I've got a bit of an issue with an ASP.Net application that I'm developing at work. The application holds preview videos for clients in Flash format (flv). These are streamed using a flash movie called "flowplayer".
We would like to let clients send links to people to view these files. The problem however is that we need to be able to secure these flash movies so that they cannot be viewed by just anyone.
Currently, the application creates a username and password and provides a link to a preview page. The person logs in and can see a list of the movies they have been given access to. The users must log in to see this list and to ultimately click through to play the movie.
The problem is that anyone can simply input the url of the flash preview file (ie http://www.oursite.com/previews/previewmovie.flv) to view the movie - without having to log in.
Would anyone have any ideas as to how to secure this setup? I was thinking about ASP.Net security (integrated with SQL Server) but that might be a bit overkill considering there are possibly hundreds of invites being generated a day.
I'd be grateful for any help.
Thanks in advance as usual.
View Complete Post