Flash Media Server Resources

Allow or deny access to assets

Contents [Hide]

About access control
Implement dynamic access control

About access control

When users access the server, by default, they have full access to all streams and shared objects. However, you can use Server-Side ActionScript to create a dynamic access control list (ACL) for shared objects and streams. You can control who has access to create, read, or update shared objects or streams.

When a client connects to the server, the server-side script (main.asc or yourApplicationName.asc) is passed a Client object. Each Client object has readAccess and writeAccess properties. You can use these properties to control access for each connection.

Implement dynamic access control

The Client.readAccess and Client.writeAccess properties take string values. These values can contain multiple strings separated by semicolons, like this:

client.readAccess = "appStreams;/appSO/"; 
client.writeAccess = "appStreams/public/;appSO/public/";

By default, readAccess and writeAccess are set to /, which means the client can access every stream and shared object on the server.

Allow access to streams

In main.asc, add an onConnect() function that specifies a directory name on the server in your main.asc file:

application.onConnect = function(client, name) { 
    // give this new client the same name as passed in 
    client.name = name; 
 
    // give write access 
    client.writeAccess = "appStreams/public/"; 
 
    // accept the new client's connection 
    application.acceptConnection(client); 
}

This main.asc file grants access to all URIs that start with appStreams/public.

Deny access to streams

In main.asc, add an onConnect() function that specifies a null value for client.writeAccess:

application.onConnect = function(client, name) { 
    ... 
    // deny write access to the server 
    client.writeAccess = ""; 
}

Define access to shared objects

In main.asc, add an onConnect() function that specifies shared object names, using the same URI naming conventions:

application.onConnect = function(client, name) { 
    ... 
    client.writeAccess = "appSO/public/"; 
}

This gives the client write access to all shared objects whose URIs begin with appSO/public/.