Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


Implementing Stream Security in Red5


This example demonstrates how to secure playback and publish operations on Red5 / Red5 Pro using IStreamPlaybackSecurity and IStreamPublishSecurity interfaces respectively.

to implement security an application needs to do the folowing :

  1. Capture client parameters
  2. Implement the IStreamPlaybackSecurity and/or IStreamPublishSecurity interfaces to intercept playback and publish
  3. Within the intercepting methods of the implementations access client parameters and validate the action (publish/subscribe)

The entire process is explained in details in the following links. It is recommended that you read through before attempting to install this application.

Build & Deploy


To build this application : open a shell prompt in the application's project directory (where the pom.xml file resides). run the following maven command in your shell ->

mvn clean package 

The above command will generate a war file in the target directory inside the project directory.


To deploy the war to red5 pro server :

  1. Stop server if it is running.

  2. Extract the content of the war file to directory by war name.

The java war file is simply a archive file similar to zip format. you can extract it using a archive tool such as 7zip, Winrar trial etc

  1. Copy the folder into RED5_HOME/webapps/ directory.

  2. Start server.

How To Use Example

To see this example in action, deploy this application (stream-security-demo) on your server. Connect to the wb application and attempt to publish / subscribe.

  1. To publish to a stream successfully, your client must pass a parameter called 'token' with the value of 'red5pro#publisher'.

Code link: https://github.com/rajdeeprath/red5-development-series/blob/master/code-examples/server-side/red5-stream-examples/stream-security-demo/src/main/java/org/red5/streams/examples/security/PublishSecurity.java

  1. To subscribe to a stream successfully, your client must pass a parameter called 'token' with the value of 'red5pro#subscriber'.

Code link: https://github.com/rajdeeprath/red5-development-series/blob/master/code-examples/server-side/red5-stream-examples/stream-security-demo/src/main/java/org/red5/streams/examples/security/PlaybackSecurity.java

Check out Capturing client params, to see how to pass parameters to the application for RTMP/RTSP/WebRTC.


You can edit the server side code in your eclipse JEE IDE such as Luna, Mars, Neon etc. To import the code into your IDE:

  1. Navigate to the repository folder
  2. Execute maven command mvn eclipse:eclipse. This will generate files necessary for eclipse to read the maven project properly.
  3. In eclipse go to File -> Import -> Existing Maven Projects and click Next.
  4. Browse and select the project root and Click Finish to import the project.

Additional Notes

Reference Links

Capturing client params

Intercepting and validating publishers

Intercepting and validating subscribers

Writing a Red5 Pro plugin