When you are in HTTP Origin Mode it presents a few problems using the conventional code/modules. You can simply setup the IVHostHTTPStreamerRequestValidator and return false upon a non-valid IP. Similar to the following:
public class HTTPEventHandler implements IVHostHTTPStreamerRequestValidator { private IVHost vhost; public HTTPEventHandler(IVHost vhost) { this.vhost = vhost; } public boolean validateHTTPStreamerRequest(RtmpRequestMessage arg0, HostPort arg1, String arg2) { String asset = arg0.getPath(); String clientIP = arg0.getSessionInfo().getIpAddress(); WMSLoggerFactory.getLogger(getClass()).info( "***validateHTTPStreamerRequest::" + asset + "::" + clientIP); String ipProp = this.vhost.getProperties().getPropertyStr("IpList", null); if (ipProp == null) { WMSLoggerFactory.getLogger(getClass()).info( "***validateHTTPStreamerRequest[ipProp]::" + ipProp); return true; } String[] ipList = ipProp.toLowerCase().split(","); WMSLoggerFactory.getLogger(getClass()).info( "***validateHTTPStreamerRequest[ipList]::" + ipList.toString()); boolean reject = true; try { for (int i = 0; i < ipList.length; i++) { if (clientIP.equalsIgnoreCase(ipList[i].trim())) { reject = false; break; } } } catch (Exception ex) { reject = true; } if (reject) { WMSLoggerFactory.getLogger(getClass()).info( "***validateHTTPStreamerRequest[reject]::" + clientIP); return false; } return true; } }