01-25-2009 12:45 PM
I am working on a project now for a site that uses Brightcove to host their streaming videos. Soon a members section will be added where certain videos can only be accessed by registered users who have paid a fee to watch the vid. I was wondering if anyone else has tackled this or similar authentication issues, and if so, are there any potholes to watch out for regarding the Brightcove APIs, or will they make my life easy, or is this an impossible dream, or...any feedback would be appreciated. I searched the forums but didn't see anything related. I will continue reading through all the Brightcove documentation and likely post again as I learn more, but I just wanted to see if anyone else had any helpful info in the meantime.
Thanks in advance :)
Solved! Go to Solution.
01-25-2009 05:08 PM
A couple of points to consider when you want to keep your videos more secure.
1. If your account is currently not configured for FMS delivery (i.e. all your videos are delivered via HTTP), you may want to consider requesting our customer support team to switch you to FMS. Brightcove's FMS integration with the Limelight CDN provides some extra content protection schemes than vanilla HTTP. A TTL (time to lived token) is attached to each URL which helps prevent deep linking. With HTTP delivery one can easily download the file if they know the URL.
2. You should configure your players so Domain Restriction is turned on and the player's publishing code can't be placed on other websites. You can configure your player so it will only load on your domain.
"Restrict to your web domain: Enter a complete URL (such as http://example.com) to restrict your player's availability to this particular domain. Leave out the "www" in the URL for more flexible restriction. Be sure to include either http:// or https://. "
3. You can also disable viral sharing for your important videos, or remove the "get code" function from your player completely. Then one can't republish the video on another website.
You can learn more about these settings in this Help Center document.
After you've got this covered your can simply place the relevant players behind your own authentication system, requiring special user authorization to access the players!
I hope this helps! If you have more questions during this project don't hesitate to post back!
04-21-2011 08:21 AM
Establishing domain restriction by IP Address won't work very effectively since we perform a pattern match on the domain path of the URL. If you want users to use https://evintranet then this would never match the IP Address string. I presume our validation for the field requires some domain in the form of 1234.ABC? If so could you consider an internal domain like evintranet.local? That's what we have done for some systems at Brightcove.
Alternatively, if you need real strong protection we have some advanced features that can lock the players of an account to only load within specific corporate networks. This operates differently than domain restriction as we actually verify that the user is accessing the player on the configured network address. This feature would match your specific needs for Intranet use cases, but is only available in our Enterprise edition. If this is interesting to your company, then I would suggest discussing the option with your account manager.
04-22-2011 08:15 AM
Sam, Sorry for the delayed response. I receive a daily digest of forum activity so I just received your request this morning. I'll have someone touch base with you.
04-22-2011 09:42 AM
I have touched base with your Account Manager who will plan to touch base with you on this subject and the planned professional services work as well.
06-06-2012 10:28 AM
I am looking for the same information but I am not getting any response from my account rep. We have the enterprise version and need to set up a internal video library for our internal employees only.
Can someone contact me please.