Flash Media Server Developer Documentation

Use a unique key

  1. In client-side ActionScript, create a unique key, as in the following code, which concatenates the local computer time with a random number:
    var keyDate = String(new Date().getTime());
var keyNum = String(Math.random());
var uniqueKey = keyDate + keyNum;
  2. Send the key to the server in the connection request:
    nc.connect("rtmp://www.example.com/someApplication", uniqueKey);
  3. The following code in the main.asc file looks for the unique key in the connection request. If the key is missing, or has already been used, the connection is rejected. This way, if a connection is replayed by an imposter, the replay attempt fails.
    clientKeyList = new Object();   // holds the list of clients by key

application.onConnect = function( pClient, uniqueKey ) {
    if ( uniqueKey != undefined ) {    // require a unique key with connection request
        if ( clientKeyList[uniqueKey] == undefined ) {   // first time -- allow connection
            pClient.uniqueKey = uniqueKey;
            clientKeyList[uniqueKey] = pClient;
            this.acceptConnection(pClient);
        } else {
            trace( "Connection rejected" );
            this.rejectConnection(pClient);
        }
    }
}

application.onDisconnect = function( pClient ) {
    delete clientKeyList[pClient.uniqueKey];
}