Replies: 11 comments 1 reply
-
|
For that use case, I think using nginx proxy with a secure link plugin or a thing like can do that. |
Beta Was this translation helpful? Give feedback.
-
|
LL-HLS / HLS can be solved but for WebRTC I can't think of any workarounds :) |
Beta Was this translation helpful? Give feedback.
-
|
I assume you're using 'Access Control', just setup API signaling that then terminates the 'View Session' and clears out any active tokens. |
Beta Was this translation helpful? Give feedback.
-
|
I'm using https://docs.ovenmediaengine.com/access-control/admission-webhooks -- so that my backend can control who can publish and who can play. |
Beta Was this translation helpful? Give feedback.
-
|
So what you are looking for is the 'STREAM TERMINATION' You essentially listen for events from OME and once you've got that signal, you generate logic to do what you want it to do. Depending on how you publish, would be how you remove. Mine just listens for 'publish_done' and terminates the view session, by closing down the page. This is an example simplified version of what I do. Once stream has ended, I set the state to isLive = False, my Frontend then handles the clearing out of any tokens. |
Beta Was this translation helpful? Give feedback.
-
|
This is what I created for Nest.js |
Beta Was this translation helpful? Give feedback.
-
|
Oh, but I'm looking to terminate some viewers while keeping others on an active stream, without killing the stream publish (which will disconnect everyone). |
Beta Was this translation helpful? Give feedback.
-
|
Oh that's easy. In my 'Frontend' for 'Admin' on the 'View Channel' I have 'Viewer List' which I can click on the user and ban them, it essentially blocks their 'User ID' for that 'View Channel'. You can set this into the Admissions, to check for 'Banned ID' either based globally or channel based. Mind me asking what you're trying to build? As it might be worth looking at my project 😉😉😉😉😉 I'm doing this and more. |
Beta Was this translation helpful? Give feedback.
-
|
OvenMediaEngine with AdmissionWebhooks only checks authorization once before stream publish or playback. So, when I start viewing a stream with ?token= and it is approved by my backend, even if I remove it, viewer can keep viewing the stream (webrtc/ll-hls) until it's offline. What I want is to have ability to kick viewers from a live stream, where they shouldn't be able to reconnect to live stream back (that one is easy since token is revoked). I'm trying to build a demo that showcases OME's capabilities, and it requires termination of publishers and viewers. With livekit I'm able to kick people off the room (and by using short lived JWT tokens, it works well). It'd be great if OME also gains ability to terminate individual viewers. |
Beta Was this translation helpful? Give feedback.
-
|
This isn't actually part of our current plan. Managing sessions directly in OME would be a big step, and so far, the broadcast industry hasn’t really asked for this kind of feature. That said, it’s definitely an interesting idea. Are there many use cases where you need to directly kick out a playing session? For preview streams, we already support setting a session lifetime through SignedPolicy or AdmissionWebhooks. In online meeting scenarios, it makes sense to have a kick feature to remove a specific user from a room. But since OME is mostly used for broadcasting, we haven't seen much need for that. At the service level, I can imagine not issuing a playback URL to restrict access. But if you could share more about situations where you need to immediately disconnect an active viewer, that would help broaden my perspective. |
Beta Was this translation helpful? Give feedback.
-
|
Imagine you have a tiktok / twitch like site, where one publisher consumed by several viewers. Members are authorized by ?token= on playback start. If publisher wants to kick them from their live stream, playback must disconnect. With WebRTC, playback remains connected. I can invalidate playback token, prevent user from reconnecting to chat, but if you can't kick live viewers out then this won't work. There are certain categories of services rely on this feature, for example almost all cam sites (+18, legal). SignedPolicy is cool but it's not going to work when you want to terminate an active view session. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
I have a cool demo of ovenmediaengine where I can demonstrate origin <-> edge and basic authentication with WebHookAdmissions for publish and playback.
I can terminate publishers easily, it disconnects their OBS (or ffmpeg). But there is no way to terminate viewers who are also using token to authenticate, for example:
https://xx.xx.com:3334/live/test3/llhls.m3u8?token=a36c2d7e-f6f1-4dd4-a366-8e4b6edf9fd9
and backend is responsible for allowing / disallowing playback.
It'd be great to have this feature in my opinion. I can disconnect users from FE with a websocket connection but it won't be secure. Server should be able to terminate view sessions just like it can kick streams offline in my opinion.
Beta Was this translation helpful? Give feedback.
All reactions