Wowza Community

custom rtsp authentication module

Hello,

To our knowledge, Wowza supports ‘http digest’ when rtsp session established.

But you know, MD5 hash alg. is broken security function.

So, we want to customize rtsp authentication to use sha-2 in wowza.

Is it possible in inbound??

If it’s not possible, can we add our authentication module and use it before rtsp session established?

Please, help us to resolve this problem! Thank you!

You can “create” your own authentication module if you extend the EventEngine.

Wowza Docs: https://www.wowza.com/docs/wowza-streaming-engine-java-api

Like so:

public class EventEngine extends ModuleBase {
...
	public void onRTPSessionCreate(RTPSession rtpSession) {
		
		boolean allowStream = <YOUR-CUSTOM-JAVA>.checkAccessForUri(rtpSession.getIp(), rtpSession.getUri(), rtpSession.getQueryStr());
		
		if (!allowStream) {
			rtpSession.rejectSession();
		}
	}
...
}