Allow load/save iar password checks to be done in grid mode

This should allow load/save iar to work for grid mode as long as the grid user service is later than this revision
Grid services of earlier revisions will always erroneously report incorrect password.  This will be addressed shortly.
remotes/origin/0.6.7-post-fixes
Justin Clark-Casey (justincc) 2009-09-24 14:54:12 +01:00
parent eb892e0545
commit 7870152d23
7 changed files with 166 additions and 26 deletions

View File

@ -137,9 +137,21 @@ namespace OpenSim.Framework.Communications
// But since Scenes only have IUserService references, I'm placing it here for now.
bool VerifySession(UUID userID, UUID sessionID);
/// <summary>
/// Authenticate a user by their password.
/// </summary>
///
/// This is used by callers outside the login process that want to
/// verify a user who has given their password.
///
/// This should probably also be in IAuthentication but is here for the same reasons as VerifySession() is
///
/// <param name="userID"></param>
/// <param name="password"></param>
/// <returns></returns>
bool AuthenticateUserByPassword(UUID userID, string password);
// Temporary Hack until we move everything to the new service model
void SetInventoryService(IInventoryService invService);
}
}

View File

@ -149,6 +149,11 @@ namespace OpenSim.Framework.Communications.Tests
{
throw new NotImplementedException();
}
public virtual bool AuthenticateUserByPassword(UUID userID, string password)
{
throw new NotImplementedException();
}
}
}
}

View File

@ -44,7 +44,8 @@ namespace OpenSim.Framework.Communications
/// <summary>
/// Base class for user management (create, read, etc)
/// </summary>
public abstract class UserManagerBase : IUserService, IUserAdminService, IAvatarService, IMessagingService, IAuthentication
public abstract class UserManagerBase
: IUserService, IUserAdminService, IAvatarService, IMessagingService, IAuthentication
{
private static readonly ILog m_log
= LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
@ -891,7 +892,10 @@ namespace OpenSim.Framework.Communications
if (userProfile != null && userProfile.CurrentAgent != null)
{
m_log.DebugFormat("[USER AUTH]: Verifying session {0} for {1}; current session {2}", sessionID, userID, userProfile.CurrentAgent.SessionID);
m_log.DebugFormat(
"[USER AUTH]: Verifying session {0} for {1}; current session {2}",
sessionID, userID, userProfile.CurrentAgent.SessionID);
if (userProfile.CurrentAgent.SessionID == sessionID)
{
return true;
@ -901,6 +905,26 @@ namespace OpenSim.Framework.Communications
return false;
}
public virtual bool AuthenticateUserByPassword(UUID userID, string password)
{
// m_log.DebugFormat("[USER AUTH]: Authenticating user {0} given password {1}", userID, password);
UserProfileData userProfile = GetUserProfile(userID);
if (null == userProfile)
return false;
string md5PasswordHash = Util.Md5Hash(Util.Md5Hash(password) + ":" + userProfile.PasswordSalt);
// m_log.DebugFormat(
// "[USER AUTH]: Submitted hash {0}, stored hash {1}", md5PasswordHash, userProfile.PasswordHash);
if (md5PasswordHash == userProfile.PasswordHash)
return true;
else
return false;
}
#endregion
}
}

View File

@ -108,6 +108,9 @@ namespace OpenSim.Grid.UserServer.Modules
m_httpServer.AddXmlRPCHandler("get_user_by_uuid", XmlRPCGetUserMethodUUID);
m_httpServer.AddXmlRPCHandler("get_avatar_picker_avatar", XmlRPCGetAvatarPickerAvatar);
// Used by IAR module to do password checks
//m_httpServer.AddXmlRPCHandler("authenticate_user_by_password", XmlRPCAuthenticateUserMethodPassword);
m_httpServer.AddXmlRPCHandler("update_user_current_region", XmlRPCAtRegion);
m_httpServer.AddXmlRPCHandler("logout_of_simulator", XmlRPCLogOffUserMethodUUID);
m_httpServer.AddXmlRPCHandler("get_agent_by_uuid", XmlRPCGetAgentMethodUUID);
@ -203,6 +206,57 @@ namespace OpenSim.Grid.UserServer.Modules
#region XMLRPC User Methods
/// <summary>
/// Authenticate a user using their password
/// </summary>
/// <param name="request">Must contain values for "user_uuid" and "password" keys</param>
/// <param name="remoteClient"></param>
/// <returns></returns>
public XmlRpcResponse XmlRPCAuthenticateUserMethodPassword(XmlRpcRequest request, IPEndPoint remoteClient)
{
// m_log.DebugFormat("[USER MANAGER]: Received authenticated user by password request from {0}", remoteClient);
Hashtable requestData = (Hashtable)request.Params[0];
string userUuidRaw = (string)requestData["user_uuid"];
string password = (string)requestData["password"];
if (null == userUuidRaw)
return Util.CreateUnknownUserErrorResponse();
UUID userUuid;
if (!UUID.TryParse(userUuidRaw, out userUuid))
return Util.CreateUnknownUserErrorResponse();
UserProfileData userProfile = m_userDataBaseService.GetUserProfile(userUuid);
if (null == userProfile)
return Util.CreateUnknownUserErrorResponse();
string authed;
if (null == password)
{
authed = "FALSE";
}
else
{
if (m_userDataBaseService.AuthenticateUserByPassword(userUuid, password))
authed = "TRUE";
else
authed = "FALSE";
}
// m_log.DebugFormat(
// "[USER MANAGER]: Authentication by password result from {0} for {1} is {2}",
// remoteClient, userUuid, authed);
XmlRpcResponse response = new XmlRpcResponse();
Hashtable responseData = new Hashtable();
responseData["auth_user"] = authed;
response.Value = responseData;
return response;
}
public XmlRpcResponse XmlRPCGetAvatarPickerAvatar(XmlRpcRequest request, IPEndPoint remoteClient)
{
// XmlRpcResponse response = new XmlRpcResponse();
@ -246,10 +300,10 @@ namespace OpenSim.Grid.UserServer.Modules
m_userDataBaseService.CommitAgent(ref userProfile);
//setUserProfile(userProfile);
returnstring = "TRUE";
}
}
responseData.Add("returnString", returnstring);
response.Value = responseData;
return response;

View File

@ -81,5 +81,20 @@ namespace OpenSim.Region.Communications.Local
}
return data;
}
public override bool AuthenticateUserByPassword(UUID userID, string password)
{
UserProfileData userProfile = GetUserProfile(userID);
if (null == userProfile)
return false;
string md5PasswordHash = Util.Md5Hash(Util.Md5Hash(password) + ":" + userProfile.PasswordSalt);
if (md5PasswordHash == userProfile.PasswordHash)
return true;
else
return false;
}
}
}

View File

@ -141,5 +141,46 @@ namespace OpenSim.Region.Communications.OGS1
m_log.DebugFormat("[OGS1 USER SERVICES]: Verifying user session for " + userID);
return AuthClient.VerifySession(GetUserServerURL(userID), userID, sessionID);
}
public override bool AuthenticateUserByPassword(UUID userID, string password)
{
try
{
Hashtable param = new Hashtable();
param["user_uuid"] = userID.ToString();
param["password"] = password;
IList parameters = new ArrayList();
parameters.Add(param);
XmlRpcRequest req = new XmlRpcRequest("authenticate_user_by_password", parameters);
XmlRpcResponse resp = req.Send(m_commsManager.NetworkServersInfo.UserURL, 30000);
Hashtable respData = (Hashtable)resp.Value;
// foreach (object key in respData.Keys)
// {
// Console.WriteLine("respData {0}, {1}", key, respData[key]);
// }
// m_log.DebugFormat(
// "[OGS1 USER SERVICES]: AuthenticatedUserByPassword response for {0} is [{1}]",
// userID, respData["auth_user"]);
if ((string)respData["auth_user"] == "TRUE")
{
return true;
}
else
{
return false;
}
}
catch (Exception e)
{
m_log.ErrorFormat(
"[OGS1 USER SERVICES]: Error when trying to authenticate user by password from remote user server: {0}",
e);
return false;
}
}
}
}

View File

@ -333,29 +333,18 @@ namespace OpenSim.Region.CoreModules.Avatar.Inventory.Archiver
return null;
}
string md5PasswdHash = Util.Md5Hash(Util.Md5Hash(pass) + ":" + userInfo.UserProfile.PasswordSalt);
if (userInfo.UserProfile.PasswordHash == null || userInfo.UserProfile.PasswordHash == String.Empty)
if (m_aScene.CommsManager.UserService.AuthenticateUserByPassword(userInfo.UserProfile.ID, pass))
{
m_log.ErrorFormat(
"[INVENTORY ARCHIVER]: Sorry, the grid mode service is not providing password hash details for the check. This will be fixed in an OpenSim git revision soon");
return null;
return userInfo;
}
// m_log.DebugFormat(
// "[INVENTORY ARCHIVER]: received salt {0}, hash {1}, supplied hash {2}",
// userInfo.UserProfile.PasswordSalt, userInfo.UserProfile.PasswordHash, md5PasswdHash);
if (userInfo.UserProfile.PasswordHash != md5PasswdHash)
else
{
m_log.ErrorFormat(
"[INVENTORY ARCHIVER]: Password for user {0} {1} incorrect. Please try again.",
firstName, lastName);
return null;
}
return userInfo;
}
/// <summary>