Wowza Community

Live stream - Check if user is member of an Active directory group

Hello!

I’d like to permit live view via our wowza server only with a certain user that are member of a specific group on our AD.

The player is embedded in a flash container (like flowplayer) on our intranet webpage.

The wowza is capable to check if a user, connected at our AD, is a member of a specific group enabled to see live stream?

Is like a single signon …

best regards

Marco

The URL requests that Wowza receives do not have a mechanism for doing Kerberos/Windows client logon. You can set RTSP to basic or digest authentication which does HTTP MD5 encrypted authentication with login pairs specified in a .password text file in your /conf/app directory, but this also does not interface with Windows authentication.

So, short answer is no. However, you can build a custom module to receive an authentication string via some method and check these against your AD authentication on the server, and then either allow or deny playback.

Another method might be to setup your webserver (IIS or Apache with an LDAP module) to do authentication to your webpage that exposes the stream URLs. Then use an encrypted URLParam or Securetoken, to verify actual clients, after they’ve been authenticated.

Securetoken: https://www.wowza.com/docs/how-to-add-securetoken-protection-to-jw-player

URLParams: https://www.wowza.com/docs/how-to-secure-publishing-from-an-rtmp-encoder-that-does-not-support-authentication-modulesecureurlparams