I also forgot about ip blacklist restrictions, which is prob something already available on the servlet end. Ie like allow,deny in apache. I just added a block of publishing on our vod only app, and on our live app, ive added a block to certain publish names.
Interalab wrote: > IMHO, security is becoming an important issue. Up to now, we haven't > spent any time applying security or hiding shared objects or connection > strings, etc. But, we just had to shut down our test server between > tests because we found that someone had spent the time to look at our > test apps and started connecting to our server. It didn't look > malicious, just a connection and playing with the SO, but it's > disturbing just the same. > > Bill > > Dan Rossi wrote: > >> There is already things like playback, publish and sharedobject >> security. But i know what you mean, and authentication / authorisation >> framework, those security features could be used to roll your own, but >> there does need to be some kind of bean you can just enable in your xml >> config which sets up an authentication plugin for you utilising also the >> security methods. And you can customise the plugin yourself. It should >> be enabled with either an embedded db system like hibernate or jdbc etc. >> I hear now though that rtmps isnt so easy to setup or not working yet in >> red5 ? That would need to be enabled i guess to send secret keys or a >> login form to authenticate against. The problem ive yet to work out is >> if secret key loaded into the client via dynamic scripting is sniffable >> at runtime. Obviouslly it cant be stored in the swf. >> >> nomIad wrote: >> >> >>> Hey guys, >>> >>> I think thats really funny. Ive done such an app too, 1 year ago. >>> I used FMS, but was on the way to use Red5. >>> >>> Some of us are doing pretty much the same thing, but there is no >>> FRAMEWORK related to that stuff?! >>> >>> Were all writing the cores of that without any standard way for >>> authentication, authorisation, etc. >>> I think its time for a Flash Framework and Red5 kit for those sort of >>> apps... >>> >>> cu nomiad >>> >>> Storm schrieb: >>> >>> >>> >>>> Hi JOachim,congrats! that's pretty simmilar to my own app hehe, only >>>> that my "live audio and video communication" is not a "all see all" >>>> videoconf, it works more like a classroom where the teacher sees >>>> everyone but the pupils only (should) look at the teacher. We also >>>> figured out a way to share presentations. But then again, congrats on >>>> that!. >>>> The only point i'm missing is the screen sharing (and remote control), >>>> we've tried a few ideas to achieve that but they all were improductive >>>> or too bandwidth greedy. Are you using only flash on client side for >>>> that? (that was one of my requirements). Hope you can throw some light >>>> on this, it would be much appreciated. >>>> >>>> >>>> >>> _______________________________________________ >>> Red5 mailing list >>> [email protected] >>> http://osflash.org/mailman/listinfo/red5_osflash.org >>> >>> >>> >>> >> _______________________________________________ >> Red5 mailing list >> [email protected] >> http://osflash.org/mailman/listinfo/red5_osflash.org >> >> > > _______________________________________________ > Red5 mailing list > [email protected] > http://osflash.org/mailman/listinfo/red5_osflash.org > > _______________________________________________ Red5 mailing list [email protected] http://osflash.org/mailman/listinfo/red5_osflash.org
