-
Notifications
You must be signed in to change notification settings - Fork 641
JWT REST API Filter for Web Management Panel REST Services
Some REST commands which are not Application-specific, such as creating and deleting an app, creating a new user, etc, require an Authentication Filter by logging in to the Web Management Panel. This creates some limitations for people who don't want to use the web panel every time and want access to all of the REST commands. We have created a new JWT filter for those commands which will make you have access to all REST commands without logging on to the management panel.
-
Open the file
/webapps/root/WEB-INF/web.xml
Find and replace the Authentication Filter lines
<filter> <filter-name>AuthenticationFilter</filter-name> <filter-class>io.antmedia.console.rest.AuthenticationFilter</filter-class> </filter> <filter-mapping> <filter-name>AuthenticationFilter</filter-name> <url-pattern>/rest/*</url-pattern> </filter-mapping> </filter>
with the lines below
<filter> <filter-name>JWTServerFilter</filter-name> <filter-class>io.antmedia.console.rest.JWTServerFilter</filter-class> </filter> <filter-mapping> <filter-name>JWTServerFilter</filter-name> <url-pattern>/rest/*</url-pattern> </filter-mapping> </filter>
Be aware that this disables username-password Authentication filter and the web panel will not be accessible from the web browser.
-
Open the
conf/red5.properties
Find and replace the following lines
server.jwtServerControlEnabled=false server.jwtServerSecretKey=
with these ones
server.jwtServerControlEnabled=true server.jwtServerSecretKey=your-secret-key-at-least-32-character
-
Restart the Ant Media Server
sudo service antmedia restart
REST API for the web panel is listed Management REST Service. Web Panel REST methods are binded below https://SERVER_FQDN:PORT/rest/
Let's assume that we've entered this key (cizvvh7f6ys0w3x0s1gzg6c2qzpk0gb9
) as server.jwtServerSecretKey
-
Generate the JWT Token at (JWT Debugger)[https://jwt.io/#debugger-io]. We've entered the Secret key and remove the data field because we don't send payload as shown below. So JWT Token that we can use is
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.tA6sZwz_MvD9Nocf3Xv_DXhJaeTNgfsHPlg3RHEoZRk
-
Let's get the list of Applications from the Server
curl -X GET -H "Content-Type: application/json" -H "Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.tA6sZwz_MvD9Nocf3Xv_DXhJaeTNgfsHPlg3RHEoZRk" "https://SERVER_FQDN:5443/rest/v2/applications"
The response should be something like
{"applications":["LiveApp","WebRTCAppEE"]}
Then, you can use all Web panel REST methods using the header as shown in the sample above.
- Introduction
- Quick Start
- Installation
- Publishing Live Streams
- Playing Live Streams
- Conference Call
- Peer to Peer Call
- Adaptive Bitrate(Multi-Bitrate) Streaming
- Data Channel
- Video on Demand Streaming
- Simulcasting to Social Media Channels
- Clustering & Scaling
- Monitor Ant Media Servers with Apache Kafka and Grafana
- WebRTC SDKs
- Security
- Integration with your Project
- Advanced
- WebRTC Load Testing
- TURN Servers
- AWS Wavelength Deployment
- Multi-Tenancy Support
- Monitor Ant Media Server with Datadog
- Clustering in Alibaba
- Playlist
- Kubernetes
- Time based One Time Password
- Kubernetes Autoscaling
- Kubernetes Ingress
- How to Install Ant Media Server on EKS
- Release Tests
- Spaceport Volumetric Video
- WebRTC Viewers Info
- Webhook Authentication for Publishing Streams
- Recording Streams
- How to Update Ant Media Server with Cloudformation
- How to Install Ant Media Server on GKE
- Ant Media Server on Docker Swarm
- Developer Quick Start
- Recording HLS, MP4 and how to recover
- Re-streaming update
- Git Branching
- UML Diagrams