Home

Red5 login with MySQL

Submitted by Lmg on 27. August 2007 - 21:53.
in

just summarizing briefly what it took to make Red5 check logins in a MySQL database, using SHA1 for the passwords.
- EDIT - updated to use a threadsave connection pool via spring injection.

System is Slackware 12.0 with a 2.6.21.5-smp kernel.
- mysql Ver 14.12 Distrib 5.0.37
- Java(TM) SE Runtime Environment (build 1.6.0_01-b06)
- Red5 from SVN trunk (revision 2248)
TODO: check with Red5 v6.0.2

  1. mysql
    I created a database named 'red5' and an equally named mysql user, whom I granted permissions to all data operations:

    CREATE DATABASE IF NOT EXISTS `red5` ;
    CREATE USER 'red5'@'localhost' IDENTIFIED BY '*********';
    GRANT SELECT,INSERT,UPDATE,DELETE ON `red5` . * TO 'red5'@'localhost';

    a table 'users' like this:

    CREATE TABLE IF NOT EXISTS `users` (
    `id` int(10) unsigned NOT NULL auto_increment,
    `name` varchar(20) NOT NULL,
    `pass` varchar(100) NOT NULL,
    PRIMARY KEY (`id`)
    );

    and finally a dummy user to test with:

    INSERT INTO `red5`.`users` (`id`,`user`,`pass`)
    VALUES (NULL,'dummy',SHA1('secretpassword'));

    notice the SHA1() function used to encrypt the password?
    we don't wanna send plaintext passwords, so just save a checksum that can't be decrypted easily.

    further I had to make sure mysqld accepts socket-connections by commenting out this line in /etc/rc.d/rc.mysqld (note: might differ on other flavours of linux)

    #SKIP="--skip-networking"

  2. red5
    you'll need these JARs in WEB-INF/lib/

    commons-dbcp-1.2.1.jar
    mysql-connector-java-5.0.7-bin.jar
    spring-dao.jar
    spring-jdbc.jar

    these lines in WEB-INF/db.properties
    which we'll include in WEB-INF/red5-web.xml

    jdbc.driver = com.mysql.jdbc.Driver
    jdbc.url = jdbc:mysql://127.0.0.1:3306/red5
    jdbc.username = red5
    jdbc.password = ********

    I'll attach my WEB-INF/red5-web.xml
    with definitions of <bean id="dataSource" ...
    and its nesting in <bean id="web.handler" ...

  3. java
    to get your dataSource in the ApplicationAdapter you need to provide a setter mehtod called 'setDataSource' like this:

    import javax.naming.*;
    import javax.sql.*;
    import java.sql.*;
    public class Application extends ApplicationAdapter {
    private DataSource ds;
    public void setDataSource( DataSource ds ) {
    this.ds = ds;
    }
    }

    and here is a function to create sha1 strings:

    private static String sha1( String pass ) {
    byte[] passBytes = pass.getBytes();
    StringBuffer hexString = new StringBuffer();
    try {
    MessageDigest md = MessageDigest.getInstance("SHA-1");
    md.reset();
    md.update(passBytes);
    byte[] digest = md.digest();
    for( int i=0; i<digest.length; i++ ) {
    String hex = Integer.toHexString(0xFF & digest[i]);
    if(hex.length() == 1) hexString.append('0');
    hexString.append(hex);
    }
    }
    catch( NoSuchAlgorithmException exception ) {
    System.out.println("ERROR: no such algorithm.");
    }
    return hexString.toString();
    }

AttachmentSize
red5-web.xml_.txt1.67 KB