Wowza Community

SecureToken for JWPlayer 6.0

Hi,

I have read that in the new versions of JWPlayer that you cannot compile the SecureToken into the flash player, you have to set the token as a javascript variable in the HTML page. This seems like a major security risk, has anyone solved this or any suggestions how to make this more secure?

Hi there,

Yes, as I know you can compile the Secure Token with JW Player open source version, but for licensed version you cannot do it, and LongTail company (JW Player) didn’t provide coding/compiling with the licensed version.

But I have found a way to put Secure Token with this licensed JW Player version, you need to put this code with JW Player code on your web page:

rtmp: {

securetoken: “MySecretCode”

},

Hope this help.

Best Regards,

as far as i know you still can/have to compile it in jwplayer 6

https://www.wowza.com/docs/how-to-add-securetoken-protection-to-jw-player

otherwise it is best to ask on the jwplayer forum. Wowza can secure the stream, but isn’t the developer of jwplayer :wink:

You can compile secure token with JW Player opensource version. I have did that before. The problem is that , they wont provide premium version source code so we have to obfuscate the code in some external js file.

Hi there,

Yes, as I know you can compile the Secure Token with JW Player open source version, but for licensed version you cannot do it, and LongTail company (JW Player) didn’t provide coding/compiling with the licensed version.

But I have found a way to put Secure Token with this licensed JW Player version, you need to put this code with JW Player code on your web page:

Hope this help.

Best Regards,

It is a very weak practice since anybody who views the source code can identify the secure token.