Switchable Streaming Mode

Ever wondered if you could make only specific parts of your broadcast public? You can now use Wowza Wrench to dynamically switch your streaming mode between secured mode and public mode. In secured mode all your clients must go through all the configured phases of authentication and authorization that you can configure using Wrench. This previous article about user authentication and authorization using Wrench will give you the basic idea about setting up this. You can verify the expiration of the token, the associated IP address or even hook your own SQL queries to perform permisson checking. All clients that joined the stream using a valid token are referred to as verified clients.

When you switch to public mode, Wrench allows clients to connect with and without verification, so you'll end up with having a set of clients being verified and some not. When you turn the switch back to secured mode, Wrench will drop all the unverified clients. This switching can be made quickly any time during your broadcasted event.

Switch Mechanisms

Wrench currently offers two configurable ways to implement your mode switch. One is the so called file mode, which means that Wrench periodically checks whether a particular file exists or not. The other option is the custom SQL based switching, which means that a query is executed on the configured database and if it returns any rows, the mode is assumed to be public. This two gives you a very flexible way to integrate mode switching with your backend system.

Possible Use-cases

  • Broadcast the public opening ceremony of a sports event and later switch to secured mode
  • Broadcast particular panels of a conference public, some secured
  • You name it..

Example Configuration

If you are not familiar with the basic setting up of Wrench, please read this article first. Create a table in your database which will store the per application mode switches:

CREATE TABLE `wtb_public_mode` (
  `id` int(11) NOT NULL,
  `application` varchar(64) NOT NULL,
  `mode` varchar(64) NOT NULL DEFAULT 'secured',
  PRIMARY KEY (`id`)

INSERT INTO wtb_public_mode (id, application, mode) VALUES (1, 'myapplication', 'public');

Switch on the dynamic public mode switching feature in your Application.xml

  <Property><Name>wrench.switchable.public.check.sql</Name><Value>select 1 from wtb_public_mode where application=:application and mode='public'</Value></Property>

Now connect with a client that has a valid token and can pass the configured authentication (see this for details) and with one that has no token at all. Wrench should allow both to join the stream. When you execute the following query:

update wtb_public_mode set mode='secured' where application='myapplication'

Wrench will see the transition (check are executed periodically, default is 10 sec) and it will drop the unverified client.

For all the configuration details please check the reference. An overview of the authentication mechanism can be found here.

Write new comment