[
https://issues.apache.org/jira/browse/OPENMEETINGS-53?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
SebastianWagner updated OPENMEETINGS-53:
----------------------------------------
Description:
The idea would be for example that the SWF10 create a random Hash
($swf10_auth_hash) using MD5 (client site) and adds it as URL param to the SWF8
application.
The SWF8 app uses that Hash ($swf10_auth_hash) and pushes it to Red5. Red5 only
accepts broadcasts from Remote Connection where the param ($swf10_auth_hash) is
set correctly / allowed to publish.
The SWF8 app only accepts messages via the LocalConnection that have the
correct Hash ($swf10_auth_hash) as param included.
The SWF10 then only accepts messages via the LocalConnection that have the
correct Hash ($swf10_auth_hash) as param included.
That way the user can open OpenMeetings multiple time on the same Computer
again as it has been in OpenMeetings in the past.
was:
The idea would be for example that the SWF10 create a random Hash
($swf10_auth_hash) using MD5 (client site) and adds it as URL param to the SWF8
application.
The SWF8 app uses that Hash ($swf10_auth_hash) and pushes it to Red5. Red5 only
accepts broadcasts from Remote Connection where the param ($swf10_auth_hash) is
set correctly / allowed to publish.
The SWF8 app only accepts messages via the LocalConnection where to send the
events to via the LocalConnection.
The SWF10 then only accepts messages via the LocalConnection that have the
correct Hash ($swf10_auth_hash) as param included.
That way the user can open OpenMeetings multiple time on the same Computer
again as it has been in OpenMeetings in the past.
> Add security mechanism to LocalConnection subscribers
> -----------------------------------------------------
>
> Key: OPENMEETINGS-53
> URL: https://issues.apache.org/jira/browse/OPENMEETINGS-53
> Project: Openmeetings
> Issue Type: Sub-task
> Components: Audio/Video
> Affects Versions: 2.0 Apache Incubator Release
> Reporter: SebastianWagner
> Original Estimate: 72h
> Remaining Estimate: 72h
>
> The idea would be for example that the SWF10 create a random Hash
> ($swf10_auth_hash) using MD5 (client site) and adds it as URL param to the
> SWF8 application.
> The SWF8 app uses that Hash ($swf10_auth_hash) and pushes it to Red5. Red5
> only accepts broadcasts from Remote Connection where the param
> ($swf10_auth_hash) is set correctly / allowed to publish.
> The SWF8 app only accepts messages via the LocalConnection that have the
> correct Hash ($swf10_auth_hash) as param included.
> The SWF10 then only accepts messages via the LocalConnection that have the
> correct Hash ($swf10_auth_hash) as param included.
> That way the user can open OpenMeetings multiple time on the same Computer
> again as it has been in OpenMeetings in the past.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
