Clever Geek Handbook

Azure Media Sharing Policy Limitations

I am trying to create a time-limited URL for smoothly streaming media stored in Azure Media Services.

I am working against the code given here. Windows Azure Smooth Streaming Sample

I am uploading a video file to a new Asset. I am encoding this video using Azure Media Service encoding with "H264 Adaptive Bitrate MP4 Set 720p" preinstalled. With the resulting encoded asset, I then try to create a streaming URL by creating an access policy and then a locator that I use to generate the URL used for streaming.

Here is the code:

string urlForClientStreaming = "";

IAssetFile manifestFile = (from f in Asset.AssetFiles
                   where f.Name.EndsWith(".ism")
                   select f).FirstOrDefault();

if (manifestFile != null)
{ 
    // Create a 1 hour readonly access policy. 
    IAccessPolicy policy = _mediaContext.AccessPolicies.Create("Streaming policy",   TimeSpan.FromHours(1), AccessPermissions.Read);

    // Create a locator to the streaming content on an origin. 
    ILocator originLocator =     _mediaContext.Locators.CreateLocator(LocatorType.OnDemandOrigin, Asset,    policy, DateTime.UtcNow.AddMinutes(-5));

    urlForClientStreaming = originLocator.Path + manifestFile.Name + "/manifest";

    if (contentType == MediaContentType.HLS)
    urlForClientStreaming = String.Format("{0}{1}", urlForClientStreaming, "(format=m3u8-aapl)");
}

return urlForClientStreaming;

This works great. Up to the 6th time, you execute this code against the same Asset. Then you get this error:

"The server does not support setting more than five sharing policy IDs in one container."

So that's fine. I don't need to create a new AccessPolicy every time, I can reuse the one I created earlier, build a locator using this same policy. However, even after this I get an error about 5 shared access policies in one container.

Here's some new code that creates a locator with the same AccessPolicy as before:

string urlForClientStreaming = "";

IAssetFile manifestFile = (from f in Asset.AssetFiles
                   where f.Name.EndsWith(".ism")
                   select f).FirstOrDefault();

if (manifestFile != null)
{ 
    // Create a 1 hour readonly access policy
    IAccessPolicy accessPolicy = null;
    accessPolicy =
      (from p in _mediaContext.AccessPolicies where p.Name == "myaccesspolicy" select p).FirstOrDefault();

     if (accessPolicy == null)
     {
         accessPolicy = _mediaContext.AccessPolicies.Create("myaccesspolicy", TimeSpan.FromHours(1), AccessPermissions.Read);
     }

    // Create a locator to the streaming content on an origin. 
    ILocator originLocator =     _mediaContext.Locators.CreateLocator(LocatorType.OnDemandOrigin, Asset,    policy, DateTime.UtcNow.AddMinutes(-5));

    urlForClientStreaming = originLocator.Path + manifestFile.Name + "/manifest";

    if (contentType == MediaContentType.HLS)
    urlForClientStreaming = String.Format("{0}{1}", urlForClientStreaming, "(format=m3u8-aapl)");
}

return urlForClientStreaming;

I don't understand why he said that I created 5 Sharing Policies. In the case of the second block of code, I only create one access policy. I can check that there is only one AccessPolicy by looking at the content _mediaContext.AccessPolicies

, there is always only one Access Policy in this list.

At some point this will likely have many users requesting access to the same object. The URL provided to these clients should be time limited according to the requirements of our clients.

Isn't this a suitable way to create a URL for smooth asset streaming?

+2


source to share


3 answers


Now, using the Azure Media Services content protection feature, you can encrypt your media with AES or PlayReady, create a durable locator. At the same time you set the Token authorization policy for the content key, the duration of the token can be set for a short period of time (enough for the player to get the content key). This way, you can control access to content. For more information, you can refer to my blog: http://azure.microsoft.com/blog/2014/09/10/announcing-public-availability-of-azure-media-services-content-protection-services/



+1


source


Late answer that I know ...

Given your requirement to create a single URL that can be used by anyone indefinitely, I would assume that you:



  • Create a long lived locator when creating an asset, for example. throughout the year - you can use the same access policy every time as in your second example
  • When you create a streaming url get this locator from the asset
  • Check the remaining duration of the resource - if it's less than a certain time (like a month), then extend the locator using ILocator.Update, for example. for another year. Updating the expiration date of the locator does not affect the original access policy that you used to create the locator.
  • Profit.

NTN

+2


source


Locators were not designed to control access for each user. To do this, use a digital rights management system. They have window viewing concepts, permanent and fake licensing, and more. In particular, I'm talking about using PlayReady encryption in WAMS and the PlayReady server to configure and grant licenses (there is EzDRM on the Azure Portal, also BuyDRM, etc.).

Locators offer basic on / off streaming services. You can create up to 5 because they use the SAS limit of 5 per container.

+1


source






More articles:


All Articles