I currently have Subsonic set up on my local network, and it's fantastic! Great job!
I am considering open it up to the outside Internet for remote access, but want to make it as secure as possible. I guess this entails creating a limited access user (on Windows XP), and restricting the user's access.
My question is: what access would that user need to what folders? Read+write+execute to c:\subsonic? (That should be configurable btw.) Read+execute access to c:\prog files\tomcat? Also, what other security measures should I consider taking?
Security
Moderator: moderators
7 posts
• Page 1 of 1
by sindre_mehus » Fri Jul 21, 2006 7:03 am
Hi, and welcome to the forum 
You must have read/write/exec for c:\subsonic (by the way, you can configure what directory to use by specifying -Dsubsonic.home=c:\some\directory) in the command line arguments of Tomcat.
You must also have read/write/exec for c:\prog files\tomcat.
To browse your music collection and stream music I would think read/exec is enough for your music folders, but to edit tags, change cover art, add comments etc you should also have write permissions.
For further safety you should consider using SSL/HTTPS (see http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html for details). Please note that many players don't support streaming over HTTPS. Subsonic 2.8 will have a new feature for forcing streams to use HTTP, while the rest of the traffic uses HTTPS.
Sindre
You must have read/write/exec for c:\subsonic (by the way, you can configure what directory to use by specifying -Dsubsonic.home=c:\some\directory) in the command line arguments of Tomcat.
You must also have read/write/exec for c:\prog files\tomcat.
To browse your music collection and stream music I would think read/exec is enough for your music folders, but to edit tags, change cover art, add comments etc you should also have write permissions.
For further safety you should consider using SSL/HTTPS (see http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html for details). Please note that many players don't support streaming over HTTPS. Subsonic 2.8 will have a new feature for forcing streams to use HTTP, while the rest of the traffic uses HTTPS.
Sindre
-
sindre_mehus - Posts: 1955
- Joined: Tue Nov 29, 2005 6:19 pm
- Location: Oslo, Norway
by sindre_mehus » Fri Jul 21, 2006 6:01 pm
That's always hard to say, but I expect it to be ready in a couple of months. A beta version will be available eariler, though, maybe in a month's time.
Sindre
Sindre
-
sindre_mehus - Posts: 1955
- Joined: Tue Nov 29, 2005 6:19 pm
- Location: Oslo, Norway
by airrob » Sat Jul 22, 2006 5:36 am
Is there any way to force HTTP streams for the interim? I have HTTPS all set up, but Winamp doesn't support HTTPS streams. I really want to open this up to the outside, but I want to make it secure.
Would I need to have a different HTTP connector on a separate port for these streams?
Would I need to have a different HTTP connector on a separate port for these streams?
- airrob
- Posts: 3
- Joined: Fri Jul 21, 2006 6:29 am
by sindre_mehus » Thu Aug 03, 2006 6:43 pm
Can't think of any interim work-around, I'm afraid (except from using a player which support HTTPS).
Yeah, you must have both HTTP and HTTPS connectors enabled.
Yeah, you must have both HTTP and HTTPS connectors enabled.
-
sindre_mehus - Posts: 1955
- Joined: Tue Nov 29, 2005 6:19 pm
- Location: Oslo, Norway
by sindre_mehus » Fri Aug 04, 2006 3:15 pm
The beta version of Subsonic 2.8 is now ready. See http://forum.subsonic.org/forum/viewtopic.php?p=303
Sindre
Sindre
-
sindre_mehus - Posts: 1955
- Joined: Tue Nov 29, 2005 6:19 pm
- Location: Oslo, Norway
7 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 17 guests