I'm trying to create time-limited URL's for smooth streaming of media stored in Azure Media Services.
I am working against the code supplied here. Windows Azure Smooth Streaming example
I upload a video file to a new Asset. I encode that video file using Azure Media Service encoding with the preset "H264 Adaptive Bitrate MP4 Set 720p". With the resulting encoded asset, I then attempt to create a streaming URL by creating an Access Policy and then a Locator, which I use to generate the URL used for streaming.
Here is the code:
string urlForClientStreaming = "";
IAssetFile manifestFile = (from f in Asset.AssetFiles
where f.Name.EndsWith(".ism")
select f).FirstOrDefault();
if (manifestFile != null)
{
// Create a 1 hour readonly access policy.
IAccessPolicy policy = _mediaContext.AccessPolicies.Create("Streaming policy", TimeSpan.FromHours(1), AccessPermissions.Read);
// Create a locator to the streaming content on an origin.
ILocator originLocator = _mediaContext.Locators.CreateLocator(LocatorType.OnDemandOrigin, Asset, policy, DateTime.UtcNow.AddMinutes(-5));
urlForClientStreaming = originLocator.Path + manifestFile.Name + "/manifest";
if (contentType == MediaContentType.HLS)
urlForClientStreaming = String.Format("{0}{1}", urlForClientStreaming, "(format=m3u8-aapl)");
}
return urlForClientStreaming;
This works great. Until the 6th time you execute that code against the same Asset. Then you receive this error:
"Server does not support setting more than 5 shared access policy identifiers on a single container."
So, that's fine. I don't need to create a new AccessPolicy everytime, I can reuse the one I've created previously, build a Locator using that same policy. However, even then, I get the error about 5 shared access policies on a single container.
Here is the new code that creates the locator with the same AccessPolicy used previously:
string urlForClientStreaming = "";
IAssetFile manifestFile = (from f in Asset.AssetFiles
where f.Name.EndsWith(".ism")
select f).FirstOrDefault();
if (manifestFile != null)
{
// Create a 1 hour readonly access policy
IAccessPolicy accessPolicy = null;
accessPolicy =
(from p in _mediaContext.AccessPolicies where p.Name == "myaccesspolicy" select p).FirstOrDefault();
if (accessPolicy == null)
{
accessPolicy = _mediaContext.AccessPolicies.Create("myaccesspolicy", TimeSpan.FromHours(1), AccessPermissions.Read);
}
// Create a locator to the streaming content on an origin.
ILocator originLocator = _mediaContext.Locators.CreateLocator(LocatorType.OnDemandOrigin, Asset, policy, DateTime.UtcNow.AddMinutes(-5));
urlForClientStreaming = originLocator.Path + manifestFile.Name + "/manifest";
if (contentType == MediaContentType.HLS)
urlForClientStreaming = String.Format("{0}{1}", urlForClientStreaming, "(format=m3u8-aapl)");
}
return urlForClientStreaming;
I don't understand why it's saying I've created 5 shared access policies. In the case of the second block of code, I only ever create one access policy. I can verify there is only ever one AccessPolicy by viewing the content of _mediaContext.AccessPolicies
, there is always just one access policy in that list.
At some point this will likely have many users requesting access to the same Asset. The URL's provided to these clients need to be time limited as per our clients requirements.
Is this not the appropriate means to create a URL for smooth streaming of an asset?
Late reply I know...
Given your requirement to create a single URL that can be used by anyone indefinitely, I would suggest that you:
HTH
The locators were not designed to do per-user access control. Use a Digital Rights Management system for that. They have concepts of viewing windows, persistent and non-persistent licensing and much more. Specifically, I'm talking about using PlayReady encryption in WAMS and a PlayReady server to configure and provide the licenses (there is EzDRM in the Azure Portal, also BuyDRM and others).
Locators offer basic on-off switching of streaming services. You can create up to 5, because they are using the underlying SAS limitation of 5 per-container.
Now with Azure Media Services content protection feature, you could encrypt your media file with either AES or PlayReady, generate a long-lived locator. At the same time, you set Token-Authorization policy for the content key, the token duration could be set to a short-period of time (enough for the player to retrieve the content key). This way you could control your content access. For more information, you could refer to my blog: http://azure.microsoft.com/blog/2014/09/10/announcing-public-availability-of-azure-media-services-content-protection-services/