[icecast-dev] User authentication schemes

[Bryan Jay Miller]

After reviewing the discussion from early November regarding user 
authentication and subscription schemes in Icecast, I've been chewing 
on some ideas to implement this in a flexible way that has benefit to 
everyone and minimal impact on the core server. Because everyone's 
subscription/authentication needs are going to differ, it probably is 
best to keep as much of the auth logic external to the server.

In our particular situation, we would simply like to authenticate users 
to a mountpoint, and it's important that no more than one person can 
log on at a time using the same username and password pair. We'd like 
to store our username, password and mount authorization in a MySQL db.

What about SOAP (or would this be an RPC)? When a client connects, a 
SOAP object is sent to the subscription/authorization server containing 
the username, password and requested mount. The auth server can then 
process this and return true or false. Then when the client logs off, 
another object would be sent to note that event. The cool thing about 
this is that you can write whatever authorization logic you'd like. 
Icecast just has to send the objects (and get a response when someone 
is logging on) with no knowledge of how the decision to authenticate or 
not is made. Or is there better/easier protocol or method to use to get 
the same effect?

I would guess this could also be done with URL calls as well but how 
would Icecast accept the response? Is this ability built into the httpp 
library?

Any and all suggestions welcome...

Thanks - bryan

--- >8 ----
List archives:  http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to 'icecast-dev-request at xiph.org'
containing only the word 'unsubscribe' in the body.  No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.