Access control / password / user management

heo · 14th October 2001, 12:25

In sc_serv.ini it says:

; Password. While SHOUTcast never asks a listener for a password...

I have a problem with that, since I have a need for making a webpage, where only registered users can hear the strem from my SHOUTcast server - whether it's on demand or live broadcast.

Since all links to the SHOUTcast streams are handled directly by the SHOUTcast server I have no change of restricted the access with server side user management, as I do in PHP for all the other content.

I cannot find a way to protect something as
http://myserverip

ort/listen.pls or http://myserverip

ort/content/ondemandfile.pls.

Please help - there must be a way to handle this problem.

There are several arguments to why access control is relevant. Copyrighted material, private audio streams etc. shouldn't be available just by knowing the right link! Perhaps I would set up a small news broadcast with info ONLY for a few registered persons. How do I do that?

Jay · 14th October 2001, 21:00

There is no password protection from listeners in SHOUTcast.

There is also no way to absolutely protect your content from unregistered users software wise, you could set up a firewall to allow only certain IP's access, Win2k has this ability as well.

SomaFM · 16th October 2001, 02:31

In theory, you could have your sign in registration software control a firewall on a Linux box (assuming you're serving on linux). That's what I'd do.

Jay · 16th October 2001, 05:55

Well that solution could pose a problem for people with Dynamic or rotating IP addresses.

also what's to keep an entire network from accessing your stream, to the internet a building can be one IP address.

So there are many obsticles to overcome.

the best solution I have thought of is using something like PHP or another scripting language to redirect the signal to everyone, you could keep your server behind the firewall and then have the public get a script.

Something as simple as redirection might be enough to fool most but you could just echo out the stream to clients who provide correct User and pass info on a page or something.

Just a thought...

14th October 2001, 12:25	#1
heo Junior Member Join Date: Oct 2001 Posts: 2	Access control / password / user management In sc_serv.ini it says: ; Password. While SHOUTcast never asks a listener for a password... I have a problem with that, since I have a need for making a webpage, where only registered users can hear the strem from my SHOUTcast server - whether it's on demand or live broadcast. Since all links to the SHOUTcast streams are handled directly by the SHOUTcast server I have no change of restricted the access with server side user management, as I do in PHP for all the other content. I cannot find a way to protect something as http://myserveriport/listen.pls or http://myserveriport/content/ondemandfile.pls. Please help - there must be a way to handle this problem. There are several arguments to why access control is relevant. Copyrighted material, private audio streams etc. shouldn't be available just by knowing the right link! Perhaps I would set up a small news broadcast with info ONLY for a few registered persons. How do I do that?

14th October 2001, 21:00	#2
Jay Moderator Alumni Join Date: May 2000 Location: Next Door Posts: 8,888	There is no password protection from listeners in SHOUTcast. There is also no way to absolutely protect your content from unregistered users software wise, you could set up a firewall to allow only certain IP's access, Win2k has this ability as well. -Jay \| Radio Toolbox.com

16th October 2001, 05:55	#4
Jay Moderator Alumni Join Date: May 2000 Location: Next Door Posts: 8,888	Well that solution could pose a problem for people with Dynamic or rotating IP addresses. also what's to keep an entire network from accessing your stream, to the internet a building can be one IP address. So there are many obsticles to overcome. the best solution I have thought of is using something like PHP or another scripting language to redirect the signal to everyone, you could keep your server behind the firewall and then have the public get a script. Something as simple as redirection might be enough to fool most but you could just echo out the stream to clients who provide correct User and pass info on a page or something. Just a thought... -Jay \| Radio Toolbox.com

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

16th October 2001, 02:31	#3
SomaFM Member Join Date: Oct 2000 Posts: 81	In theory, you could have your sign in registration software control a firewall on a Linux box (assuming you're serving on linux). That's what I'd do.