You can protect your OpenMeetings instance from beeing accessed from 3th party by using the file:

$RED5_HOME/webapps/openmeetings/WEB-INF/red5-web.properties

Content:

webapp.virtualHosts=*,localhost, 127.0.0.1
Sample file: https://git-wip-us.apache.org/repos/asf/openmeetings.git/KEYS?p=openmeetings.git;a=blob;f=openmeetings-web/src/main/webapp/WEB-INF/red5-web.properties;hb=HEAD

Client Side

And you can restrict the access also for the client side: Every Flash Plugin will check a file called "crossdomain.xml" before it tries to access the server using rtmp/RPC. This file is located:

$RED5_HOME/webapps/root/crossdomain.xml

Content:


<?xml version="1.0"?>
<cross-domain-policy>
    <site-control permitted-cross-domain-policies="all"/>
    <allow-access-from domain="localhost" to-ports="20-65535"/>
    <allow-access-from domain="*.local" to-ports="20-65535"/>
</cross-domain-policy>

			

If you accessing your application behind an Apache Webservre (using mod_proxy or mod_jk2) be careful to make the crossdomain.xml accessible. Flash will always search for this file in the www-root directory of every URL you connect to. You might use FireBug for example to lookup requests.

Back to top

Apache OpenMeetings, OpenMeetings, Apache, the Apache feather, and the Apache OpenMeetings project logo

are trademarks of the Apache Software Foundation.