Apache OpenMeetings
  • Last Published: 2017-03-29

Server Side

You can protect your OpenMeetings instance from beeing accessed from 3th party by using the file:

$RED5_HOME/webapps/openmeetings/WEB-INF/red5-web.properties

Content: 

webapp.virtualHosts=*,localhost, 127.0.0.1
Sample file: https://svn.apache.org/repos/asf/openmeetings/application/trunk/openmeetings-web/src/main/webapp/WEB-INF/red5-web.properties

Client Side

And you can restrict the access also for the client side: Every Flash Plugin will check a file called "crossdomain.xml" before it tries to access the server using rtmp/RPC. This file is located:

$RED5_HOME/webapps/root/crossdomain.xml

Content: 


<?xml version="1.0"?>
<cross-domain-policy>
    <site-control permitted-cross-domain-policies="all"/>
    <allow-access-from domain="localhost" to-ports="20-65535"/>
    <allow-access-from domain="*.local" to-ports="20-65535"/>
</cross-domain-policy>

If you accessing your application behind an Apache Webservre (using mod_proxy or mod_jk2) be careful to make the crossdomain.xml accessible. Flash will always search for this file in the www-root directory of every URL you connect to. You might use FireBug for example to lookup requests.

Back to top

Copyright ©2012-2017 Apache Software Foundation. All Rights Reserved.