78.0)      1471110005      3235    3073    -       -    --       -       -       -       -       -       -       -       -       -       rtmp://wowzaip:1935/auth  -
2010-08-17      15:20:11        CEST    comment server  INFO    200     -       SecureURLParams.releaseStream: rejected -       -       -       32.321  -    --       -       -       -       -       -       -       -       -       -       -       -       -       -       -       -       -       -       -       -    --       -
2010-08-17      15:20:11        CEST    create  stream  INFO    200     -       -       _defaultVHost_  auth    _definst_       0.0010  [any]   1935    rtmp://wowzaip:1935/auth        wowzaip    rtmp    -       FMLE/3.0 (compatible; Lavf52.78.0)      1471110005      3396    3411    1       0    00       -       -       -       -       -       -       rtmp://wowzaip:1935/auth  rtmp://wowzaip:1935/auth  -       rtmp://wowzaip:1935/auth        -
2010-08-17      15:20:11        CEST    destroy stream  INFO    200     -       -       _defaultVHost_  auth    _definst_       0.016   [any]   1935    rtmp://wowzaip:1935/auth        wowzaip    rtmp    -       FMLE/3.0 (compatible; Lavf52.78.0)      1471110005      3396    3452    1       0    00       -       -       -       -       -       -       rtmp://wowzaip:1935/auth  rtmp://wowzaip:1935/auth  -       rtmp://wowzaip:1935/auth        -
2010-08-17      15:20:11        CEST    disconnect      session INFO    200     1471110005      -       _defaultVHost_  auth    _definst_       0.091   [any]1935     rtmp://wowzaip:1935/auth  wowzaip    rtmp    -       FMLE/3.0 (compatible; Lavf52.78.0)      1471110005      3396    3452    -    --       -       -       -       -       -       -       -       -       -       -       rtmp://wowzaip:1935/auth  -

Notice the “releaseStream” part. What does it mean?

84

Try removing ModuleSecureURLParams, restart Wowza, and see if it works without security.

Richard

It works without ModuleSecureURLParams, that was the first step :wink: :slight_smile:

And if i build a new application and test it with FFMPEG, just to be sure, then it also works fine :slight_smile:

85

rrlanham;

I still can’t connect using:

ffmpeg -i /dev/video0 [non-important params] rtmp://wowzaip:1935/auth/first?doPublish=54321&doConnect=12345

Is there a way to give the authenticate for publishing first, and then giving the ffmpeg commandline in a shell script? (linux)

Im trying to stream with ffmpeg in linux, with the use of the "doPublish" and "doConnect" tokens, but i can't get the part with the tokens to work. So im searching for another way to get this working.

86

hey, I am using the actionscripts to do the videorecording and try to connect to wowza server, the requireSecureConnection is enabled in server. There is no any problem to connect by flash media encoder, which just asks input username and password. But when I try to use my own action script to connect, then error is occurred, The error message on server is below:

################################

INFO server comment - ModuleRTMPAuthenticate.onConnect: rejectConnection: clientId:652675388

INFO session connect xx.xx.xx.xx -

INFO session disconnect 652675388 -

#####################################

The error msg from client is:

####################################

Connection failed: Application rejected connection.

####################################

I have tried every method, added the username and password in nc.connect(url, username, password). but it still doesn’t work. can anyone help me sort it out? Thanks.

I am using flex builder 3 to compile the action scripts

87

My first post, so Hello and thank you for great job!

Where I can find source of mediasecurity? I need make some modifacation in RTMP authentication module.

First I need to take username and password from Mysql, not from text file.

Second, I want to compare username with stream name, to check that user is authenticated to publish with this stream name.

Sorry for my english.

88

Is there a way to do authentication based on the streamname for example something like this

rtmpEncoderAuthenticateFile

${com.wowza.wms.context.VHostConfigHome}/conf/${com.wowza.wms.context.Application}/${com.wowza.wms.context.StreamName}.password

(obviously “com.wowza.wms.context.StreamName” doesn’t work)

Kingsley

89

thanks, ill check them out and try to work on something from there.

90

Hi i installed the package but now fmle cannot connect to wowza app. securestreaming is disconnecting it. is there a way to set it for playback only and not for publish?

91

well i was hoping to secure connection for flash player to server communication with secure token and secure streaming using rtmpe on live stream but flash encoder 3 cannot connect using rtmpe and using rtmp the server drops its connection. is there a way to use rtmpe and secure token for flash player only and not have that requirement for the encoder. my apologies for not being clear the first time. RTMPauth is working fine so don’t need to remove it. just wondering if there is a way for flash encoder live 3 to connect while using secure streaming module

92

i installed ModuleRequireSecureConnection

ModuleRequireSecureConnection

ModuleRequireSecureConnection

com.wowza.wms.plugin.security.ModuleRequireSecureConnection

From what i read in the guide this will allow me to use rtmpe in jw flash player. The problem is when i try to stream live to wowza using FMS i enter rtmp url but i cant stream. the module require secure connection will disconnect fms. i was wonder if there is anyway to have ModuleRequireSecureConnection allow FME to stream to server

93

Thanks for taking the time to help me :slight_smile:

94

The new file works now i just need to figure out how to send secure token via FMS. ModuleSecureToken is disconnecting me now all the posts refer to configuring secureurlparms but i didnt see that in the guide so i’m guess its old news. Can someone please let me know how to connect to wowza using FME with a secure token. Thank you

95

Thanks everything is working now :slight_smile:

96

A jar file might have any number of Classes inside, the name is not going to indicate what those are.

You don’t need ModuleSecureToken because you already have the ModuleRTMPAuthentication, which includes SecureToken.

Refer to the ModuleRTMPAuthentication section of Security Addon guide.

Richard

Where is the “Security Addon guide”. I need more details about the security components and their implementation.

97

Hi,

Is it possible to use different authentication methods for play and publish?

SecureToken functionality is already implemented in our flash player, but i cannot use RTMPAuthentication module with Digital Rapids 3.2.0 (and cant use DR 3.3.0 because of existing bug in this version).

I currently use SecureURLParams module which is a part of MediaSecurity AddOn but in this case i dont have play method security.

For the moment it will be ok to use SecureURLParams for publish and SecureToken for play, but Wowza rejects Digital Rapids on connection attempt.

I tried to set to “none” but nothing changes.

98

You didn’t understand me :slight_smile:

I had to downgrade Digital Rapids from 3.3.0 to 3.2.0 because of bug which is not related to broadcasting to Wowza.

Additional there is something wrong with FCPublish between Digital Rapids and Wowza (i dont know what software causes this) - each encode session takes exactly 18 seconds from connect to publish.

So for i just want to use different auth methods for play and publish.

Is it possible ?

99

The problem is when i use SecureToken with client, publisher (Digital Rapids) cant connect using SecureURLParams.

So i’m asking is there a way to disable RTMPAuthenticate/SecureToken for publisher but enable SecureURLParams ?

100

Thanx, it works.