• How to secure publishing from an RTMP encoder that does not support authentication (ModuleSecureURLParams)

    This article describes how to use the ModuleSecureURLParams module as an alternative to the ModuleRTMPAuthenticate module in Wowza Media Server™ 3.5 if your encoder does not support username/password authentication.

    Note: The modules described in this article are built-in with Wowza Media Server 3.5. If you're sing an earlier version of Wowza Media Server, you must download the MediaSecurity Addon package to get the modules. Download and unzip the MediaSecurity Addon package, copy the wms-plugin-security.jar file from the package /lib folder to the Wowza Media Server /lib folder, and then restart Wowza Media Server.

    Note: You can't use ModuleSecureURLParams and ModuleRTMPAuthenticate at the same time.


    The steps to create an application named "live" are:

    1. Create the folder [install-dir]/applications/live.

    2. Create the folder [install-dir]/conf/live and copy [install-dir]/conf/Application.xml to this new folder.

    3. Open the newly copied Application.xml file in a text editor and change the Streams/StreamType value to live.

    4. In Application.xml, add the following <Module> definition as the last entry in the <Modules> list:
      Note: If yyou're nning Wowza Media Server 3.1.2 or earlier, add the following <Module> definition as the last entry in the <Modules> list instead:
    5. To protect publishing, add the following property to the application-level properties at the bottom of the Application.xml file (be sure to get the correct <Properties> container - there are several in the file).
      Now you must use an RTMP connection in your encoder. For example:

    Now you must use the RTMPE (rtmpe://) or RTMPS (rtmps://) protocol to play all content.

    Originally Published: 02-19-2011.
    Updated: For Wowza Media Server 3.5.0 on 11-28-2012.

    If you're having problems or want to discuss this article, post in our forum.