[Icecast] uri authentication

Alistair Young alistair.young at uhi.ac.uk
Sat Mar 17 09:21:07 UTC 2012 

thanks for such a detailed answer Leo, just what I needed. The script will authenticate/authorize via LDAP and thanks for the pointers on stats/usage.

cheers,

Alistair

--------------
mov eax,1
mov ebx,0
int 80

On 16 Mar 2012, at 22:58, Leo Currie wrote:

> Alistair -
> 
> That's pretty much correct.
> 
> It might be worth pointing out that the client will probably only prompt you to enter a username and password if it receives a 401 from the server.
> Icecast will respond to the client with a 401 if the call to the authentication script doesn't return the auth header ("icecast-auth-user: 1" by default).
> This is another way of saying that the client normally won't know that it needs to ask you for a username/password without first attempting to connect without a username/password. And so your authentication script will normally be called twice for each connection.
> 
> It's perfectly feasible to write an authentication script that uses something other than the basic HTTP username/password. For example, you could use the IP address to authenticate clients. Any additional parameters tagged on to the mountpoint will be passed on to your authentication script too, so if you had a mountpoint called /stream.ogg and you tried to connect to /stream.ogg?myParam=123 then the value 123 would also be passed in the parameter myParam to your script (url encoded).
> 
> So if you've already setup a website with user authentication, you might be able to allow already-logged-in users to open a stream without any additional login steps by using a session id parameter on the listen link.
> 
> Or you can use the URL authentication mechanism for simply tracking listener start/stop events for usage stats (e.g. Google analytics to track listener events).
> 
> Leo
> 
> On 16 March 2012 12:18, Alistair Young <Alistair.Young at uhi.ac.uk> wrote:
> Hi folks,
> 
> http://www.icecast.org/docs/icecast-2.3.1/icecast2_listenerauth.html
> 
> is uri authentication an extension of http authentication? i.e. if you use uri authentication the user is also asked for their username and password, which are sent to the script via the username and password options?
> 
> thanks,
> 
> Alistair
> 
> --------------
> mov eax,1
> mov ebx,0
> int 80
> 
> _______________________________________________
> Icecast mailing list
> Icecast at xiph.org
> http://lists.xiph.org/mailman/listinfo/icecast
> 
> _______________________________________________
> Icecast mailing list
> Icecast at xiph.org
> http://lists.xiph.org/mailman/listinfo/icecast

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xiph.org/pipermail/icecast/attachments/20120317/96f5f34a/attachment.htm>

More information about the Icecast mailing list