tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alan Chaney <a...@compulsivecreative.com>
Subject Re: Streaming Video Media
Date Mon, 12 May 2008 12:42:33 GMT
My understanding is that you want your users to be able to *view* a 
streaming file but not download it to their file system?

Unfortunately there is no way to absolutely prevent this happening, 
because the data of the file MUST be transferred from the server to the 
browser to allow the end user to watch it.

There is no mechanism in tomcat or any other web server which can 
control what the user does with data when they have acutally got it in 
their browser.

The best thing that you can do is to try and avoid having the download 
link actually appear in the web page. This can be done by for example 
having a Flash player to play the video and writing ActionScript to make 
a specific request to your server using some kind of obfuscated URL. Of 
course, this mechanism will not stop someone with any understanding of 
HTTP and HTML from discovering the correct URL to use, but it will stop 
people just casually right-clicking on a link and downloading it.

The only other alternative is to employ some kind of DRM system, but I 
guess you don't want to go that way.

HTH

Alan Chaney



bperquku wrote:
> thank you for your reply,
> Actually my webapp uses a db authentication, but even registered users will
> not have to download videos, only to see them.
> 
> thnx.
> 
> 
> 
> Александър Л. Димитров wrote:
>> Hi, 
>>
>> Quoth bperquku:
>>> Hi,
>>> I installed Tomcat 6.0. I have sample webapp that streams's video
>>> content.
>>> Is it possible somke how to protect video from downloading
>> Simplest suggestion: why don't you just let the webapp authenticate the
>> user
>> against some user DB? If security isn't a concern there are even simpler
>> methods
>> (like, md5-hash the password and store it locally).
>> Query for it with a JS input dialog or an http form. If it's supposed to
>> be very
>> secure, use SSL on top.
>>
>> Aleks
>>
>>  
>>
> 

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message