问题
I've just installed rfc5766-turn-server (https://code.google.com/p/rfc5766-turn-server/) on an Amazon server in order to relay my WebRTC calls.
Since authentication username and password will be distributed to every client in WebRTC iceServers, how can I ensure that only my clients use my TURN to relay their call?
回答1:
You can use this instead https://code.google.com/p/coturn/. It's evolved from rfc5766-turn-server project.
Supported TURN authentication mechanisms:
- 'classic' long-term credentials mechanism;
- TURN REST API (a modification of the long-term mechanism, for time-limited secret-based authentication, for WebRTC applications: http://tools.ietf.org/html/draft-uberti-behave-turn-rest-00)
- experimental third-party oAuth-based client authorization option
来源:https://stackoverflow.com/questions/28092251/how-to-secure-a-turn-server-for-webrtc