<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<style>
<!--
@font-face
{font-family:Helvetica}
@font-face
{font-family:Helvetica}
@font-face
{font-family:Calibri}
@font-face
{font-family:Tahoma}
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif"}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline}
span.apple-tab-span
{}
span.apple-style-span
{}
span.EmailStyle19
{font-family:"Calibri","sans-serif";
color:#1F497D}
.MsoChpDefault
{font-size:10.0pt}
@page WordSection1
{margin:1.0in 1.0in 1.0in 1.0in}
div.WordSection1
{}
-->
</style>
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D">Hi Ross,</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D">We happen to have the same requirement. And I tried your recommendation of subclassing “RTSPServer”.</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D">In our case, each stream will have different set of username-passwd combination. In other words, username/passwd combination of “Stream-1” should not be allowed
to access “Stream-2”, and so on. In our case, username could be same across streams, as they are derived from the cameras whose streams are being proxy-ed.</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D">But it appears we must create an “authDB”, and add all username-passwd combinations of all streams first, while creating the RTSPServer. Only then, it seems
to invoke the re-implemented virtual function ‘specialClientUserAccessCheck’. Since we do not get the ‘passwd’ component of the ‘username’ in ‘specialClientUserAccessCheck’, how do we restrict an user of “Stream-1” from incorrectly accessing “Stream-2”, when
the username being same for both streams?</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D">Will it be possible to include password as well for ‘specialClientUserAccessCheck’?</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D">Regards,</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D">Subhankar.</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D"> </span></p>
<div>
<div style="border:none; border-top:solid #B5C4DF 1.0pt; padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt; font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt; font-family:"Tahoma","sans-serif""> live-devel-bounces@ns.live555.com [mailto:live-devel-bounces@ns.live555.com]
<b>On Behalf Of </b>Ross Finlayson<br>
<b>Sent:</b> Thursday, August 15, 2013 1:14 PM<br>
<b>To:</b> LIVE555 Streaming Media - development & use<br>
<b>Subject:</b> Re: [Live-devel] authorizing users</span></p>
</div>
</div>
<p class="MsoNormal"> </p>
<div>
<blockquote style="margin-top:5.0pt; margin-bottom:5.0pt">
<div>
<div>
<div>
<p class="MsoNormal">is it possible to change UserAuthenticationDatabase class so that it can be used to limit user access to specific streams?</p>
</div>
</div>
</div>
</blockquote>
<div>
<p class="MsoNormal"> </p>
</div>
<p class="MsoNormal">Yes, you can do this; however, you don't need to make any changes to the "UserAuthenticationDatabase" code. Instead, the way you would do this would be to subclass "RTSPServer", and reimplement the virtual function</p>
</div>
<div>
<p class="MsoNormal"><span class="apple-tab-span"> </span>virtual Boolean specialClientUserAccessCheck(int clientSocket, struct sockaddr_in& clientAddr, char const* urlSuffix, char const *username);</p>
</div>
<div>
<p class="MsoNormal">(see "liveMedia/include/RTSPServer.hh")</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">You would use a (regular, unmodified) "UserAuthenticationDatabase" to first reject users who don't have *any* access to the server. Then, your reimplemented "specialClientUserAccessCheck()" function would reject users who aren't allowed
to access the specific stream (named by "urlSuffix") that's being named.</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal"><span class="apple-style-span"><span style="font-size:13.5pt; font-family:"Helvetica","sans-serif"; color:black">Ross Finlayson</span></span><span style="font-size:13.5pt; font-family:"Helvetica","sans-serif"; color:black"><br>
<span class="apple-style-span">Live Networks, Inc.</span><br>
<span class="apple-style-span"><a href="http://www.live555.com/">http://www.live555.com/</a></span></span>
</p>
</div>
<p class="MsoNormal"> </p>
</div>
<br>
<hr>
<font face="Arial" color="Gray" size="1"><br>
http://www.mindtree.com/email/disclaimer.html<br>
</font>
</body>
</html>