问题描述
目前为了能够方便开发者,我们将EasyDarwin中的RTSP认证过程直接忽略过了,如果要开启认证的方式,我们可以在代码中打开:
case kRoutingRequest: { // Invoke router modules numModules = QTSServerInterface::GetNumModulesInRole(QTSSModule::kRTSPRouteRole); { // Manipulation of the RTPSession from the point of view of // a module is guaranteed to be atomic by the API. Assert(fRTPSession != NULL); OSMutexLocker locker(fRTPSession->GetSessionMutex()); for (; (fCurrentModule < numModules) && ((!fRequest->HasResponseBeenSent()) || fModuleState.eventRequested); fCurrentModule++) { fModuleState.eventRequested = false; fModuleState.idleTime = 0; if (fModuleState.globalLockRequested) { fModuleState.globalLockRequested = false; fModuleState.isGlobalLocked = true; } theModule = QTSServerInterface::GetModule(QTSSModule::kRTSPRouteRole, fCurrentModule); (void)theModule->CallDispatch(QTSS_RTSPRoute_Role, &fRoleParams); fModuleState.isGlobalLocked = false; if (fModuleState.globalLockRequested) // call this request back locked return this->CallLocked(); // If this module has requested an event, return and wait for the event to transpire if (fModuleState.eventRequested) { this->ForceSameThread(); // We are holding mutexes, so we need to force // the same thread to be used for next Run() return fModuleState.idleTime; // If the module has requested idle time... } } } fCurrentModule = 0; // SetupAuthLocalPath must happen after kRoutingRequest and before kAuthenticatingRequest // placed here so that if the state is shifted to kPostProcessingRequest from a response being sent // then the AuthLocalPath will still be set. fRequest->SetupAuthLocalPath(); if (fRequest->HasResponseBeenSent()) { fState = kPostProcessingRequest; break; } //!!! 这里打开对RTSPSession进行授权认证的过程 !!! if (fRequest->SkipAuthorization()) { // Skip the authentication and authorization states // The foll. normally gets executed at the end of the authorization state // Prepare for kPreprocessingRequest state. fState = kPreprocessingRequest; if (fRequest->GetMethod() == qtssSetupMethod) // Make sure to erase the session ID stored in the request at this point. // If we fail to do so, this same session would be used if another // SETUP was issued on this same TCP connection. fLastRTPSessionIDPtr.Len = 0; else if (fLastRTPSessionIDPtr.Len == 0) fLastRTPSessionIDPtr.Len = ::strlen(fLastRTPSessionIDPtr.Ptr); break; } else fState = kAuthenticatingRequest; } 这里将kAuthenticatingRequest流程打开就能够进行RTSP认证的验证过程了,那么还有一种Token验证的方式,这种方法就类似于RTMP里面的认证方式,在流名称后面增加认证的Token串作为请求URL的QueryString发送给服务器进行动态认证,那么这种方式,我们可以在RTSPSession::SetupRequest中进行Token的相关过滤:
void RTSPSession::SetupRequest(){ // First parse the request QTSS_Error theErr = fRequest->Parse(); if (theErr != QTSS_NoErr) return; // 对RTSPRequest进行Token解析 StrPtrLen *token = fRequest->GetValue(qtssRTSPReqQueryString); //TODO::对Token进行自定义验证,失败返回401等相应错误码 // // let's also refresh RTP session timeout so that it's kept alive in sync with the RTSP session. // // Attempt to find the RTP session for this request. OSRefTable* theMap = QTSServerInterface::GetServer()->GetRTPSessionMap(); theErr = this->FindRTPSession(theMap); EasyDarwin RTSP认证方式
基于配置文件中用户名/密码认证的方法可参考:
RTSP动态认证的方式可以参考博客《》
EasyDarwin Token认证方式
我们可以自定义一个EasyDarwin的Module,再在上述中的RTSPSession::SetupRequest中,将token以参数的形式传递给Module进行认证处理,其处理流程可以模仿《》中的流程进行;
Github
EasyDarwin开源流媒体服务器:
获取更多信息
邮件:
WEB:
Copyright © EasyDarwin.org 2012-2016
