Page History: Understanding the Webcast security model
Compare Page Revisions
Page Revision: 2009/05/18 00:32
Many Webcasts are configured to limit access in some way, and these limitations apply to the MetaService's data and underlying binaries like pdf files and media streams as well.
The Webcast object you retrieve when you call WebcastGet contains Urls to binaries and mediastreams. You can download the files at those Urls, or link to them directly from within your own application, as long as each request for a Url includes a valid authorization cookie.
MetaService clients and users receive this per-webcast authorization cookie by visiting the Url in Webcast.RegisterUrl.
The application at Webcast.RegisterUrl is our gatekeeper, and it provides access with 3 seperate scenario's in mind:
Publish a link to the Company Webcast Player
When a webcast has access limitations configured:
When a user clicks on RegisterUrl he is presented with an authentication form. Once the form is completed the user is redirected to the Companywebcast Player.
When a webcast has no access limitations:
When a user clicks on RegisterUrl, he is redirected to the Companywebcast Player.
Publish a link directly to a binary or media stream
When a webcast has access limitations configured:
You can build completely custom end user experiences by using the Urls to streams and binaries directly in your own application. However, the user interface of the authorization process is always hosted by Companywebcast. Depending on the type of access limitations applied to a Webcast, you may have to implement some kind of overlay that displays the form at Webcast.RegisterUrl.
The default behaviour of Webcast.RegisterUrl is to display a form, and after successfull completion, redirect the user to a Companywebcast Player. You can override where the user is redirected after successfull completion, and in stead redirect the user to a page within your own application.
You do this by formatting your call to RegisterUrl like this : Webcast.RegisterUrl?ref=http://yoursite/yourfile
When a webcast has no access limitations:
Use the Urls to streams and binaries directly in your application.
Retrieve binaries to local storage
Your MetaService client can use the Urls to binaries and mediastreams to retrieve and store files locally. For this to work your client will have to send a valid authorization cookie along with every request for a binary or mediastream. Because webcasts may have access limitations in place that require interactive input from the user, we've provided to "known" users a way of retrieving an authorization cookie directly.
You can retrieve a valid cookie per Webcast by POSTing your MetaService account details to Webcast.RegisterUrl.
Your account details have to be formatted like this : Username=YourUsername&Password=YourPassword
This is an example of a valid request to Webcast.RegisterUrl:
POST /rotterdam/20090409_1/nl/authenticate/register HTTP/1.1
Accept: */*
Content-Length: 32
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Jakarta Commons-HttpClient/3.1
Host: player.companywebcast.com
Connection: Keep-Alive
Cache-Control: no-cache
Username=testusername&Password=testpassword