I just tried your exact code against the 4.1 source code (I did download the 4.1 zip archive at http://code.jeroenwijering.com/trac/browser/tags) and it worked perfectly. No errors. Not sure what is wrong.
Charlie
You will need to download and install Wowza Pro locally to get all the examples. You can get the most recent security package here:
http://www.wowza.com/community/t/-/45
Charlie
Which player is that?
Charlie
I just download the most recent Replay Media Catch 3.0.1 (with all the new plugins) and SecureToken blocks it for me. The file does show up in the list but it is not populated with any data and in the Wowza Pro logs I can see the Replay Media Catcher connection being blocked:
INFO application app-start definst securetoken/definst
INFO session connect-pending 192.168.1.2 -
INFO server comment - SecureTokenTarget: create:true play:false publish:false
INFO session connect 192.168.1.2 -
INFO stream create - -
INFO session connect-pending 192.168.1.2 -
INFO server comment - SecureTokenTarget: create:true play:false publish:false
INFO session connect 192.168.1.2 -
ERROR server comment - Error: SecureToken: Challenge does not equal response: kill connection
ERROR server comment - Error: SecureToken: Action before response received: kill connection
INFO stream create - -
INFO stream destroy - -
INFO session disconnect 2072201024 -
INFO stream play Extremists -
INFO stream stop Extremists -
INFO stream destroy Extremists -
INFO session disconnect 692588433 -
If you still can’t sort out why it is not protecting your content zip up and send me your conf and logs folders so I can have a look (charlie@wowza.com).
Charlie
Take a look at AllowDomain in the User’s Guide. It is what it is designed to do.
Charlie
Could you please verify how to get the securetoken with the latest version of the JW player (4.1). I tried it with this well written documentation but it didnt work.
Thanks!
- Riki
-
Edit [wowza-pro-install-dir]/conf/securetoken/Application.xml and change the secureTokenSharedSecret property to the new value and restart Wowza Pro
-
Charlie
Where is the securetoken example application found? It is nowhere on my server (1.7.2).
I’m not sure I understand the level of security this provides.
If the secure token shared secret is embedded in the player, then anyone who downloads the modified player.swf file could then play the protected videos.
If that means restricting access to the modified player.swf file, then that also means that to create different access control lists, I would need to have numerous customized player.swf files.
4.1.60 is the latest so far so can I use it to integrate with secure token now?
None of any recorder apps could do the job but I still couldnt prevent anyone to embed player from our page through source. Someone took the html code and embed from our site onto theirs. It seems that SecureToken is not a solution to prevent that way. A guy mentioned about Secure URL so anyone has an idea to secure even I added our domain on a xml file under wms that it shouldnt stream anywhere except a specific domain but still it does.
The above instructions are for the current version. I have not tried them lately but they should work. That being said, I know there was a problem with the initial release of JW Player 4.4 and SecureToken. I suggest you check the JW Player site. They were suppose to have fixed it.
Charlie
Yes, SecureToken works on EC2. I am using it.
There should be this jar file in /usr/local/WowzaMediaServerPro/lib :
wms-plugin-security.jar
Then you have to have Application.xml with Module that references that. See the secureToken example in [wowza-install-dir]/examples/secureToken
I also tested the latest demo version of this software. It listed the swf, then listed the flv I played, but downloaded 0 bytes.
Richard
Edit com.jeroenwijering.player.Player.as
Change:
token:undefined,
To:
token:"YourSecretToken",
Then in Wowza, in the Properties at the bottom of your Application.xml, match the token:
<Properties>
<!-- Properties defined here will be added to the IApplication.getProperties() and IApplicationInstance.getProperties() collections -->
<Property>
<Name>secureTokenSharedSecret</Name>
<Value>YourSecretToken</Value>
</Property>
</Properties>
Richard
Take a look at StorageDir in the Application.xml. This is where Wowza is looking for the video:
<Streams>
<StreamType>default</StreamType>
<StorageDir>${com.wowza.wms.ConfigHome}/content</StorageDir>
</Streams>
Richard
If SecureToken module is set up on the Wowza app you are connecting to with JW player, you just have to match the tokens. The one in Application.xml and the “token” Flashvar in JW Player
It’s setup already in recent JW player versions. Modify the “token” Flashvar in com.jeroenwijering.player.Player.as, rather than in your html. Look for:
token:undefined,
change to
token:'yourSecretToken',
Richard
Yes, do it that way.
Richard
I think the instructions at the beginning of this post were written for a previous version of JW Player. All you should have to do is add your token to Player.as. That’s what I do anyway. You don’t have to modify RTMPModel.as for securetoken.
Richard
