I'm not a Java developer but I have created VERY simple authentication for my oflaDemo webapp. I got the idea from reading the 'Programming Flash Communication Server' book (published by O'reilly), chaper 18 'Securing Applications'. 1.. Flash movie passes username and password to web server(via SSL using AMFPHP) 2.. Web server/application server returns a one-time ticket(through two hashed strings, tid and ticket) to the flash movie 3.. Flash movie connects to Red5 using the tid and ticket(instead of username and password...) 4.. Red5 checks the tid and ticket against a MySQL db and accepts or rejects the connection In step one I also create a timestamp representing the creation time, and a 'stale' datetime a couple minutes after the creation time. So my simple 'tickets' table has five columns: tid, ticket, uid(linking the ticket to a user table), created(timestamp) and staleDateTime. The ticket is only valid if it is used between the creation time and stale time.
You'll need to install the MySQL JDBC driver and add it's jar to your classpath. Here's my oflaDemo Application.java, but please remember this is temporary authentication... and VERY simple!!! Hope this helps someone :-) code follows... package org.red5.server.webapp.oflaDemo; import org.red5.server.adapter.ApplicationAdapter; import org.red5.server.api.IConnection; import org.red5.server.api.IScope; import org.red5.server.api.stream.IServerStream; import org.red5.server.api.stream.IStreamCapableConnection; import org.red5.server.api.stream.support.SimpleBandwidthConfigure; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; //import sql classes import java.sql.*; public class Application extends ApplicationAdapter { //logging private static final Log log = LogFactory.getLog(Application.class); private IScope appScope; private IServerStream serverStream; /** [EMAIL PROTECTED] */ @Override public boolean appStart(IScope app) { appScope = app; return true; } /** [EMAIL PROTECTED] */ @Override public boolean appConnect(IConnection conn, Object[] params) { // Trigger calling of "onBWDone", required for some FLV players measureBandwidth(conn); if (conn instanceof IStreamCapableConnection) { IStreamCapableConnection streamConn = (IStreamCapableConnection) conn; SimpleBandwidthConfigure sbc = new SimpleBandwidthConfigure(); sbc.setMaxBurst(8 * 1024 * 1024); sbc.setBurst(8 * 1024 * 1024); sbc.setOverallBandwidth(2 * 1024 * 1024); streamConn.setBandwidthConfigure(sbc); } // if (appScope == conn.getScope()) { // serverStream = StreamUtils.createServerStream(appScope, "live0"); // SimplePlayItem item = new SimplePlayItem(); // item.setStart(0); // item.setLength(10000); // item.setName("on2_flash8_w_audio"); // serverStream.addItem(item); // item = new SimplePlayItem(); // item.setStart(20000); // item.setLength(10000); // item.setName("on2_flash8_w_audio"); // serverStream.addItem(item); // serverStream.start(); // try { // serverStream.saveAs("aaa", false); // serverStream.saveAs("bbb", false); // } catch (Exception e) {} // } //**START AUTHENTICATION CODE** //here we go... boolean authenticated = false; authenticated = authenticate(params); if(authenticated){ log.info("Come on in friend!"); return super.appConnect(conn, params); }else{ log.info("Yikes! A LEACH!!"); } rejectClient(); return false; } private boolean authenticate(Object[] params){ String authTicketID = (String)params[0]; String authTicket = (String)params[1]; //convert the third parameter from a string that represents a timestamp, to a java timestamp data type java.sql.Timestamp authTimestamp = java.sql.Timestamp.valueOf((String)params[2]); //the connection paremeters... log.info("authTicketID "+authTicketID); log.info("authTicket "+authTicket); log.info("authTimestamp "+authTimestamp); ResultSet rs = null; Connection conn = null; PreparedStatement pstmt = null; String dbTID = null; String dbTicket = null; java.sql.Timestamp dbCreated = null; java.sql.Timestamp dbStaleDateTime = null; try { //connect to the DB conn = getConnection(); //query string for prepared statement String query = "SELECT tid, ticket, created, staleDateTime FROM tickets WHERE tid = ? AND ticket = ?"; //prepared statement pstmt = conn.prepareStatement(query); // create a statement pstmt.setString(1, authTicketID); // set input parameters pstmt.setString(2, authTicket); //resultSet rs = pstmt.executeQuery(); //move the resultSet cursor forward and grab the data while(rs.next()){ dbTID = rs.getString(1); dbTicket = rs.getString(2); dbCreated = rs.getTimestamp(3); dbStaleDateTime = rs.getTimestamp(4); } log.info("Database tid="+dbTID); log.info("Database ticket="+dbTicket); log.info("Database created="+dbCreated); log.info("Database staleDateTime="+dbStaleDateTime); //verify that the ticket has not expired if((authTimestamp.equals(dbCreated) || authTimestamp.after(dbCreated)) && authTimestamp.before(dbStaleDateTime)){ //check that authTicketID equals ticketID and authTicket equals ticket if(authTicketID.equals(dbTID) && authTicket.equals(dbTicket)){ return true; }else{ log.info(authTicketID+" and "+authTicket+" do not match "+dbTID+" and "+dbTicket); return false; } }else{ log.info("Ticket has expired!"); return false; } } catch (Exception e) { e.printStackTrace(); return false; } finally { try { rs.close(); pstmt.close(); conn.close(); } catch (SQLException sqle) { sqle.printStackTrace(); return false; } } } public static Connection getConnection() throws Exception { String driver = "com.mysql.jdbc.Driver"; String url = "jdbc:mysql://127.0.0.1/Red5DB"; String username = "Red5DBUsername"; String password = "Red5DBPassword"; Class.forName(driver); Connection conn = DriverManager.getConnection(url, username, password); log.info("Authorize conn!"); return conn; } //**END AUTHENTICATION CODE** /** [EMAIL PROTECTED] */ @Override public void appDisconnect(IConnection conn) { if (appScope == conn.getScope() && serverStream != null) { serverStream.close(); } super.appDisconnect(conn); } }
_______________________________________________ Red5 mailing list Red5@osflash.org http://osflash.org/mailman/listinfo/red5_osflash.org