On Monday 20 September 2004 16:23, Dale Ghent wrote:> I mentioned I was hacking on icecast2 stats, and one of the additional
> things I'm thinking on implementing is per-mount authenticated stats.
>
> See, as it is now, one needs the global server admin password to access
> and manage their mountpoints. So if you're in a situation where you
> have multiple customers with their own mount, giving them all the one
> admin access would be quite dubious in terms of security.
>
> So I'm thinking this... a customer can access their stats by going to a
> URL such as http://server.com:8000/mountname/admin where they are then
> prompted for either their source login password or their own admin
> password (what would be best?) and be able to list clients and kill
> them, and whatever sundry administrivia may be available in the future.
>
> Thoughts?
>
> maybe it should be like http://server.com:8000/admin/mountname ?
>
This sounds very sensible. I'd suggest using the same username/password for
this as for normal source login, as the alternative would be confusing and
have substantially higher administrative overhead for no obvious benefit.
Mike