In Wowza Streaming Engine™ media server software, use AuthenticateUsernamePasswordProviderBase with the ModuleCoreSecurity module to intercept requests for username/password so that you can use a database instead of a password file to authenticate encoders.
- Open [install-dir]/conf/[application]/Application.xml in a text editor and add the following <Module> definition as the last entry in the <Modules> list:
<Module> <Name>ModuleCoreSecurity</Name> <Description>Core Security Module for Applications</Description> <Class>com.wowza.wms.security.ModuleCoreSecurity</Class> </Module>
- Download the JDBC driver for MySQL, and then copy the appropriate MySQL JDBC .jar file to the Wowza Streaming Engine /lib folder.
- Use the Wowza IDE to build the following code:
package com.wowza.wms.example.authenticate; import com.wowza.wms.authentication.*; import com.wowza.wms.logging.WMSLoggerFactory; import java.sql.*; public class AuthenticateUsernamePasswordProviderExample extends AuthenticateUsernamePasswordProviderBase { public String getPassword(String username) { // return password for given username String pwd = null; WMSLoggerFactory.getLogger(null).info("Authenticate getPassword username: " + username); Connection conn = null; try { conn = DriverManager.getConnection("jdbc:mysql://localhost/wowza?user=root&password=mypassword"); Statement stmt = null; ResultSet rs = null; try { stmt = conn.createStatement(); rs = stmt.executeQuery("SELECT pwd FROM users where username = '"+username+"'"); while (rs.next()) { pwd = rs.getString("pwd"); } } catch (SQLException sqlEx) { WMSLoggerFactory.getLogger(null).error("sqlexecuteException: " + sqlEx.toString()); } finally { if (rs != null) { try { rs.close(); } catch (SQLException sqlEx) { rs = null; } } if (stmt != null) { try { stmt.close(); } catch (SQLException sqlEx) { stmt = null; } } } conn.close(); } catch (SQLException ex) { // handle any errors System.out.println("SQLException: " + ex.getMessage()); System.out.println("SQLState: " + ex.getSQLState()); System.out.println("VendorError: " + ex.getErrorCode()); } return pwd; } public boolean userExists(String username) { // return true is user exists return false; } } - To intercept RTMP authentication, add the following property to the <Properties> container at the bottom of [install-dir]/conf/[application]/Application.xml (be sure to add the property to the correct <Properties> container; there are several in Application.xml).
<Property> <Name>securityPublishUsernamePasswordProviderClass</Name> <Value>com.wowza.wms.example.authenticate.AuthenticateUsernamePasswordProviderExample</Value> </Property>
- To intercept RTP authentication, add the securityPublishUsernamePasswordProviderClass property to [install-dir]/conf/Authentication.xml /Digest Properties list (or to the /Basic Properties list if you're using basic authentication):
<Method>
<Name>digest</Name>
<Description>Digest Authentication</Description>
<Class>com.wowza.wms.authentication.AuthenticateDigest</Class>
<Properties>
<Property>
<Name>passwordFile</Name
<Value>${com.wowza.wms.context.VHostConfigHome}/conf/publish.password</Value>
</Property>
<Property>
<Name>realm</Name>
<Value>Streaming Server</Value>
</Property>
<Property>
<Name>securityPublishUsernamePasswordProviderClass</Name>
<Value>com.wowza.wms.example.authenticate.AuthenticateUsernamePasswordProviderExample</Value>
</Property>
</Properties>
</Method>
- Restart Wowza Streaming Engine.
