Thanks for the very helpful responses guys. We're using own own IIS streaming media server at the moment, but we are not wedded to that by any means.
Using NT ACLs won't work in our scenario because there are various different subscriber levels, subscribers that are partnered with other subscribers for exclusive content and so forth - too many arbitrary rules that are constantly changing. Our own custom handler seems to be the logical way to handle these, and we knew we'd need to be able to handle byte-range requests, but it's good to hear someone else confirm that. We'll also look at the Vimeo Pro offering, which seems like it could also do the job quite well - although we'll use a lot more storage than 20GB per month. Grant On 26 November 2013 08:14, Adrian Halid <adrian.ha...@itvision.com.au>wrote: > “IIS streaming media server” > > > > Are you hosting the video or using a 3rd party such as Vimeo or You Tube? > > > > I have used Vimeo Pro membership $199 per year and they allow you to embed > video and restrict it by domain names so that they are not visible on > vimeo.com or any other site that tries to view/embed it. > > > > I have then created web pages that restrict access to content based on the > Vimeo video id. > > A user will login with forms based authentication and we restrict access > to the video content they are allowed to view. > > > > Note: Vimeo allows you to remove any Vimeo logo’s and replace them with > your company logo. > > > > > > > > *Regards* > > > > *Adrian Halid* > > > > > > *From:* ozdotnet-boun...@ozdotnet.com [mailto: > ozdotnet-boun...@ozdotnet.com] *On Behalf Of *Grant Maw > *Sent:* Monday, 25 November 2013 2:47 PM > *To:* ozDotNet > *Subject:* Protecting video content > > > > All > > I'm trying to find the most optimal way of protecting video content in an > asp.net app. We have an app that displays video from an IIS streaming > media server *that is separate from our main web server*. Some of the > video is publicly available, some of it is subscriber content. There are > different levels of subscriber (so higher levels get more video than lower > levels). We want to be able to protect the subscriber content somehow. > > All video is going to be linked to via a HTML 5 <video /> tag. We want to > stop subscribers from copying the URL of subscriber content from the page > source and sharing it around over the internet. > > I thought about writing a HTTP Handler that intercepts the requests and > deals with authorisation. This would take the form of something like " > http://mysite.com/getvideo.ashx?ID=xxxxxx";. If they're not authenticated > and authorised it would bounce them to some sort of "not authorised" page. > This would stop link theft, but I am not sure if we'd get the benefits of > the streaming media server by doing this. > > Would love to hear your thoughts if you've been down this road. > > Cheers > > Grant >
