DRM secure streaming Adobe Access DRM authentication and secure stream protection from within JW Player 6 for Flash desktop.


The Secure DRM Plugin is used to provide secure DRM flash video content to JW Player 6.

Username: adobe
Password: adobe

The plugin supports ident user login encrypted content which will provide a login window and anonymous encrypted content which will obtain a token and play the video automatically.

Flash DRM content is provided by Adobe Flash Access 2.0 using either self hosted or flash access provider servers.

More information

Supported Flash Access Providers

Requirements

The Secure DRM plugin requires Flash 10.1 and a Flash Access module updated on the system for playback to work. JW Player does not support the Express Installer therefore players cannot be updated automaticall. The plugin will also automatically download the Flash Access module for the Flash Player automatically before playback resumes.

Note:


Flash has ceased to load on Android 4.1 browsers therefore Flash Access DRM Mobile applications are required to be built for Android and IOS instead. The sample Android application is available here http://www.ezdrm.com/downloads/AdobeFASSampleVideoPlayers.zip and the IOS Flash Access DRM SDK with an example player is available here http://www.adobe.com/support/documentation/en/adobeaccess/ with SDK instructions here http://www.adobe.com/support/adobeaccess/pdfs/client/ios_readme.pdf

NOTE:

Since JWPlayer 6.9 the open source players cannot load providers so the demo is not functional. This requires commercial versions of the player to function.

Features

  • Secure encrypted video content for Flash desktop players.
  • Member user authenticated streaming.
  • Anonymous authenticated streaming using the EZDRM Pre-Authentication feature.
  • Persistent content protection.
  • Flexible usage and expiry rules provided by the server side authentication.
  • Notification messages for DRM authentication errors.
  • Built in Flash player version checking support.

Known Issues

  • There is limitations with the JW Player provider api making the plugin unavailable to obtain DRM events from the stream. Customised HTTP and RTMP provider plugins are provided.
  • The original RTMP provider dispatches "onMeta" events on all stream events, this is not the case anymore and will only dispatch on actual metadata events.
  • Flash Access DRM requires Flash Player version 10.1 and above. JW Player does not have the ability to check player versions and silently upgrade for player embeds. Use the internal version check feature or use swfobject for player embedding. This will therefore disable the JW Player api completely.
  • For Windows Chrome users using the built in Flash plugin they will experience a security banner notification accepting the domain to enable the DRM client to gave sandbox access which is required for storing licenses.
    Users who click deny will be prompted with a message on how to enable it again. See http://helpx.adobe.com/adobe-access/kb/error-3321.html.

Demo

Contact for a site or local demo download.

(Current Version 4.0.0)

Compatibility

  • JW Player 7 and above

Purchase

License Options
Domain(s)

(Version 4.0.0)

License Information

The SecureDRM plugin is a once off commercial license with updates and support to the SecureDRM plugin only. JW Player related questions and support may be provided on their forums at http://www.longtailvideo.com/support/forums/jw-player/

  • Multi Domain License - Suitable for larger sites and video platform sites with updates, feature requests and unlimited priority support included.

Note:

With your purchase please provide your domains to be provided with your licensed plugin. New domains need to be requested manually for the moment.

Refund Policy:

Please try the demo before purchase or request for a 60 day site demo. Refunds will not be issued unless under some circumstances sorry for the inconvenience.

How Does It Work ?

Using a DRM packager tool provided by the Flash Access Server or a Flash Access Provider, the content is encrypted with the required information to authenticate itself with the configured Flash Access Server URL to obtain a license before the Flash Player will accept playback.

Below is the workflow of DRM authentication :

  • Mp4 / FLV encrypted file is requested for playback via HTTP / RTMP.
  • DRM encrypted headers and information is parsed in the file from the Flash Player and checked if a license is stored in the client cache.
  • If the license has expired or not stored in the client cache, it will request to obtain a license from the Flash Access server.
  • Depending on the authentication type encrypted in the content the Flash Access server will determine an authentication event.
  • For user authentication content, the user will be prompted for a login which will be checked against a members database authentication url configured in the Flash Access server or Flash Access Provider server.
  • The members database server script will return a user configurable variable output with a success state and a license expiry.
  • The Flash Access server will use this information and return to the client to store the license for the expiry period and allow playback.
  • Anonymous authentication works similar but the license is pre-authenticated with an anonymous login configured in the members database however the license expires immediately and has to be requested each time.

List Of Examples

Examples

User Authentication

Ident user authenticated content enables a user logging into an authentication server either a members database or a htpasswd Auth Basic system on a web server.

The packaged encrypted content will make a request to the flash access server which has been configured with an authentication server to allow/deny the user.

Once the user is authenticated, a drm voucher is downloaded to the configured expiry set by the flash access server.

Configuration

No extra configuration is required for user authentication, a login dialog window will display to prompt for a member login.



(function(jwplayer) {


    jwplayer("drmIdentPlayer").setup({
            flashplayer: "jwplayer.flash.swf",
            width: 660,
            height: 350,
            playlist: [
                    {
                        file: "http://videos.electroteque.org/BigBuckBunnyPreAuth.mp4",
                        type: "flv",
                        provider: "drmhttp-provider.swf"
                    }
            ],

            plugins: {
                "securedrm-4.0.0.swf": {
                    displayNotifications: true,
                    checkVersion: true
                }
            }
    });



})(window.jwplayer);




Configuration:
property / datatype default description
authCount
int
3 The number of authentication attempts before displaying a failure.
rememberLogin
boolean
false The ability to remember the member login so when a license has expired it will use the cached login to prevent displaying a login window for each video. Login is securely encrypted and stored in a Flash cookie for added security. Note: This uses Flash sharedobjects which does not have secure storage natively compared to Adobe AIR, the encryption provides added security from cleartext storage. If the member login has changed, a login attempt greater than `authCount` will force the cache to clear and display a login window.
loginExpiry
int
0 If set, the `loginExpiry` can force the login cache to expiry after a certain number of days.
sid
string
If set a session id can be used as the password when Pre-authentication features are being used and the details are built into the plugin.
displayNotifications
boolean
false Display authentication notification messages.
versionCheck
boolean
false Enable built in Flash 10.1 version check.
notifications
object
The config for the notifications display.

Notifications

The notifications config enables to style and configure the notifications message dialog.

property / datatype required description
preAuthError
string
Playback Failed Please Try Again The pre authentication error message.
authError
string
Authentication Failed Exceeded Login Attempts The user authentication error message.
versionError
string
Flash Version Required is 10.1 and above, please visit http://get.adobe.com/flashplayer/ to update it. The version error message.
userSettingsError
string
On Windows Chrome Browsers you must accept the browser security banner to begin playback.
Please visit http://helpx.adobe.com/adobe-access/kb/error-3321.html to reset your changes.
For Windows Chrome users using the built in Flash plugin they will experience a security banner notification accepting the domain to enable the DRM client to gave sandbox access which is required for storing licenses. Users who click deny will be prompted with a message on how to enable it again. See http://helpx.adobe.com/adobe-access/kb/error-3321.html.
style
object
{ padding: 40, color: "rgba(56, 56, 56, 1)", borderSize: 0, borderColor: "rgba(0, 0, 0, 1)", cornerRadius: 10, message: { fontFamily: "Arial", fontSize: "12px", color: "#FFFFFF", fontWeight: "normal", textAlign: "left" }, link: { fontFamily: "Arial", fontSize: "12px", color: "#000000", fontWeight: "bold", textAlign: "left" }, hover: { fontFamily: "Arial", fontSize: "12px", color: "#FFFFFF", fontWeight: "bold", textAlign: "left" } } The notifications styling config.
showDelay
number
500 The duration in milliseconds to fade in the notification.
hideDelay
number
2000 The duration in milliseconds to fade out the notification.

Notifications Styling

The notifications style config for the message dialog.

property / datatype required description
padding
number
40 The amount of padding around the text used to set the size of the display.
color
string
rgba(56, 56, 56, 1) The background color in hex or rgb format with an alpha setting.
borderSize
number
0 The size of the border.
borderColor
string
rgba(0, 0, 0, 1) The border color in hex or rgb format with an alpha setting.
cornerRadius
number
0 The corner radius size.
message
object
{ fontFamily: "Arial", fontSize: "12px", color: "#FFFFFF", fontWeight: "normal", textAlign: "left" } The message text styling.
link
object
{ fontFamily: "Arial", fontSize: "12px", color: "#000000", fontWeight: "bold", textAlign: "left" } The link styling.
hover
object
{ fontFamily: "Arial", fontSize: "12px", color: "#FFFFFF", fontWeight: "normal", textAlign: "left" } The link hover styling.

EZDRM Anonymous Pre-Authentication

This example provides support for anonymous authentication with EZDRM Pre-Authentication system. For content encrypted with the pre-auth selection in the EZDRM packager tool, this feature will preload a session by providing the supplied pre-auth token and anonymous username and password setup in the members authentication server. This enables a page to be pre-authenticated by requesting a pre-authorize request on the flash access server with a configured anonymous login. The anonymous login will be authenticated by the auth login server.

For the player to be configured for an embedded / configured pre-authorize request the playlist item property `securedrm.preauth` to preload the session before playback.

Note: For the pre-authorisation system to work the swf files are required to be loaded on the same domain / sub domain as the page and cannot be loaded remotely ie on cname'd cdn urls due to a domain check in the EZDRM system. If you require your swf files to be loaded off a CDN url request to have this security check disabled.

Note: The anonymous preauth config can be compiled into the plugin on request.


(function(jwplayer) {

    jwplayer("drmPreAuthPlayer").setup({
            flashplayer: "jwplayer.flash.swf",
            width: 660,
            height: 350,
            playlist: [
                    {
                        file: "http://videos.electroteque.org/BigBuckBunnyPreAuth.mp4",
                        type: "flv",
                        provider: "drmhttp-provider.swf",
                        'securedrm.preauth': true
                    }
            ],
            plugins: {
                "securedrm-4.0.0.swf": {
                    username: 'adobe',
                    password: 'adobe',
                    preAuthKey: 'p3d9v',
                    preAuthTimeout: 1,
                    displayNotifications: true,
                    checkVersion: true
                }
            }
    });

})(window.jwplayer);




Configuration:
property / datatype default description
preAuthKey
string
The `preAuthKey` is given by EZDRM on request to be used by the pre-auth service. consider configuring into the plugin.
username
string
adobe The anonymous username to use for authentication with the user authentication server. consider configuring into the plugin.
password
string
adobe The anonymous password to use for authentication with the user authentication server. consider configuring into the plugin.
preAuthTimeout
int
1 | The timeout in seconds the session request is active for before DRM authentication with the Flash Access server commences.

More protection

The pre-auth information is exposed in the html which may be undesirable. For pre-auth login information, temporary or session guid's could be used instead.

The pre-auth information can also be compiled into the plugin on request.