Thanks all for the suggestions.
Looks like there is no built-in authentication feature in Red5.
Authentication and permissions has to be developed at the application level.
I will do my own research and will contribute back to the list, if I find/develop something useful.
Alex
On 9/28/06, Michael Klishin <[EMAIL PROTECTED]> wrote:
On Thursday 28 September 2006 17:37, Dan Rossi wrote:
> Thats what i was thinking, i built a video feeds system which first
> sends key information to a soap service collects a temporary session,
> then returns back to our system with the session for secondary
> authentication. what is the performance issues for a client to first
> obtain a session/key by sending some details over secure link to an AMF
> application, obtain a key return back then authenticate the temporary
> session into the red5 application ?
Flex 2 has a library for Zip handling and it works pretty well with small
files. Key handling should be much more faster ;)
>
> Hey mike, i use flex aswell, there is no documentation for what you
> meantion, what did you mean, where could i find info ?
>
> The other problemo about storing information in the client to obtain the
> key with is that its easily decompiled and readable.
If you obtain a key via HTTPS at runtime and then just use it (send it back to
server via HTTPS), it's less of a problem. I know people who use this
apporoach to create online games where people bet real money.
I'm not a security genius so I know the very basics of how they do it.
--
novemberain.com | flexwiki.novemberain.com | rubyonrails.ru | osflash.org/red5
_______________________________________________
Red5 mailing list
[email protected]
http://osflash.org/mailman/listinfo/red5_osflash.org
_______________________________________________ Red5 mailing list [email protected] http://osflash.org/mailman/listinfo/red5_osflash.org
