-
Notifications
You must be signed in to change notification settings - Fork 37
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
4 changed files
with
186 additions
and
0 deletions.
There are no files selected for viewing
99 changes: 99 additions & 0 deletions
99
...ontent-blog/2023-08-29-Ensuring-Authentication-for-Live-Streaming-Publishing.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,99 @@ | ||
--- | ||
slug: ensuring-authentication-in-live-streaming-publishing | ||
title: Ensuring Authentication in Live Streaming Publishing | ||
authors: [] | ||
tags: [live streaming, security, authentication] | ||
custom_edit_url: null | ||
--- | ||
|
||
# Ensuring Authentication in Live Streaming Publishing | ||
|
||
## Introduction | ||
|
||
In today's digital age, live streaming has become increasingly popular, with platforms like YouTube and | ||
Twitch offering users the ability to broadcast their content in real-time. However, with this growing | ||
popularity comes the need for enhanced security and authentication measures to protect both streamers | ||
and viewers. In this comprehensive guide, we will delve into the importance of security and authentication | ||
in live streaming, discuss the SRS Stack solution for secure publishing, and provide a step-by-step guide | ||
on setting up the SRS Stack for your own live streaming service. | ||
|
||
## The Importance of Authentication in Live Streaming | ||
|
||
When publishing a live stream on platforms like YouTube or Twitch, users need to obtain a stream key | ||
and use broadcasting software like OBS to publish the live stream to the platform. Maintaining the | ||
confidentiality of your stream key is essential, as anyone who obtains it can stream on your behalf, | ||
potentially publishing prohibited content and resulting in your account being blocked by the platform. | ||
|
||
For those looking to build their own live streaming service, ensuring security and authentication | ||
becomes even more critical. This is where the SRS Stack comes in, offering a solution for secure | ||
publishing through the use of a publish secret. | ||
|
||
However, an overly complex security design can also lead to confusion and difficulty for users, | ||
making the streaming platform challenging to use. Therefore, it is crucial to implement a secure | ||
yet straightforward solution for authenticating live streaming publishing. | ||
|
||
## The SRS Stack Solution for Secure Publishing | ||
|
||
The SRS Stack is a powerful tool that helps users build their own live streaming service with enhanced | ||
security and authentication features. By utilizing a publish secret, the SRS Stack ensures that only | ||
authorized users can publish streams, preventing unauthorized access and protecting your content. | ||
|
||
To set up the SRS Stack for secure publishing, follow these steps: | ||
|
||
1. Create an SRS Stack with just one click. For detailed instructions, visit [How to Setup a Video Streaming Service by 1-Click](./2022-04-09-SRS-Stack-Tutorial.md) | ||
|
||
1. Upon creation, the SRS Stack will automatically generate a publish secret, such as `5181a08ee6eab86597e913e1f9e4c294`. You can set it from `System / Authentication / Update Stream Secret`. | ||
|
||
1. Copy the OBS settings from `Scenarios / Streaming`, including the Server and StreamKey. For example, the Server might be `rtmp://135.98.31.15/live/`, and the StreamKey could be `livestream?secret=5181a08ee6eab86597e913e1f9e4c294`. | ||
|
||
1. Open the HLS player to play the stream, such as `http://135.98.31.15/live/livestream.m3u8`. | ||
|
||
For example, you will get the following URLs: | ||
* Publish URL: `rtmp://135.98.31.15/live/livestream?secret=5181a08ee6eab86597e913e1f9e4c294` | ||
* Play URL: `http://135.98.31.15/live/livestream.m3u8` | ||
|
||
Note that the secret is not included in the play stream URL, preventing viewers from knowing the publish | ||
secret and ensuring they can only watch the stream, not publish it. | ||
|
||
## Supporting Multiple Streams | ||
|
||
The SRS Stack allows users to support multiple streams by simply changing the resource name (stream name) as | ||
needed. For example, change stream name from `livestream` to `movie`: | ||
- Publish URL: `rtmp://135.98.31.15/live/movie?secret=5181a08ee6eab86597e913e1f9e4c294` | ||
- Play URL: `http://135.98.31.15/live/movie.m3u8` | ||
|
||
Or you can change `livestream` to `sport`: | ||
- Publish URL: `rtmp://135.98.31.15/live/sport?secret=5181a08ee6eab86597e913e1f9e4c294` | ||
- Play URL: `http://135.98.31.15/live/sport.m3u8` | ||
|
||
You can use any name you prefer, for example, `the-10-years-anually-for-you`: | ||
- Publish URL: `rtmp://135.98.31.15/live/the-10-years-anually-for-you?secret=5181a08ee6eab86597e913e1f9e4c294` | ||
- Play URL: `http://135.98.31.15/live/the-10-years-anually-for-you.m3u8` | ||
|
||
The SRS Stack allows for an unlimited number of simultaneous streams, with the only constraint being your | ||
server's bandwidth capacity. Additionally, you have the freedom to choose any desired stream name. | ||
|
||
## Limitations of the SRS Stack | ||
|
||
Nevertheless, the SRS Stack has a few limitations. | ||
|
||
As of now, it only supports authentication for publishing streams using a global secret applicable to | ||
all streams. It does not provide individual secrets for each stream in an effort to maintain simplicity. | ||
|
||
Additionally, unlike YouTube and Twitch, the SRS Stack does not support changing stream names, which use | ||
different names for publishing and playing. This can be confusing and complex, as it requires an additional | ||
system to manage the mapping of filenames. | ||
|
||
Finally, the SRS Stack does not have authentication support for playing streams at the moment, making the | ||
stream view public and accessible to anyone. If you would like to limit the playback of the stream, please | ||
let us know. This feature is included in the milestone, but there is no specific timeline for its | ||
implementation. | ||
|
||
## Conclusion | ||
|
||
In summary, security and authentication are vital aspects of live streaming, and the SRS Stack provides a | ||
straightforward solution for those building their own streaming services. By following the steps outlined | ||
in this guide, you can ensure that your live streaming service remains secure and accessible only to | ||
authorized users. | ||
|
||
![](https://ossrs.net/gif/v1/sls.gif?site=ossrs.io&path=/lts/blog-en/2023-08-29-Ensuring-Authentication-for-Live-Streaming-Publishing.md) |
83 changes: 83 additions & 0 deletions
83
...ontent-blog/2023-08-29-Ensuring-Authentication-for-Live-Streaming-Publishing.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,83 @@ | ||
--- | ||
slug: ensuring-authentication-in-live-streaming-publishing | ||
title: 如何实现直播推流鉴权和安全 | ||
authors: [] | ||
tags: [live streaming, security, authentication] | ||
custom_edit_url: null | ||
--- | ||
|
||
# Ensuring Authentication in Live Streaming Publishing | ||
|
||
## Introduction | ||
|
||
在当今的数字时代,直播变得越来越受欢迎,像视频号和抖音这样的平台为用户提供了实时直播内容的能力。然而,随着这种越来越受 | ||
欢迎的需求,加强安全性和认证措施以保护播放者和观众变得尤为重要。在这篇全面的指南中,我们将深入探讨直播中安全性和认证的重要性, | ||
讨论SRS Stack解决方案以实现安全发布,并提供一步一步的指南来为您自己的直播服务设置SRS Stack。 | ||
|
||
## The Importance of Authentication in Live Streaming | ||
|
||
在视频号和抖音等平台上发布直播时,用户需要获取一个流密钥,并使用像OBS将流推送到直播平台。保持流密钥的私密性至关重要, | ||
因为任何有权访问它的人都可以代表您发布流,触发违规行为。 | ||
|
||
对于那些希望建立自己的直播服务的人来说,确保安全性和认证变得更加关键。这就是SRS Stack的作用所在,通过使用Publish Secret | ||
来提供安全发布的解决方案。 | ||
|
||
然而,过于复杂的安全设计也可能导致用户感到困惑和困难,使得流媒体平台难以使用。因此,实施一种安全且简单的解决方案对于 | ||
实时流媒体发布至关重要。 | ||
|
||
## The SRS Stack Solution for Secure Publishing | ||
|
||
SRS Stack是一个强大的工具,帮助用户建立自己的直播服务,并增强安全性和认证功能。通过使用Publish Secret,SRS Stack | ||
确保只有授权用户才能发布流,防止未经授权的访问并保护您的内容。 | ||
|
||
要设置SRS Stack以实现安全发布,请按照以下步骤操作: | ||
|
||
1. 一键创建SRS Stack。有关详细说明,请访问[How to Setup a Video Streaming Service by 1-Click](./2022-04-09-SRS-Stack-Tutorial.md) | ||
|
||
1. 创建后,SRS Stack将自动生成一个Publish Secret,例如`5181a08ee6eab86597e913e1f9e4c294`。您可以从`System / Authentication / Update Stream Secret`设置它。 | ||
|
||
1. 从`Scenarios / Streaming`复制OBS设置,包括`Server`和`StreamKey`。例如,`Server`可能是`rtmp://135.98.31.15/live/`,`StreamKey`可能是`livestream?secret=5181a08ee6eab86597e913e1f9e4c294`。 | ||
|
||
打开HLS播放器播放流,例如 `http://135.98.31.15/live/livestream.m3u8` | ||
|
||
例如,您将获得以下网址: | ||
|
||
* Publish URL: `rtmp://135.98.31.15/live/livestream?secret=5181a08ee6eab86597e913e1f9e4c294` | ||
* Play URL: `http://135.98.31.15/live/livestream.m3u8` | ||
|
||
请注意,播放流网址中不包含Publish Secret,防止观众知道Publish Secret。这样观众只能观看流,而不能发布。 | ||
|
||
## Supporting Multiple Streams | ||
|
||
SRS Stack允许用户通过根据需要简单地更改资源名称(流名称)来支持多个流。例如,将流名称从`livestream`更改为`movie`: | ||
- Publish URL: `rtmp://135.98.31.15/live/movie?secret=5181a08ee6eab86597e913e1f9e4c294` | ||
- Play URL: `http://135.98.31.15/live/movie.m3u8` | ||
|
||
或者您可以将`livestream`更改为`sport`: | ||
- Publish URL: `rtmp://135.98.31.15/live/sport?secret=5181a08ee6eab86597e913e1f9e4c294` | ||
- Play URL: `http://135.98.31.15/live/sport.m3u8` | ||
|
||
您可以使用任何您喜欢的名称,例如,`the-10-years-anually-for-you` : | ||
- Publish URL: `rtmp://135.98.31.15/live/the-10-years-anually-for-you?secret=5181a08ee6eab86597e913e1f9e4c294` | ||
- Play URL: `http://135.98.31.15/live/the-10-years-anually-for-you.m3u8` | ||
|
||
SRS Stack允许无限数量的同时流,唯一的限制是您的服务器带宽容量。此外,您可以自由选择任何所需的流名称。 | ||
|
||
## Limitations of the SRS Stack | ||
|
||
然而,SRS Stack也有一些局限性。 | ||
|
||
截至目前,它仅支持使用适用于所有流的全局秘密进行流发布认证。为了保持简单,它不为每个流提供单独的秘密。 | ||
|
||
此外,与YouTube和Twitch不同,SRS Stack不支持更改流名称,这些名称在发布和播放时使用不同的名称。这可能会令人困惑和复杂, | ||
因为它需要一个额外的系统来管理文件名的映射。 | ||
|
||
最后,SRS Stack目前尚未支持播放流的认证,使流视图对所有人公开和可访问。如果您希望限制流的播放,请告诉我们。这个功能包含 | ||
在里程碑中,但没有具体的实施时间表。 | ||
|
||
## Conclusion | ||
|
||
总之,安全性和认证是直播的重要方面,SRS Stack为那些建立自己的流媒体服务的人提供了一个简单的解决方案。 | ||
通过遵循本指南中概述的步骤,您可以确保您的直播服务保持安全并仅对授权用户可访问。 | ||
|
||
![](https://ossrs.net/gif/v1/sls.gif?site=ossrs.io&path=/lts/blog-zh/2023-08-29-Ensuring-Authentication-for-Live-Streaming-Publishing.md) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters