How to restrict http access to video files?

I want to only let "right" people watch those videos. In other words, only registered users that are allowed (by other users, ie, friends) should see videos. I have a har开发者_开发百科d retriction for cpu usage in my shared environment, so I can't use things like php's readfile.

Stream through PHP using readfile, as you mention. Just set a cookie with a session ID when someone logs in and check it before you start streaming the video, and don't bother if they're not authenticated.

here is the solution http://code.google.com/p/mod-auth-token/

It must be http streaming any way.

I liked Samir Talwar way to go. But if this is too CPU intensive (I'm not really sure of this), you can go with apache and use a backend PHP script that will allow or deny access upon user cookie state.

But have you access to apache conf in your shared env ?

If so, you can look at apache urlrewriting guide, in "Extended Redirection" section.