diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs new file mode 100644 index 0000000000..07dea4a6f4 --- /dev/null +++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs @@ -0,0 +1,61 @@ +/* + * Copyright (c) Contributors, http://opensimulator.org/ + * See CONTRIBUTORS.TXT for a full list of copyright holders. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * Neither the name of the OpenSimulator Project nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +using System; +using Nini.Config; +using OpenSim.Server.Base; +using OpenSim.Services.Interfaces; +using OpenSim.Framework.Servers.HttpServer; +using OpenSim.Server.Handlers.Base; + +namespace OpenSim.Server.Handlers.Authentication +{ + public class AuthenticationServiceConnector : ServiceConnector + { + private IAuthenticationService m_AuthenticationService; + + public AuthenticationServiceConnector(IConfigSource config, IHttpServer server) : + base(config, server) + { + IConfig serverConfig = config.Configs["AuthenticationService"]; + if (serverConfig == null) + throw new Exception("No section 'Server' in config file"); + + string authenticationService = serverConfig.GetString("AuthenticationServiceModule", + String.Empty); + + if (authenticationService == String.Empty) + throw new Exception("No AuthenticationService in config file"); + + Object[] args = new Object[] { config }; + m_AuthenticationService = + ServerUtils.LoadPlugin(authenticationService, args); + + //server.AddStreamHandler(new AuthenticationServerGetHandler(m_AuthenticationService)); + } + } +} diff --git a/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs b/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs index 0d7a4939c0..dd32ec96ef 100644 --- a/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs +++ b/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs @@ -108,7 +108,7 @@ namespace OpenSim.Server.Handlers.Simulation httpResponse.StatusCode = (int)HttpStatusCode.Unauthorized; return result; } - if (!m_AuthenticationService.VerifyKey(agentID, authToken)) + if (!m_AuthenticationService.VerifyUserKey(agentID, authToken)) { m_log.InfoFormat("[AgentPostHandler]: Authentication failed for agent message {0}", path); httpResponse.StatusCode = (int)HttpStatusCode.Forbidden; diff --git a/OpenSim/Services/Interfaces/IAuthenticationService.cs b/OpenSim/Services/Interfaces/IAuthenticationService.cs index 835b68f1ab..35831c13ef 100644 --- a/OpenSim/Services/Interfaces/IAuthenticationService.cs +++ b/OpenSim/Services/Interfaces/IAuthenticationService.cs @@ -32,10 +32,29 @@ namespace OpenSim.Services.Interfaces { public interface IAuthenticationService { - string GetNewKey(UUID userID, UUID authToken); + // Create a new user session. If one exists, it is cleared + // + UUID AllocateUserSession(UUID userID); - bool VerifyKey(UUID userID, string key); - - bool VerifySession(UUID userID, UUID sessionID); + // Get a user key from an authentication token. This must be + // done before the session allocated above is considered valid. + // Repeated calls to this method with the same auth token will + // create different keys and invalidate the previous ne. + // + string GetUserKey(UUID userID, string authToken); + + // Verify that a user key is valid + // + bool VerifyUserKey(UUID userID, string key); + + // Verify that a user session ID is valid. A session ID is + // considered valid when a user has successfully authenticated + // at least one time inside that session. + // + bool VerifyUserSession(UUID userID, UUID session); + + // Remove a user session identifier and deauthenticate the user + // + void DestroyUserSession(UUID userID); } }