JWT API filter for dashboard REST services
  • 11 Jul 2022
  • 1 Minute to read
  • Dark
    Light

JWT API filter for dashboard REST services

  • Dark
    Light

Some REST commands which are not application specific, such as creating and deleting an app, creating a new user, etc, require an authentication filter by logging in to the management panel. This creates a few limitations for people who don't want to use the web panel every time and want access to all of the REST commands. We have created a new JWT filter for those commands which will let you access to all REST commands without logging on to the management panel.

Enable JWT filter for web panel REST API

First, open the file /webapps/root/WEB-INF/web.xml

Find and replace the authentication filter lines

 <filter>
   <filter-name>AuthenticationFilter</filter-name>
   <filter-class>io.antmedia.console.rest.AuthenticationFilter</filter-class>
 </filter>

 <filter-mapping>
   <filter-name>AuthenticationFilter</filter-name>
   <url-pattern>/rest/*</url-pattern>
 </filter-mapping>

with the lines below:

 <filter>
   <filter-name>JWTServerFilter</filter-name>
   <filter-class>io.antmedia.console.rest.JWTServerFilter</filter-class>
 </filter>

 <filter-mapping>
   <filter-name>JWTServerFilter</filter-name>
   <url-pattern>/rest/*</url-pattern>
 </filter-mapping>

Be aware that this disables the username-password authentication filter and the web panel will not be accessible from the web browser. Now open the conf/red5.properties file and find and replace the following lines:

server.jwtServerControlEnabled=false 
server.jwtServerSecretKey=

with these ones:

server.jwtServerControlEnabled=true
server.jwtServerSecretKey=your-secret-key-at-least-32-character

Now restart the Ant Media Server

sudo service antmedia restart

REST API for the web panel is listed Management REST Service. Web Panel REST methods are binded below https://SERVER_FQDN:PORT/rest/

Example

Let's assume that we've entered this key (cizvvh7f6ys0w3x0s1gzg6c2qzpk0gb9) as server.jwtServerSecretKey

First, generate the JWT Token at JWT Debugger. We've entered the Secret key and removed the data field because we don't send payload as shown below. This way, JWT token that we can use is eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.tA6sZwz_MvD9Nocf3Xv_DXhJaeTNgfsHPlg3RHEoZRk

Let's get the list of Applications from the Server:

ActionScript
curl -X GET -H "Content-Type: application/json" -H "Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.tA6sZwz_MvD9Nocf3Xv_DXhJaeTNgfsHPlg3RHEoZRk" "https://SERVER_FQDN:5443/rest/v2/applications"

The response should be something like

ActionScript
{"applications":["LiveApp","WebRTCAppEE"]} 

Then, you can use all Web panel REST methods using the header as shown in the sample above.


Was this article helpful?