Wrench Release notes

wrench-2017.09.22.jar

  • wrench.switchable.public.mode.filtering
  • wrench.http.streamer.request.ignore.token
  • "constant" as a valid public mode setting
  • HTTP request rate limiting feature with DB logging and/or dropping clients exceeding request limit (prevents certain "download helpers")
  • IP and query string taken from requests not only from session when http streamer request checking is enabled

wrench-2017.07.17.jar

  • Fixed a bug where the UI was not accessible in certain cases
  • Initial WebRTC support

wrench-2017.05.22.jar

  • REST API for programmatically kicking out a Wowza session based on username or session ID
  • Supports multiple applications spinning up the web interface without interference

wrench-2016.10.13.jar

  • Redirect to preconfigured video if token is missing or authentication fails: wrench.auth.failed.video.http.url
  • Fixed a bug where the UI was not saving certain numeric values properly
  • Support for Wowza behind proxy server: the IP address can be overridden by arbitrary configured HTTP header, e.g. X-Forwarded-For with wrench.ip.override.http.header setting
  • Bitrate limitation: token resolution can now return a bitrate limit for the user which is if exceeded, Wrench disconnects the user
  • Fixed a bug where the token was not properly parsed out from certain MPEG-DASH requests

wrench-2016.04.12.jar

  • Added support for the http streamer request checking feature for MPEG-DASH
  • Database connection is tested upon startup
  • Minor logging tweaks
  • Fixed occasional NPE when the stream was rejected
  • Fixed the bug where certain SQL exceptions got logged as NPE hiding the root cause
  • Removed slf4j from the build
  • New option: wrench.dbcp.max.idle.size that allows more control on the connection pool
  • Fixed duplicate Content-Type header issue on certain outgoing messages that caused problems on IIS

wrench-2016.01.01.jar

  • Web user interface for configuration and management (list sessions, kick user)
  • IP parameter available in token resolver query
  • Java 8 is mandatory
  • applicationName and applicationInstanceName available in MDC (so you can display it in your log4j configuration)
  • Introduced wrench.server.logical.name (available in lifecycle hooks as parameter)
  • IP bypassing also supports subnets with CIDR notation

wrench-2015.07.24.jar

  • Stream name and session id available as parameter in the disconnect SQL hook
  • New convencience parameter: wrench.bypass.publish.allowed

wrench-2015.07.16.jar

  • Fixed the HTTP Accept header of outgoing POSTs, they are now application/json

wrench-2015.05.19.jar

  • Configuration fully cleared out after reading it on startup, to address a security issue

wrench-2015.05.11.jar

  • Fixed java.lang.NullPointerException at certain circumstances in the PPM engine

wrench-2015.05.01.jar

  • IP address is also available in token resolver webservice request
  • wrench.force.secure.transport option to force secure transport

wrench-2015.04.14.jar

  • Introduced webservice based token resolution mechanism
  • Optional encoder flag checking upon publishing
  • New attribute "eventType" in the JSON messages sent upon play and publish, that helps decision in the auth webservice
  • Fixed Content-Type headers in the outgoing JSON messages, application/json; charset=UTF-8 has been added

wrench-2015.03.26.jar

  • Fixed a bug in drop duplicate mechanism that caused dropping the newcomer instead of an existing player
  • PPM/PPV HTTP event publishing feature
  • wrench.duplicate.check.sql allows concurrency checking in multi-edge setup
  • Repackaging from com.wowzatoolbox to com.streamtoolbox

wowza-wrench-2015.02.14.jar

  • wrench.bypass.ip option allows specifying a list of IP addresses that can bypass any check. This can be used for some hardware encoders that don't allow passing the token
  • wrench.connect.authorization.url allows hooking up external webservices that are asked if the current connection should be accepted or not

wowza-wrench-2015.01.23.jar

  • New lifecycle hook wrench.duplicate.drop.sql
  • wrench.http.streamer.request.check.enable option to validate every single HTTP request received (only works with Wowza Streaming Engine 4.1.x)

wowza-wrench-2014.11.27.jar

  • wrench.rtp.check.enable switch allows disabling the RTP protocol checking which is needed if using IP cameras
  • Fixed a bug that caused wrong concurrency limit calculation, had to set n+1 if you wanted n
  • Released wrench.duplicate.drop.other toggle for kicking off existing user if a new user comes with the same username over the limit

wowza-wrench-2014.11.18.jar

  • Introduced plain as an option for wrench.token.hasher to support users who deliberately want less security
  • Added encoder as a SQL parameter in wrench.connect.authorization.sql

wowza-wrench-2014.11.05.jar

  • Introduced wrench.http.referrer.whitelist and wrench.http.referrer.blacklist features that allow limiting player access based on this HTTP header
  • Introduced wrench.verbose.logging switch that is on by default, but if switched off, the amount of logging is reduced
  • Publish stream events (start, stop, play, pause) by calling arbitrary HTTP endpoint POSTing JSON messages

wowza-wrench-2014.09.29.jar

  • Introduced wrench.user.agent.whitelist and wrench.user.agent.blacklist features

wowza-wrench-2014.09.22.jar

  • Introduced wrench.publish.authentication.query which enables per stream / per user permission checking upon RTMP and RTP publishing
  • Allow using :username in token invalidation query
  • Fixed NPE when RTP client starts streaming from Wowza GoCoder on iPhone
  • Fixed query param parsing, trailing slashes are now handled properly

wowza-wrench-2014.09.01.jar

  • Added :hashedtoken parameter to PPM/PPV sql queries
  • The client type (is encoder or not) can be determined by the token resolver query's new optional return column
  • Better error handling in the monitor job
  • Fixed a bug that prevented PPM queries to be executed in case of Flash clients and VOD

wowza-wrench-2014.07.28.jar

  • Added :stream as a parameter to wrench.connect.authorization.sql, so per stream user authentication is possible

wowza-wrench-2014.06.24.jar

  • Fixed a bug that caused wrench.connect.authorization.sql not to work under certain conditions

wowza-wrench-2014.06.11.jar

  • Fixed a bug that caused concurrency checking mechanism not being configured properly under certain conditions
  • Minor improvements in logging

wowza-wrench-2014.05.05.jar

  • Dynamic public/secured mode switching via file or SQL query based switch
  • Minor bugfixes

wowza-wrench-2014.05.02.jar

  • Added support for RTP and MPEG-DASH streaming
  • New DBCP parameters can be configured (maxWaitTime, etc.)
  • New lifecycle hook wrench.ppm.disconnect.sql that allows dynamically dropping players if their PPM balance goes down
  • Bugfix: token invalidation query was not performed if logging was not on debug level
  • Free version's player limit decreased to 25 (sorry)

wowza-wrench-2014.04.24.jar

  • Added support for HTTP based streaming such as San Jose, Cupertino and Smooth streaming
  • Concurrent playing is cross-checked between RTMP and HTTP based streams

wowza-wrench-2014.04.21.jar

  • Token IP address checking
  • Token expiration time checking
  • Duplicate player filtering

wowza-wrench-2014.04.16.jar

  • Bugfix
  • Param substitution changed from pure JDBC to :param style for the update sql run when disconnect

wowza-wrench-2014.04.11.jar

  • Easier SQL parameter binding everywhere by using the :paramname notation instead of ? marks
  • No need to add any external dependencies to lib manually except the JDBC driver, everything is packed into a single fat jar

wowza-wrench-2014.04.10.jar

  • Introduced pay-per-minute and pay-per view features

wowza-wrench-2014.04.06.jar

  • Initial launch of Wowza Wrench with the basic user authentication and SQL hook based authorization functionality.