Skip to main content
C
c_piper
Participant
January 9, 2007
Question

publishing stream security

  • January 9, 2007
  • 2 replies
  • 344 views
we use on2 flix live to publish live stream. but it seems that all users that have information about our server can publish stream to it. sure we dont want this.

how can we limit publishing only for some IPs? Does FMS have some security properties to restrict publishing?
    This topic has been closed for replies.

    2 replies

    A
    Anonymous
    January 12, 2007
    FMS gives users that are allowed in an application or an application-instance all rights to publish a live stream. Even if on2 flix had some way to pass arguments with it's connection to your server then your end-users still are able to connect to your FMS-app and start publishing their own streams.

    Afaik it is not possible to use normal server-sided scripting to disallow a user from publishing a stream. Only when users want to publish a stream that they want to record on your FMS they need to know where they are allowed to "upload" that stream. (You could define 'writeAccess' paths for clients). This doesn't help you any bit further however.

    The only way to secure your FMS is either by having your clients/endusers login to your FMS so you can check if they are valid users that want to view your stream or build a pretty complex watchdog management-application that checks all streams on the server and removes streams and unloads instances that aren't "yours". Have a look inside [flashmediaserver_mgmt_asd.pdf] (docs of FMS2) and function [getLiveStreams()] ; if you see any streams there you could disconnect them using [unloadApp()] and/or remember the IP of the illegale live-stream-publisher and ban him by saving his IP in a database.

    When you check that database for banned IP's next time he tries to connect to your FMS you could deny him access to your FMS. (execute a loadvars function in the onConnect event before you give users access using acceptConnection)

    Yes this is a complex workaround/solution for a simple problem.

    If other developers might have a different opinion about this I'd like to discuss that in this thread, maybe I've overlooked some options.
    C
    c_piperAuthor
    Participant
    January 12, 2007
    yes. this is problem what i try to understand and to resolve. i havent solutions for that situation either.
    it is strange for so big product not to have so simple security
    A
    Anonymous
    January 10, 2007
    You have to build a security mechanism yourself with server-sided code on your FMS. In short you want to check a login and/or password for connecting clients and do a lookup in a database to verify if they have the right to connect.

    FMS cannot access a database direct ; you have to call an external script (CFM, PHP, ASP, Perl, anything) using good old LoadVars or XML.load. This all happens on your server, in serversided actionscript. You can let your FMS connect to another webserver, or run a webserver on the same physical machine, that is up to you.

    C
    c_piperAuthor
    Participant
    January 11, 2007
    thank you for answer! but o2 flix live is proprietary program, so we cant change the way how it connects with FMS. so i think that we can only check IP.
    and i have another abstract problem. how can i restrict publishing but not restrict reading this stream? as i can understand fms do not distinguish sender and receiver of stream... may be i cant understand some basics?
    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices