I have a question around Smooth Streaming authentication. I have researched this on the forums and search engines, and have seen some other people ask similar questions, but I can't seem to get to the answer I am looking for.
My scenario ---- I have some h264 and vc-1 streams I have created through Expression Encoder 4, and I deliver them to my users through a custom Silverlight 5 application on Silverlight compatible browsers and then just as a straight steam to iOS devices. The streams play just fine everywhere that I try to play them. What I'm trying to do is STOP unauthenticated users from viewing the streams directly from the URL (e.g. http://blah/blah/blahvideo.ism/manifest). The platform for my application is ASP.Net 4.0. Before I moved to smooth streaming with IIS 7, I was using custom HttpHandlers specified in my web.config file to block access to my MP4 and WMV files for users that were not authorized to view the subscription-based content ... This worked like a charm. However, I do not seem to be able to use an HttpHandler to intercept the request for the .ism manifest. It does seem to process the request in the development environment (that does not have Media Services 4.1 installed), but the handler no longer gets used once I put it into my IIS 7 environment with all of that stuff turned on.
Has anyone ever run into this? I have heard of (and have installed) Web Playlists, but the users of my site are not registered users on the IIS Server, so I'm not sure that this is the right way to go. Also, I realize that I could use the REST API through the Silverlight application, but that does not prevent users that are viewing the streams outside of silverlight from obtaining unauthorized access. How about custom Managed Modules or URL Rewriting? Am I possibly not doing something right with the HttpHandler to make it intercept the ism request?
Any advice anyone has would be greatly appreciated.