Installation guide

Authorization adaptor plug-in

New feature in Flash Media Interactive Server; requires Flash Player 6 or later.

enextlineofdefenseistheauthorizationadaptor.Aserverplug-inwritteninC++,the

authorizationadaptorauthorizesclientaccesstoserverevents.Oncetheconnectionhasbeen

established, but before it is accepted, the authorization adaptor comes into play.

Authorization adaptors can:

• Authorizeconnectionstotheserver

• Authorizeplayingastreamorseekinginastream

• Authorizepublishingastream

• Disconnectclientsfromtheserver

• Callamethodinserver-sideActionScript

• Delivercontenttoclientsaccordingtotheirgeographiclocation,subscriptionlevel,and

stream origin

• Limittimeanddurationofauser’saccesstospecicstreams

• Mapalogicalstreampathtoaphysicalstreampath.Forexample,aclientrequeststhestream

“foo.v,”butsinceheisnotapremiummemberoftheservice,heshouldonlyreceivethe

low-qualityversionofthatcontent,soheisactuallyserved“bar.v.”

Unlike the access adaptor, you can use multiple authorization adaptors to sequentially perform

actions on the incoming event. For example, auth1.dll (orauth1.so)couldauthorizethe

client connection; auth2.dll(orauth2.so)couldthenauthorizethatclienttopublisha

stream, and so on. e server applies the adaptors in alphabetical order.

As you can see, authorization adaptors can be very powerful for stream security and access

control at a granular level. ey can be congured to implement custom functionality ranging

from rights management to logging.

Dynamic access control

When clients access the server, they have full access to all streams and shared objects by default.

Access control is possible, however, using server-side ActionScript. You can create a dynamic

accesscontrollist(ACL)whichcontrolswhohasaccesstoread,create,orupdatesharedobjects

or streams.

Inserver-sideActionScript,eachclientthatconnectsisassignedtoaClientobject.EachClient

object has readAccess and writeAccess properties. ese properties can accept multiple

comma-delimited values. By setting these values when you accept the client connection, you can

control which streams and shared objects any given client can access.

Stream encryption

FlashMediaServer3oerstwooptionsforencryptingyourstreams:SSLandRTMPE.

SSL

Feature available in Flash Media Streaming Server and Flash Media Interactive Server; requires

Flash Player 8 or later.

InearlierversionsofFlashMediaServer,encryptedstreamingwasavailableusingSSLdelivery,

throughRTMPS.isformofencryptionisstillsupportedinFlashMediaServer3.Implemen-

tation requires the use of a third-party certicate with some server-side conguration. Flash

Media Server 3 now oers an easier, optimized way to implement an encryption solution, using

encryptedRTMP(RTMPE).