Home : Support : Documentation : Jack's Hacks : Archive : May 2004
 

May 2004

 

As devices become more feature rich, and contain the ability to forward content via MMS or other messaging means, high value images and objects presented via the browsing or MMS environment may need to be protected. The Openwave Mobile Browser 6.2 and the Openwave Messaging Client both support the Open Mobile Alliance DRM 1.0 Forward Lock mechanism. This month in Jack's Hack, we'll take a look at how OMA-DRM Forward lock can be applied to images prior to delivery so they can be prevented from unauthorized forwarding.

As a content owner, it's likely that you've put significant time and energy into either creating your content, obtaining the proper license to 3rd party content and/or both. That said you have a responsiblity to protect the content either out of respect for your own bottom line, or to live up to contractual obligations. The good news here is that Openwave along with the Open Mobile Alliance and device manufacturers have been implementing DRM specifications to give you the control and flexibility to market and deliver "high value" content with confidence.

If you are delivering your content directly, rather than loading into vending infrastructure (like the Openwave Download Manager), you will need to decide the right mechanism to use to protect your content. To identify if the device that you are targeting supports OMA-DRM Phase 1, take a look at the HTTP-ACCEPT headers. The specifications dictate that devices which support OMA-DRM include the following:

• Forward-lock
  • application/vnd.oma.drm.message
• Combined delivery
  • application/vnd.oma.drm.message
  • application/vnd.oma.drm.rights+xml
• Separate delivery
  • application/vnd.oma.drm.rights+xml
  • application/vnd.oma.drm.rights+wbxml
  • application/vnd.oma.drm.content

As you might note, support builds on it self, so a device that supports combined delivery also supports forward-lock, and a device that supports separate delivery also supports combined delivery and forward lock. Even if a device does not declare support for any of the OMA DRM object types, it may still be possible to protect the objects you deliver. By simply adding the http-header x-drm: noforward to the object you deliver, some older devices such as the SonyEricsson T68i will not allow the object to be forwarded.

If you do find support for the OMA-DRM Specifications, to protect your objects, you need to wrap them in the appropriate format instead of delivering the object directly. Below is a simple servlet that takes imageid as a parameter on the query string, and then wraps the file specified by imageid in the appropriate drm.

import java.io.*;
import javax.activation.*;
import java.util.ResourceBundle;
import javax.servlet.*;
import javax.servlet.http.*;

public class DrmIt extends HttpServlet {
    
    public void doGet(HttpServletRequest request,
                      HttpServletResponse response)
        throws IOException, ServletException
    {
	//Setup the ServletOutput Stream
	ServletOutputStream sout = response.getOutputStream();

	//Get the path to where the objects live in the file system
	ResourceBundle rb =
            ResourceBundle.getBundle("Digest",request.getLocale());
	String filepath = rb.getString("digest.FilePath");

	//Get the object that needs to be drm-wrapped from the query string
	//and load it into a DataHandler so it's simple to output
	
	String objectId= request.getParameter("imageid");
	DataSource source = new FileDataSource(filepath + objectId);
	DataHandler dataHand = new DataHandler(source);

	//Check to see what type of DRM should be applied
	//If we find vnd.oma.drm.message in the http-accept header
	
	if (request.getHeader("accept").indexOf("vnd.oma.drm.message") != -1){
	    //we can apply the OMA-DRM 1.0 Forward Lock Wrapper
	    //so set the content type to be a protected object
	    //and deliver it wrapped in the OMA-DRM format
		
	    response.setHeader("Content-Type","application/vnd.oma.drm.message; boundary=foo");
	    sout.println();
	    sout.println("--foo");
	    sout.println("Content-Type: " + dataHand.getContentType());
	    sout.println("");
	    dataHand.writeTo(sout);
	    sout.println();
	    sout.println("--foo--");
	    sout.println();
	}else{	    
	    //We didn't find support for the OMA-DRM 1.0 Spec
	    //So use "Phase 0" Forward Lock. Will not fail on older devices
		
	    response.setHeader("Content-Type", dataHand.getContentType());
	    response.setHeader("x-drm", "noforward");
	    dataHand.writeTo(sout);
	}
	    sout.flush();
    }
}

Notice that in the case where we found support for the OMA-DRM 1.0 format instead of delivering the object directly, we actually deliver it in something that look a whole lot like a multipart. If we want to get very fancy, the code above can be enhanced to check for support for Combined Delivery and we could have included an OMA-DRM xml rights file with the object as well.

If you want to test this code, you can use the Openwave Phone Simulator 6.2.2 and visit http://demo.openwave.com:8080/tool/drm.html. For your convienence, all of the files used are included in this zip file. After you visit the DRM link, look at the Network Information window to see the complete response. You may need to make sure that the Phone Simulator is delivering the application/vnd.oma.drm.message content type in the http-accept header. To do this, select Tools-> Options from the Phone Simulator Menu, then click on the Accept Headers button.
Click on the "Add" button next to the "Add to Accept" field, and select application/vnd.oma.drm.message from the dialog that comes up.

If you want to test to see what happens with a device that does not contain support for OMA-DRM Phase 1, you can remove the application/vnd.oma.drm.message content type from the accept header by choosing
Tools-> Options from the Phone Simulator Menu, then click on the Accept Headers button.
Click on the "Add" button next to the "Remove from Accept" field at the bottom of the page.



Then select the application/vnd.oma.drm.message header and click OK.



Reload the URL above, and look at the Network Information window again. This time you will see that the image was delivered directly, with the x-drm: noforward header added.

For more information on OMA-DRM, you can check out the OMA-DRM Specifications which are available from the OMA website at http://www.openmobilealliance.org/release_program/enabler_releases.html#DRM.