DC 5.2.0 4.6 CDN

Digizuite DAM has the option to accelerate media content leveraging CDN providers. This guide focuses on Azure CDN, which supports the following providers:

  • Standard Microsoft
  • Standard Akamai
  • Standard Verizon
  • Premium Verizon

However, other CDN providers are expected to work as well.

For a better understanding of what CDN is, we refer to Azure CDN documenation

Setting up Digizuite to leverage CDN requires two steps:

  1. DC 5.2.0 Step 1: Configuring Azure CDN
  2. DC 5.2.0 Step 2: Configuring Digizuite DAM to leverage CDN

To understand how it works, it is important to understand what a CDN is and how it works. Please see the documentation above.

Technically, what happens in the Digizuite backend, is that the URLs generated for assets are CDN URLs pointing to the CDN endpoint, rather than the Digizuite. This means that all media content is loaded through a CDN cache.

Understanding the URLs

When configuring CDN, the URLs slightly change. It uses the following scheme:

URL
https://<yourCDNProvider>/dmm3bwsv3/{#assetid}_{#mediaformatid}_{destinationid}_{#assettype}_{#outputindent}_{#filmstripid}_{#sha1 hash}_{#downloadbool}.{#extension}?mptdid={#id}&accesskey={#accesstoken}

We refer to the following documentation for an explanation of what the different parameters mean.

The different between the standard URLs and the CDN URLs is two things:

  • They are prefixed with CDN provider url
  • They include a sha1 hash of the bytes

The latter is important to understand. The reason for doing this, is that CDN URLs generally are publicly available and if the bytes are not including, it is very easy to guess the next in line URL as that can be done by incrementing the assetid. However, by including a hash of the physical bytes, the URL becomes much harder to guess, because it now is a combination of:

  • assetid
  • mediaformatid
  • sha1 hash

Security

 The current implementation does not provide any security between the CDN and the client. What this means, is that once the media is cached in the CDN, the url for it, is publicly available until the CDN cache expires and/or is purged. 

There is, however, security imposed between the CDN and the Digizuite. Notice that the url contains an accesskey as query parameter. If this accesskey is not valid, then the media request will get an access denied. So this means, if content is not cached and it is requested with an invalid accesskey, then the request will be denied.