- Previous thread: [Red5devs] (no subject)
- Next thread: [Red5] Periodic job
- Threads sorted by date: osflash 200906
This is a multi-part message in MIME format.
------=_NextPart_000_0094_01C9ED9F.F0586E40
Content-Type: text/plain;
charset="windows-874"
Content-Transfer-Encoding: quoted-printable
I want to restrict access to publish a stream within global scope.
The registerStreamPublishSecurity method only work with application =
scope, but I'm still allowed to publish a stream into the global scope.
This is a very serious problem, since anyone can connect to my server =
(without knowing any applications name!) and misuse it.
I'm sure there must be a way to do this, but I just can't find it.
Please advice.
Best Regards.
Vittee Nakka
------=_NextPart_000_0094_01C9ED9F.F0586E40
Content-Type: text/html;
charset="windows-874"
Content-Transfer-Encoding: quoted-printable
I want to restrict access to =
publish a=20
stream within global scope.
The=20
registerStreamPublishSecurity method only work with application scope, =
but I'm=20
still allowed to publish a stream into the global=20
scope.
This is a very serious problem, since =
anyone can=20
connect to my server (without knowing any applications name!) and =
misuse=20
it.
I'm sure there must be a way to do =
this, but I=20
just can't find it.
Please advice.
Best Regards.
Vittee Nakka
------=_NextPart_000_0094_01C9ED9F.F0586E40--
------=_NextPart_000_0094_01C9ED9F.F0586E40
Content-Type: text/plain;
charset="windows-874"
Content-Transfer-Encoding: quoted-printable
I want to restrict access to publish a stream within global scope.
The registerStreamPublishSecurity method only work with application =
scope, but I'm still allowed to publish a stream into the global scope.
This is a very serious problem, since anyone can connect to my server =
(without knowing any applications name!) and misuse it.
I'm sure there must be a way to do this, but I just can't find it.
Please advice.
Best Regards.
Vittee Nakka
------=_NextPart_000_0094_01C9ED9F.F0586E40
Content-Type: text/html;
charset="windows-874"
Content-Transfer-Encoding: quoted-printable
I want to restrict access to =
publish a=20
stream within global scope.
The=20
registerStreamPublishSecurity method only work with application scope, =
but I'm=20
still allowed to publish a stream into the global=20
scope.
This is a very serious problem, since =
anyone can=20
connect to my server (without knowing any applications name!) and =
misuse=20
it.
I'm sure there must be a way to do =
this, but I=20
just can't find it.
Please advice.
Best Regards.
Vittee Nakka
------=_NextPart_000_0094_01C9ED9F.F0586E40--
This is a multi-part message in MIME format.
------=_NextPart_000_0022_01C9ED32.FA7D4070
Content-Type: text/plain;
charset="windows-874"
Content-Transfer-Encoding: quoted-printable
Looks like you found a bug.
at=20
package org.red5.server.net.rtmp;
Class RTMPHandler...
After line 250, add the following...
if(scope.getDepth()=3D=3D 0x00)
{
throw new ScopeNotFoundException(scope,"Root connection not allowed");
}
----- Original Message -----=20
From: Vittee=20
To: red5@osflash.org=20
Sent: Sunday, June 14, 2009 7:59 PM
Subject: [Red5] Stream Publish Security
I want to restrict access to publish a stream within global scope.
The registerStreamPublishSecurity method only work with application =
scope, but I'm still allowed to publish a stream into the global scope.
This is a very serious problem, since anyone can connect to my server =
(without knowing any applications name!) and misuse it.
I'm sure there must be a way to do this, but I just can't find it.
Please advice.
Best Regards.
Vittee Nakka
-------------------------------------------------------------------------=
-----
_______________________________________________
Red5 mailing list
Red5@osflash.org
http://osflash.org/mailman/listinfo/red5_osflash.org
------=_NextPart_000_0022_01C9ED32.FA7D4070
Content-Type: text/html;
charset="windows-874"
Content-Transfer-Encoding: quoted-printable
Looks like you found a =
bug.
at
package =
org.red5.server.net.rtmp;
Class RTMPHandler...
After line 250, add the following...
if(scope.getDepth()=3D=3D =
0x00)
{
throw new=20
ScopeNotFoundException(scope,"Root connection not =
allowed");
}
----- Original Message -----
From:=20
Vittee
To: red5@osflash.org
Sent: Sunday, June 14, 2009 =
7:59 PM
Subject: [Red5] Stream Publish=20
Security
I want to restrict access to =
publish a=20
stream within global scope.
The=20
registerStreamPublishSecurity method only work with application scope, =
but I'm=20
still allowed to publish a stream into the global=20
scope.
This is a very serious problem, =
since anyone can=20
connect to my server (without knowing any applications name!) and =
misuse=20
it.
I'm sure there must be a way to do =
this, but I=20
just can't find it.
Please advice.
Best Regards.
Vittee Nakka
_______________________________________________Red5 mailing =
=
listRed5@osflash.orghttp://osflash.org/mailman/listinfo/red5_osfl=
ash.org
------=_NextPart_000_0022_01C9ED32.FA7D4070--
------=_NextPart_000_0022_01C9ED32.FA7D4070
Content-Type: text/plain;
charset="windows-874"
Content-Transfer-Encoding: quoted-printable
Looks like you found a bug.
at=20
package org.red5.server.net.rtmp;
Class RTMPHandler...
After line 250, add the following...
if(scope.getDepth()=3D=3D 0x00)
{
throw new ScopeNotFoundException(scope,"Root connection not allowed");
}
----- Original Message -----=20
From: Vittee=20
To: red5@osflash.org=20
Sent: Sunday, June 14, 2009 7:59 PM
Subject: [Red5] Stream Publish Security
I want to restrict access to publish a stream within global scope.
The registerStreamPublishSecurity method only work with application =
scope, but I'm still allowed to publish a stream into the global scope.
This is a very serious problem, since anyone can connect to my server =
(without knowing any applications name!) and misuse it.
I'm sure there must be a way to do this, but I just can't find it.
Please advice.
Best Regards.
Vittee Nakka
-------------------------------------------------------------------------=
-----
_______________________________________________
Red5 mailing list
Red5@osflash.org
http://osflash.org/mailman/listinfo/red5_osflash.org
------=_NextPart_000_0022_01C9ED32.FA7D4070
Content-Type: text/html;
charset="windows-874"
Content-Transfer-Encoding: quoted-printable
Looks like you found a =
bug.
at
package =
org.red5.server.net.rtmp;
Class RTMPHandler...
After line 250, add the following...
if(scope.getDepth()=3D=3D =
0x00)
{
throw new=20
ScopeNotFoundException(scope,"Root connection not =
allowed");
}
----- Original Message -----
From:=20
Vittee
To: red5@osflash.org
Sent: Sunday, June 14, 2009 =
7:59 PM
Subject: [Red5] Stream Publish=20
Security
I want to restrict access to =
publish a=20
stream within global scope.
The=20
registerStreamPublishSecurity method only work with application scope, =
but I'm=20
still allowed to publish a stream into the global=20
scope.
This is a very serious problem, =
since anyone can=20
connect to my server (without knowing any applications name!) and =
misuse=20
it.
I'm sure there must be a way to do =
this, but I=20
just can't find it.
Please advice.
Best Regards.
Vittee Nakka
_______________________________________________Red5 mailing =
=
listRed5@osflash.orghttp://osflash.org/mailman/listinfo/red5_osfl=
ash.org
------=_NextPart_000_0022_01C9ED32.FA7D4070--
This is a multi-part message in MIME format.
------=_NextPart_000_00CB_01C9EDAC.97B7E920
Content-Type: text/plain;
charset="windows-874"
Content-Transfer-Encoding: quoted-printable
OK=20
I though that was normal, IIRC since I started playing publisher demo in =
Red5 v0.7 Windows build. It allowed me to connect to root/global scope.
11:23:14:187 - Connecting to rtmp://localhost/
11:23:14:296 - NetConnection.Connect.Success
11:28:27:796 - Publish - NetStream.Publish.Start
11:28:29:515 - Playback - NetStream.Play.Reset
11:28:29:515 - Playback - NetStream.Play.Start
11:28:31:671 - Playback - NetStream.Buffer.Full
If this is really a bug then it would be great to have it fixed in the =
SVN trunk.
From: Andy Shaules=20
Sent: Monday, June 15, 2009 10:59 AM
To: red5@osflash.org=20
Subject: Re: [Red5] Stream Publish Security
Looks like you found a bug.
at=20
package org.red5.server.net.rtmp;
Class RTMPHandler...
After line 250, add the following...
if(scope.getDepth()=3D=3D 0x00)
{
throw new ScopeNotFoundException(scope,"Root connection not allowed");
}
----- Original Message -----=20
From: Vittee=20
To: red5@osflash.org=20
Sent: Sunday, June 14, 2009 7:59 PM
Subject: [Red5] Stream Publish Security
I want to restrict access to publish a stream within global scope.
The registerStreamPublishSecurity method only work with application =
scope, but I'm still allowed to publish a stream into the global scope.
This is a very serious problem, since anyone can connect to my server =
(without knowing any applications name!) and misuse it.
I'm sure there must be a way to do this, but I just can't find it.
Please advice.
Best Regards.
Vittee Nakka
-------------------------------------------------------------------------=
-----
_______________________________________________
Red5 mailing list
Red5@osflash.org
http://osflash.org/mailman/listinfo/red5_osflash.org
-------------------------------------------------------------------------=
-------
_______________________________________________
Red5 mailing list
Red5@osflash.org
http://osflash.org/mailman/listinfo/red5_osflash.org
------=_NextPart_000_00CB_01C9EDAC.97B7E920
Content-Type: text/html;
charset="windows-874"
Content-Transfer-Encoding: quoted-printable
OK
I though that was normal, IIRC since I started =
playing=20
publisher demo in Red5 v0.7 Windows build. It allowed me to =
connect to=20
root/global scope.
11:23:14:187 - Connecting to=20
rtmp://localhost/11:23:14:296 -=20
NetConnection.Connect.Success11:28:27:796 - Publish -=20
NetStream.Publish.Start11:28:29:515 - Playback -=20
NetStream.Play.Reset11:28:29:515 - Playback -=20
NetStream.Play.Start11:28:31:671 - Playback -=20
NetStream.Buffer.Full
If this is really a bug then it would be great =
to have it=20
fixed in the SVN trunk.
From: Andy Shaules
Sent: Monday, June 15, 2009 10:59 AM
To: red5@osflash.org
Subject: Re: [Red5] Stream Publish =
Security
Looks like you found a =
bug.
at
package =
org.red5.server.net.rtmp;
Class RTMPHandler...
After line 250, add the following...
if(scope.getDepth()=3D=3D =
0x00)
{
throw new=20
ScopeNotFoundException(scope,"Root connection not =
allowed");
}
----- Original Message -----
From:=20
Vittee
To: red5@osflash.org
Sent: Sunday, June 14, 2009 =
7:59 PM
Subject: [Red5] Stream Publish=20
Security
I want to restrict access to =
publish a=20
stream within global scope.
The=20
registerStreamPublishSecurity method only work with application scope, =
but I'm=20
still allowed to publish a stream into the global=20
scope.
This is a very serious problem, =
since anyone can=20
connect to my server (without knowing any applications name!) and =
misuse=20
it.
I'm sure there must be a way to do =
this, but I=20
just can't find it.
Please advice.
Best Regards.
Vittee Nakka
_______________________________________________Red5 mailing =
=
listRed5@osflash.orghttp://osflash.org/mailman/listinfo/red5_osfl=
ash.org
_______________________________________________Red5 mailing=20
listRed5@osflash.orghttp://osflash.org/mailman/listinfo/red5_osfl=
ash.org
------=_NextPart_000_00CB_01C9EDAC.97B7E920--
------=_NextPart_000_00CB_01C9EDAC.97B7E920
Content-Type: text/plain;
charset="windows-874"
Content-Transfer-Encoding: quoted-printable
OK=20
I though that was normal, IIRC since I started playing publisher demo in =
Red5 v0.7 Windows build. It allowed me to connect to root/global scope.
11:23:14:187 - Connecting to rtmp://localhost/
11:23:14:296 - NetConnection.Connect.Success
11:28:27:796 - Publish - NetStream.Publish.Start
11:28:29:515 - Playback - NetStream.Play.Reset
11:28:29:515 - Playback - NetStream.Play.Start
11:28:31:671 - Playback - NetStream.Buffer.Full
If this is really a bug then it would be great to have it fixed in the =
SVN trunk.
From: Andy Shaules=20
Sent: Monday, June 15, 2009 10:59 AM
To: red5@osflash.org=20
Subject: Re: [Red5] Stream Publish Security
Looks like you found a bug.
at=20
package org.red5.server.net.rtmp;
Class RTMPHandler...
After line 250, add the following...
if(scope.getDepth()=3D=3D 0x00)
{
throw new ScopeNotFoundException(scope,"Root connection not allowed");
}
----- Original Message -----=20
From: Vittee=20
To: red5@osflash.org=20
Sent: Sunday, June 14, 2009 7:59 PM
Subject: [Red5] Stream Publish Security
I want to restrict access to publish a stream within global scope.
The registerStreamPublishSecurity method only work with application =
scope, but I'm still allowed to publish a stream into the global scope.
This is a very serious problem, since anyone can connect to my server =
(without knowing any applications name!) and misuse it.
I'm sure there must be a way to do this, but I just can't find it.
Please advice.
Best Regards.
Vittee Nakka
-------------------------------------------------------------------------=
-----
_______________________________________________
Red5 mailing list
Red5@osflash.org
http://osflash.org/mailman/listinfo/red5_osflash.org
-------------------------------------------------------------------------=
-------
_______________________________________________
Red5 mailing list
Red5@osflash.org
http://osflash.org/mailman/listinfo/red5_osflash.org
------=_NextPart_000_00CB_01C9EDAC.97B7E920
Content-Type: text/html;
charset="windows-874"
Content-Transfer-Encoding: quoted-printable
OK
I though that was normal, IIRC since I started =
playing=20
publisher demo in Red5 v0.7 Windows build. It allowed me to =
connect to=20
root/global scope.
11:23:14:187 - Connecting to=20
rtmp://localhost/11:23:14:296 -=20
NetConnection.Connect.Success11:28:27:796 - Publish -=20
NetStream.Publish.Start11:28:29:515 - Playback -=20
NetStream.Play.Reset11:28:29:515 - Playback -=20
NetStream.Play.Start11:28:31:671 - Playback -=20
NetStream.Buffer.Full
If this is really a bug then it would be great =
to have it=20
fixed in the SVN trunk.
From: Andy Shaules
Sent: Monday, June 15, 2009 10:59 AM
To: red5@osflash.org
Subject: Re: [Red5] Stream Publish =
Security
Looks like you found a =
bug.
at
package =
org.red5.server.net.rtmp;
Class RTMPHandler...
After line 250, add the following...
if(scope.getDepth()=3D=3D =
0x00)
{
throw new=20
ScopeNotFoundException(scope,"Root connection not =
allowed");
}
----- Original Message -----
From:=20
Vittee
To: red5@osflash.org
Sent: Sunday, June 14, 2009 =
7:59 PM
Subject: [Red5] Stream Publish=20
Security
I want to restrict access to =
publish a=20
stream within global scope.
The=20
registerStreamPublishSecurity method only work with application scope, =
but I'm=20
still allowed to publish a stream into the global=20
scope.
This is a very serious problem, =
since anyone can=20
connect to my server (without knowing any applications name!) and =
misuse=20
it.
I'm sure there must be a way to do =
this, but I=20
just can't find it.
Please advice.
Best Regards.
Vittee Nakka
_______________________________________________Red5 mailing =
=
listRed5@osflash.orghttp://osflash.org/mailman/listinfo/red5_osfl=
ash.org
_______________________________________________Red5 mailing=20
listRed5@osflash.orghttp://osflash.org/mailman/listinfo/red5_osfl=
ash.org
------=_NextPart_000_00CB_01C9EDAC.97B7E920--
Related Threads
- Hendrix - Overall productivity - firefox
- OpenSSL on IBMi - openssl
- Patch ARM - Fixup testsuite for gcc.target/neon-modes-1.c - gcc
- osol-discuss - So when are we gonna fork this sucker? - opensolaris
- P4 2.9 ghz 2 GIGS ram - ubuntu
- TestBot changes - wine
- Re: squid-users - forwarding hostname to 2nd lan interface. - squid
- setting ccache path - freebsd
- qooxdoo-devel - Object Controller converters to bind tree selection - javascript