Wowza Community

Secure Token on Origin & Edge Servers

Hello Wowza, I am planning to implement secure token on both edge (CDN) and origin, how can i do that? :smiley: , i have my JWPLAYER token ready my problem is when i tried to put a token on Wowza, my players says cannot connect to the server :frowning: hope you guys can help me with this :slight_smile:

Thanks,

Hi,

Please take a look at the “How to add SecureToken protection to JW Player” forum article. You can also find instructions how to configure your Wowza server as well. Here is the direct link.

Zoran

Also take a look at the How to Secure the Origin in this guide

But note that you need control of the edge server to implement SecureToken between an edge and origin, and between client and edge.

Richard

You could disable playback from the push application. Make the Application.xml /Client /Access /StreamReadAccess empty (take out the “*”)

<StreamReadAccess></StreamReadAccess>

And set /RTP /Authentication /PlayMethod “none”

<PlayMethod>none</PlayMethod>

And make LiveStreamPacketizers empty

<LiveStreamPacketizers></LiveStreamPacketizers>

This will disable all playback, but push will still work.

Adaptive bitrate is covered in the Push Guide. You will set the adaptiveStreaming:true flag the push rules in the PushPublishMap.txt file

myStream_480p={profile:"rtmp", streamName:"myStream_480p", userName:"myUser", password:"myPassword", adaptiveStreaming:true}
myStream_360p={profile:"rtmp", streamName:"myStream_360p", userName:"myUser", password:"myPassword", adaptiveStreaming:true}
myStream_720p={profile:"rtmp", streamName:"myStream_720p", userName:"myUser", password:"myPassword", adaptiveStreaming:true}

Richard

Hi,

Yes, I recommend using the same version of Wowza on the origin and edges if possible.

Do you see anything in the logs which would indicate an issue?

If you’re still unable to get this working, please open a ticket by sending an email to support@wowza.com.

Please include a detailed description of the setup and issue, a zipped copy of the following directories and a link to this thread for reference.

[Wowza-Install]/conf/

[Wowza-Install]/logs/

[Wowza-Install]/transcoder/

[Wowza-Install]/manager/logs/

Please do make sure you provide logs which show Wowza server starting.

If you are not sure how to get this information please see the following tutorial.

How to create a compressed zip file in Windows, OS X, and Linux

Regards,

Jason

And set /RTP /Authentication /PlayMethod “none”

<PlayMethod>none</PlayMethod>

Correction*

To stop RTP/RTSP playback set /RTP /Authentication /PlayMethod “block”

<PlayMethod>block</PlayMethod>

Regards,

Jason

Hello thanks for your reply guys :), I have no complete control on CDN but they have the settings there where i can put the secure token , I put secure token on both origin and edge server using same token but still not working,btw, is it important to match the version of origin and edge server? :slight_smile: right now i dont know whats the version of the cdn but were using “Wowza Streaming Engine 4 Monthly Edition 4.0.4 build11775” on our origin server :slight_smile:

Thanks,

BTW, they used Wowza version 3.6.3 for Edge CDN and 4.0.4 on origin :slight_smile:

Hello we figured that the problem is on CDN, here is what they said:

“To achieve that, our CDN streaming servers need to authenticate the secure token at the origin wowza. However, with our current CDN implementation (source/origin needs to be public accessible), our CDN streaming servers would not able to restream from your wowza origin if secure token is enabled.”

so i have to find another way to secure (avoid playback) the origin,

Im not sure if this is good alternative on securing the origin server : https://www.wowza.com/docs/how-to-push-streams-to-cdns-and-other-services-push-publishing .

Its clear to me on how to do this but my problem is how to do it with dynamic stream id, on PushPublishMap.txt the example gives this config:

myStream={profile:“rtmp”, streamName:“myStream”, host:“www.mydestination.com”}

what i want to achieve is something like this:

[any dynamic strean name]={profile:“rtmp”, streamName:"[any dynamic strean name]", host:“www.mydestination.com”}

is that posible?

Thanks,