Starting with build 900, AVChat 3 introduces a new security feature called “token based authentication”. When enabled this prevents 3’rd party swf files (hosted on other web sites than your own or by malicious users) to connect to your media server. There are other security measures in place to prevent this however token based authentication is the most secure!
This feature is turned off by default because with it enabled:
- it takes slightly more time for users to connect to the media server,
- it might cause some connection attempts to the media server over slow Internet connections to fail
- we’ve only had a few clients that really needed this feature!
How o turn it on:
- install AVChat
- edit the settings file on the media server (avchat3.properties on Red5 and Wowza, settings.asc on FMIS)
- set the value of the tokenUrlLocation variable to the absolute url to token_verify.php (token_verify.php is in the folder where you installed AVChat on your website, good example: http://avchat.net/demos/av30/token_verify.php)
- restart the media server