You can configure Origin Server to allow only a Packager with matching token key, module name, and stream name to write to a container.
The stream or module hierarchy at Packager need not necessarily match that of Origin Server. The stream configuration at Origin Server and Packager are completely independent of each other. You can configure one stream at Packager to publish to two different streams at Origin Server.
| Option | Description |
|---|---|
| Security Token | If the <SecurityToken> element is present, an auth test is applied to all inbound POST requests. The test verifies if there is a valid X-Adobe-HTTP-Token request header with a valid token value. Requests that don't contain this header or pass an invalid or timed-out token value receive an error response (401 Not Authorized). If the <SecurityToken> element is absent, this check is not performed. The Security Token is not enabled by default for modules. The token is expected only if the Auth/SecurityToken tag is present in the applicable module/origin config file. If Auth/SecurityToken is present, a valid AES 128 Key must be provided in the Key tag. No default key is used for token generation. If the Auth/SecurityToken tag is present and a Key is not provided, a ModuleConfigException messare is raised. |
| Key | If this Key is enabled, a valid AES-128 key is required
to use for Token value encryption or decryption. Only Packager(s)
configured with the matching key can write to this Origin. If not
enabled, a default system key matching the Packager's default is
used. Following is the default key: <key>4ff4756ed68239d34d482dbc88819abc</key>The packager need not specify the default key. |
| Timeout | This token is optional. Default value is 600 seconds (10 minutes). If enabled, this value needs to be applied consistently in stream.xml and in the Packager. |