Wowza Community

Authentication with an external service (full proxy)

Hi.

I need to implement an external authentication method via http-service.

I know of a case https://www.wowza.com/docs/how-to-integrate-wowza-user-authentication-with-external-authentication-systems-modulertmpauthenticate

but AuthenticateUsernamePasswordProviderBase is not what I need.

I think I need smth like AuthenticateDigest extension.

I want to pass username and password through http(s) and wait response, such as success/failure. I do not want to request password from the server.

At the moment, I need to authenticate users to publish rtmp-stream.

But universal solution is welcomed

Are you using ModuleRTMPAuthenticate, and are the encoders RTMP live encoders that support RTMP authentication?

If so, then AuthenticateUsernamePasswordProviderBase is what you need. The example demonstrates using a database for authentication; you will replace that with your method.

Otherwise, what encoder(s) are you using? What method are you using for authentication now?

Richard

In that case start with this:

https://www.wowza.com/docs/how-to-do-user-authentication-for-flash-rtmp-client-using-jdbc-connection-to-mysql-database

Richard

Is the user in an authenticated HTTP session before the Flash client is served? If you already authenticated the user, and you could consider using hashed tokens instead. The idea here is that the application server generates a hash and passes it into the flash/flex application via flashvars, and Wowza decodes that hash to validate it.

That way, rather than having to pass user credentials around and needing Wowza to make an HTTPS request for every connection, you could simply pass the generated hash from the flash client to wowza, and let the wowza application validate the hash internally.

I use the flash-based video chat application with RTMP login/password authentication.

Passwords are generated dynamically. I want to pass login and password (from RTMP authentication request) to my backend server and get response, whether the user is authenticated or not.

I can not request a password from the database, I need to ask for the final result of authentication.

I will try to describe the problem in detail.

We create a video chat service.

Some clients may take some streams.

Some clients may publish their own stream and take some others.

To check the permissions of a user action, we need to process user credentials with our business logic and make a decision: if the current user is currently available:

  • to view the requested stream,

  • to publish the requested stream.

For user authentication, we use a token which represents it’s current state. This token is compared (on the authentication server level) to a standard one obtained after processing data from redis db.

Wowza side tokens are not enough. A request to an external service required.

So, I need next data:

  • client action (stream publish or stream view),

  • client login and pass from rtmp auth.

At the moment, I am connecting with Wirecast, indicating the login and RTMP password.

In the “onConnect” handler I’m trying to get username and password (as it’s described here: https://www.wowza.com/docs/how-to-do-user-authentication-for-flash-rtmp-client-using-jdbc-connection-to-mysql-database).

        getParamString(params, PARAM1); # username expected, but returns NULL;
        getParamString(params, PARAM2); # password expected, but returns NULL;

Both lines return null. Why?

I do right, am I?

My AMFDataList params value:

AMFDataList:
[0] connect
[1] 1.0
[2] object
{Obj[]: app: "live", tcUrl: "rtmp://localhost/live", type: "nonprivate", flashVer: "Wirecast/FM 1.0 (compatible; FMSc/1.0)", swfUrl: "rtmp://localhost/live", videoCodecs: 128.0}