HTTP authentication for STREAM URl
Terrific software gentlemen, thank you!
Now... I really think we need to support HTTP authentication for the STREAM as well as the CONTROL URL. I was amazed this wasn't supported.
Using an HTTP proxy seems lame -- overly complex and wasteful of resources; I don't want to run an Apache instance on my firewall just to restrict the stream. And it still doesn't protect against LAN access; I'm sure many people run fairly sophisticated networks and won't want every user to access every motion camera on the network.
The code would appear fairly trivial.
I've seen it stated that motion is "not a good tool for remote streams" but I really don't see why this is the case -- it's the best tool I've seen, and I've evaluated them all!
I'll volunteer to code this up if you prefer; it should take a few minutes.
| Motion version:
| ffmpeg version:
|| ffmpeg, mysql, postgresql
| Server OS:
- 10 Aug 2009
Hi Alex ,
Go ahead and code it , but against trunk not 220.127.116.11 please.
Submit it as a patch :
- 11 Aug 2009
Maybe a basic auth seems fairly simple, but if you are really willing to implement it, perhaps you should describe exactly the features you are planning to implement. As an example, consider "compatibility with .htpasswd format"
You say that proxying does not prevent access from the LAN. You can very well bind motion to the local host IP (127.0.0.1) and the HTTP proxy will be the only thing to access motion. Besides, there are webservers capable of proxying more lightweight than Apache.
"Motion is not good for remote streams": for me, this means "Motion has not been declared to be safe to expose on the internet. Do it at your own risk.". A proxyfication adds a layer of HTTP request validation, hence there's some limits to user input. Some attack types won't be possible through a proxy.
That said, a simple HTTP authentication can be good enough for uses in a LAN where you do not want everyone to access your webcam
and I think this would be a nice addition to Motion.
It's implemented in trunk already.
- 28 Mar 2010