Skip to main content
Skip table of contents

Secure Session Management

To test this feature and view the example code, please see the Browsers and Connected TV SDK 5 Example Code Quick Start guide.

Secure Session Management (SSM) is used with DRM to add further protection. A maximum number of concurrent sessions is associated with an account to prevent abuse by account sharing. SSM sets up a session on an SSM server each time a piece of content plays. A session expires after a short time, so it must be regularly renewed. When playback stops, the session is torn down (destroyed) to allow another session to be created. The CONNECT Player SDK handles SSM with SSP, so all that player integration requires is setting some additional configuration data.

Example code

Configuration of the player for SSP is described in the Browsers and Connected TV SDK 5 Integration Guide. To enable SSM support, add the ssmServer member to the config object used to configure the player toolkit DRM.

JS
{
    system: "nagra-ssp",
    config: {
        mode: "token",
        tenantId: myTenantId,
        licenceServer: sspLicenceServerUrl,
        ssmServer: ssmServerUrl
    }
}

Session teardown

When a new player source is specified using playerInstance.src(), any existing session is destroyed so another session can be created. The destruction of an existing session is called session teardown. A teardown can be initiated without selecting another source by calling playerInstance.reset().

Teardown on navigate or browser close

When the user navigates away from the player page or closes the browser, the current session is not torn down automatically. The asynchronous nature of the teardown message to the server means that automated teardown cannot be guaranteed to complete before the SDK is unloaded. NAGRA recommends that playback is stopped and playerInstance.reset() is called before navigating away from the page or closing the tab. The following code will display a warning dialogue if the player has not been reset.

JS
window.addEventListener("beforeunload", function(event) {
    if (!isNaN(playerInstance.duration())) {
        event.preventDefault();
        event.returnValue = "";
        return "";
    }
});

If the user closes the browser tab or navigates away despite the warning, one of the allowed sessions will remain in use until it expires.

SSM events

The application can register for SSM error events.

JS
playerInstance.on("ssmsetuperror", function (err) {
    console.log(err.type);
	const reason = JSON.parse(err.reason.message);
    console.log(reason.message);
	console.log(reason.code);
	console.log(reason.errorCode);
});

Error

Description

"ssmheartbeaterror"

The player encountered an error trying to renew the current session (Playready or FairPlay DRM)

"ssmrenewalerror"

The player encountered an error trying to renew the current session (Widevine DRM)

"ssmsetuperror"

The player encountered an error trying to set up a new session

"ssmteardownerror"

The player encountered an error trying to tear down the current session

SSM functionality will kill a session at the head-end if the errors above match the following conditions. This SSM feature can be used if you detect a user is restreaming content; in these scenarios, it may be desirable to display an appropriate error message to the end user.

CODE
if (
  // Most errors
  (reason.code === 404 && reason.errorCode === 3002 && reason.message === "Not Found") ||
  // Playready ssmrenewalerror
  (err.type === "ssmrenewalerror" && reason.code === 500 && reason.errorCode === 6002 && reason.message === "Internal error")
   ) {
   // handling for Killed Sessions 
}
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.