DRM use to protect the content, can use many strategys:
SRS support config the refer to antisuck.
When play RTMP url, adobe flash player will send the page url in the connect params PageUrl, which is cannot changed by as code, server can check the web page url to ensure the user is ok.
While user use client application, the PageUrl can be any value, for example, use srs-librtmp to play RTMP url, the Refer antisuck is not work.
To config the refer antisuck in srs:
# the vhost for antisuck.
vhost refer.anti_suck.com {
# the common refer for play and publish.
# if the page url of client not in the refer, access denied.
# if not specified this field, allow all.
# default: not specified.
refer github.com github.io;
# refer for publish clients specified.
# the common refer is not overrided by this.
# if not specified this field, allow all.
# default: not specified.
refer_publish github.com github.io;
# refer for play clients specified.
# the common refer is not overrided by this.
# if not specified this field, allow all.
# default: not specified.
refer_play github.com github.io;
}
The token authentication similar to refer, but the token is put in the url, not in the args of connect:
rtmp://vhost/app?token=xxxx/stream
, SRS will pass the token
in the http-callback. read HTTP callback
Token is robust then refer, can specifies more params, for instance, the expire time.
For example:
on_connect http://127.0.0.1:8085/api/v1/clients;
,
read HTTP callback
The FMS token tranverse is when user connect to edge server, the edge server will send the client info which contains token to origin server to verify. It seems that the token from client tranverse from edge to origin server.
FMS edge and origin use private protocol, use a connection to fetch data, another to transport the control message, for example, the token tranverse is a special command, @see https://github.com/ossrs/srs/issues/104
Recomment the token authentication to use http protocol; the token tranverse must use RTMP protocol, so many RTMP servers do not support the token tranverse.
SRS supports token tranverse like FMS, but SRS always create a new connection to verify the client info on origin server.
THe config for token tranverse, see edge.token.traverse.conf
:
listen 1935;
vhost __defaultVhost__ {
mode remote;
origin 127.0.0.1:19350;
token_traverse on;
}
SRS does not support.
SRS does not support.
Winlin 2014.11
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。