This is now an omnibus Jira for updates to the Lessons multimedia display code. See the comments for what changes were actually made.
This should be tested on a Mac for MP4 files, on a Sakai system with multiple servers on the backend.
Note that for this to work, if you're using SSL, the certificate must be valid. Quicktime will fail with no error message is there is an invalid certificate.
The reason this is a bigger change than you'd expect is that the newest JW player uses HTML 5 where it can. That leaves it up to the browser what player to use. For Mac Safari, Quicktime is used to play a lot of the contents. But Quicktime doesn't pass cookies, so authentication (which is based on the JSESSIONID cookie) fails. Implementing a good alternative is harder than it sounds, because many load balancers depend upon the JSESSIONID. This means that the request to read the file won't necessarily be processed on a server that knows anything about the session ID. Hence I use a completely different approach to handle authentication for embedded multimedia than is used elsewhere.