Integrate Wowza Streaming Engine user authentication with external systems using a Wowza Streaming Engine Java module

In Wowza Streaming Engine™ media server software, use AuthenticateUsernamePasswordProviderBase with the ModuleCoreSecurity module to intercept requests for username/password so that you can use a database instead of a password file to authenticate encoders.

  1. Open [install-dir]/conf/[application]/Application.xml in a text editor and add the following <Module> definition as the last entry in the <Modules> list:
    <Module>
    	<Name>ModuleCoreSecurity</Name>
    	<Description>Core Security Module for Applications</Description>
    	<Class>com.wowza.wms.security.ModuleCoreSecurity</Class>
    </Module>
  2. Download the JDBC driver for MySQL, and then copy the appropriate MySQL JDBC .jar file to the Wowza Streaming Engine /lib folder.
     
  3. Use the Wowza IDE to build the following code:
    package com.wowza.wms.example.authenticate;
    
    import com.wowza.wms.authentication.*;
    import com.wowza.wms.logging.WMSLoggerFactory;
    import java.sql.*;
    
    public class AuthenticateUsernamePasswordProviderExample extends AuthenticateUsernamePasswordProviderBase
    {
    	public String getPassword(String username)
    	{
    		// return password for given username
    		String pwd = null;
    
    		WMSLoggerFactory.getLogger(null).info("Authenticate getPassword username: " + username);
    
    		Connection conn = null;
    		try
    		{
    			conn = DriverManager.getConnection("jdbc:mysql://localhost/wowza?user=root&password=mypassword");
    
    			Statement stmt = null;
    			ResultSet rs = null;
    
    			try
    			{
    				stmt = conn.createStatement();
    				rs = stmt.executeQuery("SELECT pwd FROM users where username = '"+username+"'");
    				while (rs.next())
    				{
    					pwd = rs.getString("pwd");
    				}
    
    			}
    			catch (SQLException sqlEx)
    			{
    				WMSLoggerFactory.getLogger(null).error("sqlexecuteException: " + sqlEx.toString());
    			}
    			finally
    			{
    				if (rs != null)
    				{
    					try
    					{
    						rs.close();
    					}
    					catch (SQLException sqlEx) 
    					{
    
    						rs = null;
    					}
    				}
    
    				if (stmt != null)
    				{
    					try
    					{
    						stmt.close();
    					}
    					catch (SQLException sqlEx)
    					{
    						stmt = null;
    					}
    				}
    			}
    
    			conn.close();
    		}
    		catch (SQLException ex)
    		{
    			// handle any errors
    			System.out.println("SQLException: " + ex.getMessage());
    			System.out.println("SQLState: " + ex.getSQLState());
    			System.out.println("VendorError: " + ex.getErrorCode());
    		}
    
    		return pwd;
    	}
    
    	public boolean userExists(String username)
    	{
    		// return true is user exists
    		return false;
    	}
    }
  4. To intercept RTMP authentication, add the following property to the <Properties> container at the bottom of [install-dir]/conf/[application]/Application.xml (be sure to add the property to the correct <Properties> container; there are several in Application.xml).
<Property>
	<Name>securityPublishUsernamePasswordProviderClass</Name>
	<Value>com.wowza.wms.example.authenticate.AuthenticateUsernamePasswordProviderExample</Value>
</Property>
 
  1. To intercept RTP authentication, add the securityPublishUsernamePasswordProviderClass property to [install-dir]/conf/Authentication.xml /Digest Properties list (or to the /Basic Properties list if you're using basic authentication):
<Method>
	<Name>digest</Name>
	<Description>Digest Authentication</Description>
	<Class>com.wowza.wms.authentication.AuthenticateDigest</Class>
	<Properties>
		<Property>
			<Name>passwordFile</Name
			<Value>${com.wowza.wms.context.VHostConfigHome}/conf/publish.password</Value>
		</Property>
		<Property>
			<Name>realm</Name>
			<Value>Streaming Server</Value>
		</Property>
		<Property>
			<Name>securityPublishUsernamePasswordProviderClass</Name>
			<Value>com.wowza.wms.example.authenticate.AuthenticateUsernamePasswordProviderExample</Value>
		</Property>
	</Properties>
</Method>
 
  1. Restart Wowza Streaming Engine.