Allow load/save iar password checks to be done in grid mode
This should allow load/save iar to work for grid mode as long as the grid user service is later than this revision Grid services of earlier revisions will always erroneously report incorrect password. This will be addressed shortly.remotes/origin/0.6.7-post-fixes
Justin Clark-Casey (justincc)
parent
eb892e0545
commit
7870152d23
|
|
@ -98,7 +98,7 @@ namespace OpenSim.Framework.Communications
|
|||
/// <param name="friendlistowner">The agent that who's friends list is being updated</param>
|
||||
/// <param name="friend">The agent that is getting or loosing permissions</param>
|
||||
/// <param name="perms">A uint bit vector for set perms that the friend being added has; 0 = none, 1=This friend can see when they sign on, 2 = map, 4 edit objects </param>
|
||||
void UpdateUserFriendPerms(UUID friendlistowner, UUID friend, uint perms);
|
||||
void UpdateUserFriendPerms(UUID friendlistowner, UUID friend, uint perms);
|
||||
|
||||
/// <summary>
|
||||
/// Logs off a user on the user server
|
||||
|
|
@ -137,9 +137,21 @@ namespace OpenSim.Framework.Communications
|
|||
// But since Scenes only have IUserService references, I'm placing it here for now.
|
||||
bool VerifySession(UUID userID, UUID sessionID);
|
||||
|
||||
/// <summary>
|
||||
/// Authenticate a user by their password.
|
||||
/// </summary>
|
||||
///
|
||||
/// This is used by callers outside the login process that want to
|
||||
/// verify a user who has given their password.
|
||||
///
|
||||
/// This should probably also be in IAuthentication but is here for the same reasons as VerifySession() is
|
||||
///
|
||||
/// <param name="userID"></param>
|
||||
/// <param name="password"></param>
|
||||
/// <returns></returns>
|
||||
bool AuthenticateUserByPassword(UUID userID, string password);
|
||||
|
||||
// Temporary Hack until we move everything to the new service model
|
||||
void SetInventoryService(IInventoryService invService);
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -149,6 +149,11 @@ namespace OpenSim.Framework.Communications.Tests
|
|||
{
|
||||
throw new NotImplementedException();
|
||||
}
|
||||
|
||||
public virtual bool AuthenticateUserByPassword(UUID userID, string password)
|
||||
{
|
||||
throw new NotImplementedException();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -44,7 +44,8 @@ namespace OpenSim.Framework.Communications
|
|||
/// <summary>
|
||||
/// Base class for user management (create, read, etc)
|
||||
/// </summary>
|
||||
public abstract class UserManagerBase : IUserService, IUserAdminService, IAvatarService, IMessagingService, IAuthentication
|
||||
public abstract class UserManagerBase
|
||||
: IUserService, IUserAdminService, IAvatarService, IMessagingService, IAuthentication
|
||||
{
|
||||
private static readonly ILog m_log
|
||||
= LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
|
||||
|
|
@ -93,9 +94,9 @@ namespace OpenSim.Framework.Communications
|
|||
public void AddPlugin(string provider, string connect)
|
||||
{
|
||||
m_plugins.AddRange(DataPluginFactory.LoadDataPlugins<IUserDataPlugin>(provider, connect));
|
||||
}
|
||||
}
|
||||
|
||||
#region UserProfile
|
||||
#region UserProfile
|
||||
|
||||
public virtual void AddTemporaryUserProfile(UserProfileData userProfile)
|
||||
{
|
||||
|
|
@ -891,7 +892,10 @@ namespace OpenSim.Framework.Communications
|
|||
|
||||
if (userProfile != null && userProfile.CurrentAgent != null)
|
||||
{
|
||||
m_log.DebugFormat("[USER AUTH]: Verifying session {0} for {1}; current session {2}", sessionID, userID, userProfile.CurrentAgent.SessionID);
|
||||
m_log.DebugFormat(
|
||||
"[USER AUTH]: Verifying session {0} for {1}; current session {2}",
|
||||
sessionID, userID, userProfile.CurrentAgent.SessionID);
|
||||
|
||||
if (userProfile.CurrentAgent.SessionID == sessionID)
|
||||
{
|
||||
return true;
|
||||
|
|
@ -901,6 +905,26 @@ namespace OpenSim.Framework.Communications
|
|||
return false;
|
||||
}
|
||||
|
||||
public virtual bool AuthenticateUserByPassword(UUID userID, string password)
|
||||
{
|
||||
// m_log.DebugFormat("[USER AUTH]: Authenticating user {0} given password {1}", userID, password);
|
||||
|
||||
UserProfileData userProfile = GetUserProfile(userID);
|
||||
|
||||
if (null == userProfile)
|
||||
return false;
|
||||
|
||||
string md5PasswordHash = Util.Md5Hash(Util.Md5Hash(password) + ":" + userProfile.PasswordSalt);
|
||||
|
||||
// m_log.DebugFormat(
|
||||
// "[USER AUTH]: Submitted hash {0}, stored hash {1}", md5PasswordHash, userProfile.PasswordHash);
|
||||
|
||||
if (md5PasswordHash == userProfile.PasswordHash)
|
||||
return true;
|
||||
else
|
||||
return false;
|
||||
}
|
||||
|
||||
#endregion
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -108,6 +108,9 @@ namespace OpenSim.Grid.UserServer.Modules
|
|||
m_httpServer.AddXmlRPCHandler("get_user_by_uuid", XmlRPCGetUserMethodUUID);
|
||||
m_httpServer.AddXmlRPCHandler("get_avatar_picker_avatar", XmlRPCGetAvatarPickerAvatar);
|
||||
|
||||
// Used by IAR module to do password checks
|
||||
//m_httpServer.AddXmlRPCHandler("authenticate_user_by_password", XmlRPCAuthenticateUserMethodPassword);
|
||||
|
||||
m_httpServer.AddXmlRPCHandler("update_user_current_region", XmlRPCAtRegion);
|
||||
m_httpServer.AddXmlRPCHandler("logout_of_simulator", XmlRPCLogOffUserMethodUUID);
|
||||
m_httpServer.AddXmlRPCHandler("get_agent_by_uuid", XmlRPCGetAgentMethodUUID);
|
||||
|
|
@ -203,6 +206,57 @@ namespace OpenSim.Grid.UserServer.Modules
|
|||
|
||||
#region XMLRPC User Methods
|
||||
|
||||
/// <summary>
|
||||
/// Authenticate a user using their password
|
||||
/// </summary>
|
||||
/// <param name="request">Must contain values for "user_uuid" and "password" keys</param>
|
||||
/// <param name="remoteClient"></param>
|
||||
/// <returns></returns>
|
||||
public XmlRpcResponse XmlRPCAuthenticateUserMethodPassword(XmlRpcRequest request, IPEndPoint remoteClient)
|
||||
{
|
||||
// m_log.DebugFormat("[USER MANAGER]: Received authenticated user by password request from {0}", remoteClient);
|
||||
|
||||
Hashtable requestData = (Hashtable)request.Params[0];
|
||||
string userUuidRaw = (string)requestData["user_uuid"];
|
||||
string password = (string)requestData["password"];
|
||||
|
||||
if (null == userUuidRaw)
|
||||
return Util.CreateUnknownUserErrorResponse();
|
||||
|
||||
UUID userUuid;
|
||||
if (!UUID.TryParse(userUuidRaw, out userUuid))
|
||||
return Util.CreateUnknownUserErrorResponse();
|
||||
|
||||
UserProfileData userProfile = m_userDataBaseService.GetUserProfile(userUuid);
|
||||
if (null == userProfile)
|
||||
return Util.CreateUnknownUserErrorResponse();
|
||||
|
||||
string authed;
|
||||
|
||||
if (null == password)
|
||||
{
|
||||
authed = "FALSE";
|
||||
}
|
||||
else
|
||||
{
|
||||
if (m_userDataBaseService.AuthenticateUserByPassword(userUuid, password))
|
||||
authed = "TRUE";
|
||||
else
|
||||
authed = "FALSE";
|
||||
}
|
||||
|
||||
// m_log.DebugFormat(
|
||||
// "[USER MANAGER]: Authentication by password result from {0} for {1} is {2}",
|
||||
// remoteClient, userUuid, authed);
|
||||
|
||||
XmlRpcResponse response = new XmlRpcResponse();
|
||||
Hashtable responseData = new Hashtable();
|
||||
responseData["auth_user"] = authed;
|
||||
response.Value = responseData;
|
||||
|
||||
return response;
|
||||
}
|
||||
|
||||
public XmlRpcResponse XmlRPCGetAvatarPickerAvatar(XmlRpcRequest request, IPEndPoint remoteClient)
|
||||
{
|
||||
// XmlRpcResponse response = new XmlRpcResponse();
|
||||
|
|
@ -246,10 +300,10 @@ namespace OpenSim.Grid.UserServer.Modules
|
|||
m_userDataBaseService.CommitAgent(ref userProfile);
|
||||
//setUserProfile(userProfile);
|
||||
|
||||
|
||||
returnstring = "TRUE";
|
||||
}
|
||||
}
|
||||
|
||||
responseData.Add("returnString", returnstring);
|
||||
response.Value = responseData;
|
||||
return response;
|
||||
|
|
|
|||
|
|
@ -80,6 +80,21 @@ namespace OpenSim.Region.Communications.Local
|
|||
throw new Exception("[LOCAL USER SERVICES]: Unknown master user UUID. Possible reason: UserServer is not running.");
|
||||
}
|
||||
return data;
|
||||
}
|
||||
}
|
||||
|
||||
public override bool AuthenticateUserByPassword(UUID userID, string password)
|
||||
{
|
||||
UserProfileData userProfile = GetUserProfile(userID);
|
||||
|
||||
if (null == userProfile)
|
||||
return false;
|
||||
|
||||
string md5PasswordHash = Util.Md5Hash(Util.Md5Hash(password) + ":" + userProfile.PasswordSalt);
|
||||
|
||||
if (md5PasswordHash == userProfile.PasswordHash)
|
||||
return true;
|
||||
else
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -140,6 +140,47 @@ namespace OpenSim.Region.Communications.OGS1
|
|||
{
|
||||
m_log.DebugFormat("[OGS1 USER SERVICES]: Verifying user session for " + userID);
|
||||
return AuthClient.VerifySession(GetUserServerURL(userID), userID, sessionID);
|
||||
}
|
||||
}
|
||||
|
||||
public override bool AuthenticateUserByPassword(UUID userID, string password)
|
||||
{
|
||||
try
|
||||
{
|
||||
Hashtable param = new Hashtable();
|
||||
param["user_uuid"] = userID.ToString();
|
||||
param["password"] = password;
|
||||
IList parameters = new ArrayList();
|
||||
parameters.Add(param);
|
||||
XmlRpcRequest req = new XmlRpcRequest("authenticate_user_by_password", parameters);
|
||||
XmlRpcResponse resp = req.Send(m_commsManager.NetworkServersInfo.UserURL, 30000);
|
||||
Hashtable respData = (Hashtable)resp.Value;
|
||||
|
||||
// foreach (object key in respData.Keys)
|
||||
// {
|
||||
// Console.WriteLine("respData {0}, {1}", key, respData[key]);
|
||||
// }
|
||||
|
||||
// m_log.DebugFormat(
|
||||
// "[OGS1 USER SERVICES]: AuthenticatedUserByPassword response for {0} is [{1}]",
|
||||
// userID, respData["auth_user"]);
|
||||
|
||||
if ((string)respData["auth_user"] == "TRUE")
|
||||
{
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
m_log.ErrorFormat(
|
||||
"[OGS1 USER SERVICES]: Error when trying to authenticate user by password from remote user server: {0}",
|
||||
e);
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -322,7 +322,7 @@ namespace OpenSim.Region.CoreModules.Avatar.Inventory.Archiver
|
|||
/// <param name="pass">User password</param>
|
||||
/// <returns></returns>
|
||||
protected CachedUserInfo GetUserInfo(string firstName, string lastName, string pass)
|
||||
{
|
||||
{
|
||||
CachedUserInfo userInfo = m_aScene.CommsManager.UserProfileCacheService.GetUserDetails(firstName, lastName);
|
||||
//m_aScene.CommsManager.UserService.GetUserProfile(firstName, lastName);
|
||||
if (null == userInfo)
|
||||
|
|
@ -333,29 +333,18 @@ namespace OpenSim.Region.CoreModules.Avatar.Inventory.Archiver
|
|||
return null;
|
||||
}
|
||||
|
||||
string md5PasswdHash = Util.Md5Hash(Util.Md5Hash(pass) + ":" + userInfo.UserProfile.PasswordSalt);
|
||||
|
||||
if (userInfo.UserProfile.PasswordHash == null || userInfo.UserProfile.PasswordHash == String.Empty)
|
||||
if (m_aScene.CommsManager.UserService.AuthenticateUserByPassword(userInfo.UserProfile.ID, pass))
|
||||
{
|
||||
m_log.ErrorFormat(
|
||||
"[INVENTORY ARCHIVER]: Sorry, the grid mode service is not providing password hash details for the check. This will be fixed in an OpenSim git revision soon");
|
||||
|
||||
return null;
|
||||
return userInfo;
|
||||
}
|
||||
|
||||
// m_log.DebugFormat(
|
||||
// "[INVENTORY ARCHIVER]: received salt {0}, hash {1}, supplied hash {2}",
|
||||
// userInfo.UserProfile.PasswordSalt, userInfo.UserProfile.PasswordHash, md5PasswdHash);
|
||||
|
||||
if (userInfo.UserProfile.PasswordHash != md5PasswdHash)
|
||||
else
|
||||
{
|
||||
m_log.ErrorFormat(
|
||||
"[INVENTORY ARCHIVER]: Password for user {0} {1} incorrect. Please try again.",
|
||||
firstName, lastName);
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
return userInfo;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
|
|
|
|||
Loading…
Reference in New Issue