ATS support for signed cookies

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

ATS support for signed cookies

Ricardo Balbinot
Hi everyone,

We are developing an applications that uses (sometimes) ATS as a proxy/cache between our client and our origin server (for video files). 
Our problem is that in some cases the user may access the origin server directly and on other situations it travels through ATS. 
Anyway, in both cases I need to secure my files (and we want another solution besides DRM for all videos). As I understand, in some cases (video like HLS, for instance) the use of signed URLs its not interesting (I see that now.... cause I need a signed URL for each file). 
So my question is: is there any kind of support to signed cookies in ATS? 

Best regards and thank's a lot. 
Ricardo

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: ATS support for signed cookies

Eric Friedrich (efriedri)
Hi Ricardo-
  I don’t think ATS has any built in support for signed cookies, but the plug in mechanism should make adding this an easy task. Both the LUA and C++ plugins can set and get HTTP cookies. It shouldn’t be too hard to verify the signature on the cookie instead of the URL. 

You could look at the URL signing plugin for inspiration: https://github.com/apache/trafficserver/tree/master/plugins/experimental/url_sig

—Eric



On Jul 5, 2017, at 4:19 PM, Ricardo Balbinot <[hidden email]> wrote:

Hi everyone,

We are developing an applications that uses (sometimes) ATS as a proxy/cache between our client and our origin server (for video files). 
Our problem is that in some cases the user may access the origin server directly and on other situations it travels through ATS. 
Anyway, in both cases I need to secure my files (and we want another solution besides DRM for all videos). As I understand, in some cases (video like HLS, for instance) the use of signed URLs its not interesting (I see that now.... cause I need a signed URL for each file). 
So my question is: is there any kind of support to signed cookies in ATS? 

Best regards and thank's a lot. 
Ricardo


Loading...