Live Application - Storm Streaming Server

Storm Streaming Server operates based on what are called "applications," which are collections of streams and the settings that govern them. Each server instance can have multiple applications, which are completely independent of each other. Each application has its unique name and type, which defines its role. Among the things that an application allows you to define are for example: the method of authentication for incoming streams, whether streams should be recorded, or whether you want to use transcoding to create multiple quality versions.

The basic type of application is called live, which within a single server instance allows for both publishing and playing back streams. There are also other applications like origin, edge, transcode, which are used in building clusters consisting of multiple server instances. You can learn more about these here in our Scaling & Cluster Guide..

Sample Configuration

This type of applications is the simplest one and are best suited for single instance configuration.

                        
<Application name="live" type="live">

	<!--
		General configuration settings related to this application and its streams.
	-->
    <GeneralSettings>
		<Description>Default application</Description>
		<BroadcastLimit>unlimited</BroadcastLimit>
	    <StatInterval>2</StatInterval>
	</GeneralSettings>

    <!--
        Configuration related to ingesting streams into the application.
    -->
    <IngestSettings>
		<AllowStreamIngest>true</AllowStreamIngest>
		<AutoStreamPublish>true</AutoStreamPublish>
	    <AllowStreamOverwrite>true</AllowStreamOverwrite>
	    <Authorization enabled="false" type="request">
            <RequestURL>https://acme.com/auth/${streamKey}</RequestURL>
            <XApiKey>as33dd4we34x5srxw6tbn</XApiKey>
        </Authorization>
	</IngestSettings>

    <!--
        Settings related to video playback for connected clients.
    -->
    <PlaybackSettings>
		<AllowedHarnesses>
            <Harness type="storm-hls"/>
            <Harness type="storm-mse"/>
            <Harness type="generic-hls"/>
            <Harness type="rtmp"/>
        </AllowedHarnesses>
		<TotalViewerLimit>unlimited</TotalViewerLimit>
		<StreamViewerLimit>unlimited</StreamViewerLimit>
		<FrameBufferSize>0</FrameBufferSize>
	</SecureStream>

    <!--
        Access control settings for WebSocket and HTML-based endpoints (Storm Library & Storm Player).
    -->
	<StreamSecuritySettings>
		<TokenProtection enabled="false">
            <Password>qwerty</Password>
            <CheckViewerIP>true</CheckViewerIP>
            <TokenLifespan>10</TokenLifespan>
        </TokenProtection>
		<DomainAccessRights>
            <AccessRight type="allow" domain="*" />
            <AccessRight type="deny" domain="acme.com" />
        </DomainAccessRights>
	</SecureStream>

    <!--
        Basic MP4 muxing settings.
    -->
	<MP4MuxerSettings>
		<VariableFPS>true</VariableFPS>
		<KeyFrameCompensation>false</KeyFrameCompensation>
	</MP4MuxerSettings>

    <!--
        nDVR settings for live streaming.
    -->
	<DVRSettings enabled="false">
		<CacheSize>100</CacheSize>
	</DVRSettings>

    <!--
        Recording configuration for saving live streams to disk.
    -->
	<RecordingSettings enabled="false">
		<FileFormat>fMP4</FileFormat>
		<SavePath>/Users/john/Media</SavePath>
        <MaxFileSize>10</MaxFileSize>
        <MaxFileDuration>10</MaxFileDuration>
        <CacheSize>1</CacheSize>
        <MaxStorageSize>1500</MaxStorageSize>
        <RemoveOldFiles>true</RemoveOldFiles>
	</RecordingSettings>

    <!--
        List of enabled live transcoding presets for this application.
    -->
	<LiveTranscoding enabled="true">
		<Preset name="360p" />
		<Preset name="480p" />
		<Preset name="720p" />
	</LiveTranscoding>

</Application>

Main Parameters Explanation

Application:name	Name of this application. If there are more applications within your config/preferences.xml they all must have unique names.
Application:type	This value must be set to live for this type of Application. Other types are origin (which you can learn more about here), transcode (which you can learn more about here) and edge (which you can learn more about here).

Table 1. Main parameters explanation table

GeneralSettings

This block defines general configuration settings for the application itself.

Description	A custom description of the application explaining its purpose and functionality.
BroadcastLimit	Specifies the maximum number of concurrent broadcasts allowed within this application.
StatInterval	Determines how frequently statistics are processed for this application, expressed in seconds (2 seconds by default).

Table 2. GeneralSettings table

IngestSettings

This settings block manages stream publishing to the application.

AllowStreamIngest	Specifies whether publishing streams to this application is allowed (e.g., via OBS).
AutoStreamPublish	Determines whether a newly created stream is automatically set to PUBLISHED, allowing immediate playback.
AllowStreamOverwrite	Defines whether existing streams can be overwritten by new incoming ones.

Table 3. IngestSettings table

Authorization:enabled If set to true, stream ingest authorization is required.

Authorization:type

Specifies the active authorization method.

URL-based Authorization

Sample configuration:

                        
<Authorization enabled="true" type="request">
     <RequestURL>https://acme.com/api/storm/auth/{streamKey}</RequestURL>
     <XApiKey>bd34ddawe34v51rxw6tbn</XApiKey>
</Authorization>

Supported request template variables:

{streamKey} – Stream key of the requested stream
{username} – Username used for authentication
{ipAddress} – IP address of the incoming connection

Expected JSON response format:

                        
{
  "username": "admin",
  "password": "qwerty"
}

HTTP response codes:

200 – OK
401 – Access Denied
404 – Not Found
(other standard codes apply)

File-based Authorization

Sample configuration:

                        
<Authorization enabled="true" type="file">
     <FileURL>/home/storm/server/config/auth_publish.xml<FileURL>
</Authorization>

Required XML structure:

                        
<?xml version="1.0" encoding="UTF-8" ?>
<Authorization version="1.0">
    <AuthorizationList>
        <AuthItem username="admin" password="qwerty" />
        <AuthItem username="john" password="superpass" />
    </AuthorizationList>
</Authorization>

Local Authorization

Sample configuration:

                        
<Authorization enabled="true" type="local">
    <AuthorizationList>
        <AuthItem username="admin" password="qwerty" />
        <AuthItem token="62cjdj" expire="2022-02-01 16:22:00" />
    </AuthorizationList>
</Authorization>

Token-based AuthItem entries are only supported when using the local authorization type.

Table 4. Ingest authorization settings table

PlaybackSettings

This block defines how streams can be played back within the application.

AllowedHarnesses	List of allowed connection types (called harnesses) that are permitted to connect to this application. <Harness type="storm-hls"/> HLS connection generated by the Storm Player. <Harness type="storm-mse"/> WebSocket/Media Source Extension connection used by the Storm Player. <Harness type="generic-hls"/> Standard HLS connection. <Harness type="rtmp"/> RTMP protocol connection.
TotalViewerLimit	Maximum number of total viewers allowed for the application. Use "unlimited" for no limit.
StreamViewerLimit	Maximum number of viewers per individual stream. Use "unlimited" for no limit.
FrameBufferSize	Minimum sever frame buffer size used during video reception (default is 0).

Table 5. PlaybackSettings table

StreamSecuritySettings

This block defines access protection mechanisms for streams, as well as domain-level playback restrictions. These settings apply exclusively to stormLibrary and stormPlayer. If you wish to exclude other types (generic hls, rtmp), please check PlaybackSettings section and disable these harnesses.

TokenProtection:enabled	If set to true, token-based authorization is required for players (stormLibrary & stormPlayer) using this application.
Password	A password used as part of the generated hash.
CheckViewerIP	Specifies whether the viewer's IP address should be included in the hash calculation.
TokenLifespan	Defines the token’s validity period, in minutes.

Table 6. StreamSecuritySettings table

To enable secure playback, a valid hash must be generated and passed to the Storm JavaScript Library. Below is a sample implementation in PHP:

                        
$password = "qwerty";                        // Your security password
$unixTime = strtotime(date('Y-m-d H:i:00')); // Current time, rounded to the nearest minute
$token = md5($unixTime . $password);         // Basic token (without IP)
$token = md5($unixTime . $password . $ip);   // Token including viewer IP

A complete explanation of the secure stream mechanism is available in our dedicated guide: Secure Stream. The configuration process for stormLibrary is covered in the Security Settings – Storm JavaScript Library guide.

DomainAccessRights

Defines a list of domain-level access control rules for stream playback.

Examples:

Allow only a specific domain:

                        
<AccessRight type="deny" domain="*" />
<AccessRight type="allow" domain="acme.com" />

Block a specific domain:

                        
<AccessRight type="allow" domain="*"  />
<AccessRight type="deny" domain="acme.com"  />

Block all subdomains:

                        
<AccessRight type="deny" domain="*.acme.com"  />

MP4MuxerSettings

MP4MuxerSettings block defines basic options for MP4 packager that is used for MSE/HLS connections.

VariableFPS	If the source stream has no const frame rate (e.g. WebRTC-based source) muxer will try to fix the stream by adjusting composition times for selected frames.
KeyFrameCompensation	Enables mechanism where “empty” frames are inserted into a stream if Audio/Video desynchronization is detected.

Table 7. MP4MuxerSettings table

DVRSettings

DVR function allows for short live-stream rewind mechanism based on cached stream.

DVRSettings:enabled	Defines whenever DVR is enabled.
CacheSize	Number of MB within memory for storing video stream. Length of stored video material will depend on resolution and bitrate.

Table 8. DVRSettings table

RecordingSettings

Recording option allows for recording video streams into media files.

RecordingSettings:enabled	Defines whenever recording is enabled.
SavePath	Path were MP4 files should be saved.
CacheSize	Defines how much of a video stream should be kept in memory before being flushed to a file.
MaxFileSize	Maximum video file size. If a stream reaches this size, it will be split into additional files. This parameter is optional, and if not present or set to zero, no limit will be in effect.
MaxFileDuration	Maximum video file duration (time). If a stream exceeds this duration, it will be split into multiple files. This parameter is optional, and if not specified or set to zero, there will be no limit in effect.
MaxStorageSize	Storm will calculate sum of all saved video files in particular folder and either stop saving new ones, or it'll start overwriting older files if RemoveOldFiles is set to true. This parameter is optional and if not present or set to 0 no limitation will be added.
RemoveOldFiles	If set to true and combined with MaxStorageSize, older video files will be removed to make space for new ones.

Table 9. RecordingSettings table

LiveTranscoding

For each individual application a set of presets for transcoding can be selected. Please keep in mind that presets must be already defined in your config/preferences.xml file. If you would like to define your own presets and learn more about transcoding check our Transcoding Guide.