Jump to content
  • 1

Ant Media Server security setup


Roberto Santana
 Share

Question

  • Answers 10
  • Created
  • Last Reply

Top Posters For This Question

Top Posters For This Question

Posted Images

10 answers to this question

Recommended Posts

  • 1

Hi again @Yash

I've been reading the docs, and I think that Time-based-One-Time-Password-(TOTP) can be valid for my case.

I can create a stream subscriber (player) and then get the "subscriber-stats." Then with the "timestamps" of "connectionEvents" returned, I can calculate the time used by the payer to allow or deny access from my backend. 

I've been trying to test it from Postman, some of the operations work great, but others don't.

The first suspicious thing is that when I create the subscriber, the response is this:

{
    "success": true,
    "message": null,
    "dataId": null,
    "errorId": 0
}

"message" and "dataId" values should not be different from null?

Then I use the page https://totp.danhersam.com/ to generate the TOTP Token.

After that, I try to play the stream on my browser, but the docs example doesn't include the id of the stream, so the player alerts:

No stream specified. Please add ?id={STREAM_ID} to the url

I get this message if I include it, but the stream is live...

Stream will start playing automatically when it is live

Any idea of what could be happening?

Best regards

Link to comment
Share on other sites

  • 1

Hi @Roberto Santana,
Thanks for your feedback.

I have 2 comments:

1. Please make sure the token period is the same for Ant Media Server (settings.timeTokenPeriod=60 as default) and the site you generate token.

2. If you only need to restrict user for some time interval you also consider using JWT filter which lets you set an expiration time. Please check
https://github.com/ant-media/Ant-Media-Server/wiki/Stream-Security-Documentation#generate-jwt-token-with-expiration-time
 

Link to comment
Share on other sites

  • 0

Hi @Yash

In my system, there are a lot of time-checks for the users to watch the streams:

  1. I can control some days of the week/year for the users to avoid connecting.
  2. I can control the hours that the user can connect. For example, a user can connect to a stream only from 9 am to 10 am and 4 pm to 5 pm.
  3. And finally, the most complicated check is to control the time. For example, a user can connect only 10 minutes a day.

Points 1 and 2 are easy to implement. There is no problem with that.

In my current system, the streaming software checks against my backend every x seconds the time consumed by the user; I would like to implement something similar with Ant Media. Is that possible?

Please tell me if you understand.

Best regards

Link to comment
Share on other sites

  • 0

Thanks @Burak for your comments.

@Roberto Santana
1. We have updated the document, please check and let us know if any other step is missing.

2. settings.timeTokenPeriod=60, this property is by default 60 as my colleague Burak mentioned in server side but you can also change it if required by editing /usr/local/antmedia/webapps/app-name/WEB-INF/red5-web.properties file.

3. Regarding WebRTC playback in play.html, it is a known issue in latest version as you can check here but there is quick fix by the developer. To make it working you need to edit the play.html in /usr/local/antmedia/webapps/app-name/ folder and change the Line 621 like below 

webRTCAdaptor.play(streamId, token, "",[] ,subscriberId, subscriberCode);

Regards,
Yash

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share


×
×
  • Create New...