Usually STUN Servers are configured without Authentication, so any STUN client can send a binding request and expect a response from server without Authentication.
sgcWebSockets STUN Server supports Long-Term Credentials, so you can configure TsgcSTUNServer to only allow binding requests with Long-Term credentials info.
To configure it, access to STUNOptions.Authorization property and enable it.
Then access to LongTermCredentials property and enabled it. By default, this type of authorization is already configured with a Realm string and with a default StaleNonce value of 10 minutes (= 600 seconds).
TsgcSTUNServer oSTUN = new TsgcSTUNServer();
oSTUN.Port = 3478;
oSTUN.STUNOptions.Authentication.Enabled := true;
oSTUN.STUNOptions.Authentication.LongTermCredentials.Enabled := true;
oSTUN.STUNOptions.Authentication.LongTermCredentials.Realm := "sgcWebSockets";
oSTUN.STUNOptions.Authentication.LongTermCredentials.StaleNonce := 600;
oSTUN.Active = true;
private void OnSTUNRequestAuthorization(Component Sender, TsgcSTUN_Message aRequest,
string aUsername, string aRealm, ref string Password)
{
if ((aUsername == "my-user") & (aRealm == "sgcWebSockets"))
{
Password = "my-password";
}
}