icecast2_listenerauth.html 4.96 KB
Newer Older
j's avatar
j committed
1
2
3
4
5
6
7
8
9
<?xml version="1.0"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>Icecast v2.0 Documentation</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<div class="boxtest">
10
<h1>Icecast 2 Listener Authentication</h1>
j's avatar
j committed
11
<hr id='titlebar' />
j's avatar
j committed
12
13
14
<br />
<br />
<br />
15
16
17
<h2>Listener Authentication</h2>
<p>Listener authentication is a feature of icecast which allows you to secure certain mountpoint so that in order to listen, a listener must provide a username and password.  With this feature a simple pay-for-play operation can be setup.  This section will show you the basics of setting up and maintaining this component.</p>

j's avatar
j committed
18
19
20
<br />
<br />
<br />
21
22
23
24
25
26
27
28
<h2>HTPASSWD Listener Authentication</h2>
<h3>Config File Entries</h3>
<p>In order to use listener authentication, you MUST configure a mount specific option.  This means that you have to provide a &lt;mount&gt; section in the main icecast config file.  The following is an example :</p>
<pre>
    &lt;mount&gt;
        &lt;mount-name&gt;/example-complex.ogg&lt;/mount-name&gt;
        &lt;authentication type="htpasswd"&gt;
                &lt;option name="filename" value="myauth"/&gt;
29
                &lt;option name="allow_duplicate_users" value="0"/&gt;
30
31
32
        &lt;/authentication&gt;
    &lt;/mount&gt;
</pre>
33
<p>To support listener authentication you MUST provide at a minimum &lt;mount-name&gt; and &lt;authentication&gt;.  The mount-name is the name of the mountpoint that you will use to connect your source client with and authentication configures what type of icecast2 authenticator to use.  Currently, only a single type "htpasswd" is implemented.  New authenticators will be added later.  Each authenticator has a variable number of options that are required and these are specified as shown in the example.  The htpasswd authenticator requires a few parameters.  The first, filename, specifies the name of the file to use to store users and passwords.  Note that this file need not exist (and probably will not exist when you first set it up).  Icecast has built-in support for managing users and passwords via the web admin interface.  More on this later in this section.  The second option, allow_duplicate_users, if set to 0, will prevent multiple connections using the same username.  Setting this value to 1 will enable mutltiple connections from the same username on a given mountpoint.  Note there is no way to specify a "max connections" for a particular user.
34
</p>
35
<p>Icecast supports a mixture of streams that require listener authentication and those that do not.  Only mounts that are named in the config file can be configured for listener authentication.</p>
j's avatar
j committed
36
37
38
<br />
<br />
<br />
39
40
<h3>Configuring Users and Passwords</h3>
<p>Once the appropriate entries are made to the config file, connect your source client (using the mountpoint you named in the config file).  To configure users and passwords for this stream you must use the web-based admin interface.  Navigate to http://server:ip/admin/stats.xsl to begin.  If you have configured everything properly, you should see a screen like the following :</p>
41
<img src="listener_auth1.jpg" alt="Screenshot of http://server:ip/admin/stats.xsl" />
42
43
<p>You will see a red key in front of all mountpoint configured for listener authentication.  Also note that this page will only show CONNECTED mountpoints.</p>
<p>To manage users and passwords for this mountpoint, click on the red key or follow the "Manage Authentication" link.  The following screen will be shown :</p>
44
<img src="listener_auth2.jpg" alt="Screenshot of Manage Authentication" />
45
<p>This screen will show all the users configured for this mountpoint.  Adding users is as simple as entering a username and password in the fields and clicking "Add New User".  Note that usernames MUST be unique and there are NO restrictions on passwords.  You can delete users by clicking the appropriate delete link next to each user.</p>
j's avatar
j committed
46
47
48
<br />
<br />
<br />
49
50
<h3>Finishing it all off</h3>
<p>Ok, so you've created your users, and you have everything setup properly, how do your users login ?  Well, we've provided a simple login form that you can use for this purpose.  This page (http://server:port/auth.xsl) will bring up a form that users can use to enter their username and password.</p>
51
<img src="listener_auth3.jpg" alt="Screenshot of http://server:port/auth.xsl" />
52
<p>This page will serve a m3u with the username and password and in most cases should open the correct media player and begin playing your stream</p>
j's avatar
j committed
53
54
55
<br />
<br />
<br />
56
57
58
59
60
<h2>A note about players and authentication</h2>
<p>We do not have an exaustive list of players that support listener authentication.  We use standard HTTP basic authentication, and in general, many media players support this if they support anything at all.  Winamp and Foobar2000 support HTTP basic authentication on windows, and XMMS supports it on unix platforms.</p>
</div>
</body>
</html>