Difference between revisions of "Streaming Client Server Authentication"
Line 27: | Line 27: | ||
== Authentication to a Shoutcast/HTTP server == | == Authentication to a Shoutcast/HTTP server == | ||
# Using a username/password in the URL, e.g. ''http://john: | # Using a username/password in the URL, e.g. ''http://john:MySecretPassword@my.server.com/radio123.m3u'' | ||
# By putting the MAC address (IP address or DHCP name) directly to the URL, e.g. ''http://my.server.com/stream.cgi?mac=$MAC$'' | # By putting the MAC address (IP address or DHCP name) directly to the URL, e.g. ''http://my.server.com/stream.cgi?mac=$MAC$'' | ||
# By parsing the special parameter "Pragma: MAC" on the server to uniquely identify the client. | # By parsing the special parameter "Pragma: MAC" on the server to uniquely identify the client. | ||
== Authentication to a BRTP server == | == Authentication to a BRTP server == |
Revision as of 13:59, 22 May 2009
Why authentication
Sometimes it is useful to authenticate a Streaming Client unit to the streaming server, e.g. for dynamically generated playlists or streams. This is especially needed in large installations with hundreds or thousands of devices.
There are two main reasons for authentication:
- identification - to identify the end point and deliver the proper content
- security - no one else is allowed to receive the stream
The Streaming Client does not implement high-level security but rather "reasonable precautions to prevent unwanted user to listen to the music".
Available methods
Streaming Client offers several methods of identification/authentication of the device:
- using the unique MAC address
- in some cases a username/password can be used
- using the IP address
- using the configured DHCP name
MAC address, IP address and DHCP name can be included anywhere in any URL using the variables $MAC$, $IP$ and $NAME$ respectively.
Device's MAC address is provided in every outgoing HTTP request header as a special parameter: Pragma: MAC=00:08:E1:xx:yy:zz
Proxy authentication
- Streaming Client can authenticate to the proxy using a username/password pair. Only the HTTP BASIC authentication is supported.
- If supported by the Proxy the special parameter "Pragma: MAC" can be used for unique identification as well.
Authentication to a Shoutcast/HTTP server
- Using a username/password in the URL, e.g. http://john:MySecretPassword@my.server.com/radio123.m3u
- By putting the MAC address (IP address or DHCP name) directly to the URL, e.g. http://my.server.com/stream.cgi?mac=$MAC$
- By parsing the special parameter "Pragma: MAC" on the server to uniquely identify the client.
Authentication to a BRTP server
The unit's MAC address is sent in every BRTP request.
Authentication in RTP
As RTP is actively sent by the server there is no method of end-point identification.