Streaming Client Server Authentication

Why authentication

Sometimes it is useful to authenticate a Streaming Client unit to the streaming server, e.g. for dynamically generated playlists or streams. This is especially needed in large installations with hundreds or thousands of devices.

There are two main reasons for authentication:

  1. identification - to identify the end point and deliver the proper content
  2. security - no one else is allowed to receive the stream

The Streaming Client does not implement high-level security but rather "reasonable precautions to prevent unwanted user to listen to the music".

Available methods

Streaming Client offers several methods of identification/authentication of the device:

  • using the unique MAC address
  • in some cases a username/password can be used
  • using the IP address
  • using the configured DHCP name

MAC address, IP address and DHCP name can be included anywhere in any URL using the variables $MAC$, $IP$ and $NAME$ respectively.

Device's MAC address is provided in every outgoing HTTP request header as a special parameter: Pragma: MAC=00:08:E1:xx:yy:zz

Proxy authentication

  1. Streaming Client can authenticate to the proxy using a username/password pair. Only the HTTP BASIC authentication is supported.
  2. If supported by the Proxy the special parameter "Pragma: MAC" can be used for unique identification as well.

Authentication to a Shoutcast/HTTP server

  1. Using a username/password in the URL, e.g. http://john:MySecretPassword@my.server.com/radio123.m3u
  2. By putting the MAC address (IP address or DHCP name) directly to the URL, e.g. http://my.server.com/stream.cgi?mac=$MAC$
  3. By parsing the special parameter "Pragma: MAC" on the server to uniquely identify the client.

Authentication to a BRTP server

The unit's MAC address is sent in every BRTP request.

Authentication in RTP

As RTP is actively sent by the server there is no method of end-point identification.