diff --git a/common/database.inc.php b/common/database.inc.php
index 0000006872..254b972e7d 100644
--- a/common/database.inc.php
+++ b/common/database.inc.php
@@ -2,8 +2,8 @@
 // this file tells all the OGS services where to find the MySQL database
 // if multiple OGS services are running on one machine, it is assumed that they all use the same MySQL server/database
 
-$dbhost="localhost";
+$dbhost="autopia.garethnelson.com";
 $dbuser="opengridservice";
 $dbname="OGS";
-$dbpasswd="";
+$dbpasswd="supersecret";
 ?>
diff --git a/common/util.inc.php b/common/util.inc.php
index ade7757621..b931205a29 100644
--- a/common/util.inc.php
+++ b/common/util.inc.php
@@ -23,6 +23,14 @@ function format_lluuid($uuid)
     return strtolower(substr($uuid,0,8)."-".substr($uuid,8,4)."-".substr($uuid,12,4)."-".substr($uuid,16,4)."-".substr($uuid,20));
 }
 
+function output_xml_block($blockname, $data) {
+	echo("<$blockname>\n");
+	foreach($data as $name => $value) {
+		echo(" <$name>$value</$name>\n");		
+	}
+	echo("</$blockname>\n");
+}
+
 function rand_uuid()
 {
    return sprintf( '%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
diff --git a/gridserver/gridserver_config.inc.php b/gridserver/gridserver_config.inc.php
index 35521c567e..98ebed360e 100644
--- a/gridserver/gridserver_config.inc.php
+++ b/gridserver/gridserver_config.inc.php
@@ -2,13 +2,13 @@
 // All the grid server specific stuff lives here
 
 // What we send to authenticate to the user/login server
-$userserver_sendkey="YO LOGIN, I'm ThE ReAL thInG and CaSE SeNSiTIVe TOO! Random stuff is good in our keys - 2432324343ifvo3o332i32o32i32o";
+$userserver_sendkey="1234";
 
 // What we expect to get back from the user/login server
-$userserver_recvkey="HEY GRID SERVER, I AM THE DAMN LOGIN SERVER, THIS IS MY KEY! ooh, randomness 32432gfrgergregrgrt34to44i433igfh44t09i094r09";
+$userserver_recvkey="1234";
 
-$sim_recvkey = "we are not linden labs1234dyson";
-$sim_sendkey = "you are ogs4325678";
+$sim_recvkey = "1234";
+$sim_sendkey = "1234";
 
 $grid_home = "/ogs/gridserver/";
 ?>
diff --git a/gridserver/usersessions/index.php b/gridserver/usersessions/index.php
index 35de30a19c..d88433e7fb 100644
--- a/gridserver/usersessions/index.php
+++ b/gridserver/usersessions/index.php
@@ -1,8 +1,14 @@
 <?
+// This file parses URLs of the format:
+// usersessions/key/userid/data
+// where key is the key to authenticate with the grid, userid is the user's LLUUID and data is the data about the user's session being requested
+// if the data requested is left out, an XML response will be sent
+
 error_reporting(E_ALL); // Remember kids, PHP errors kill XML-RPC responses and REST too! will the slaughter ever end?
 
 include("../gridserver_config.inc.php");
 include("../../common/database.inc.php");
+include("../../common/util.inc.php");
 
 // Parse out the parameters from the URL
 $params = str_replace($grid_home,'', $_SERVER['REQUEST_URI']);
@@ -11,17 +17,47 @@ $params = split('/',$params);
 
 // Die if the key doesn't match
 if($params[1]!=$sim_recvkey) {
-//    die();
+    die();
 }
 
-print_r($params);
-// Send requested data
-switch($params[0]) {
-    case 'getasset':
-	if($params[3]=="data") {
-		Header("Content-Length: ". (string)filesize($asset_repos . "/" . $params[2] . "/data"));
-		readfile($asset_repos . "/" . $params[2] . "/data");
-	}
-    break;
+// if only 4 params, assume we are sending an XML response
+if(count($params)==3) {
+    $link = mysql_connect($dbhost,$dbuser,$dbpasswd)
+     OR die("Unable to connect to database");
+
+     mysql_select_db($dbname)
+      or die("Unable to select database");
+
+    $agent_id = strtolower($params[2]);
+
+    $query = "SELECT * FROM sessions WHERE agent_id='$agent_id' AND session_active=1";
+
+
+    $result = mysql_query($query);
+    if(mysql_num_rows($result)>0) {
+        $info=mysql_fetch_assoc($result);
+        $circuit_code = $info['circuit_code'];
+        $secure_session_id=$info['secure_session_id'];
+	$session_id=$info['session_id'];
+
+        $query = "SELECT * FROM local_user_profiles WHERE userprofile_LLUUID='$agent_id'";
+        $result=mysql_query($query);
+        $userinfo=mysql_fetch_assoc($result);
+	$firstname=$userinfo['profile_firstname'];
+        $lastname=$userinfo['profile_lastname'];
+        $agent_id=$userinfo['userprofile_LLUUID'];
+
+	output_xml_block("usersession",Array(
+            'authkey' => $sim_sendkey,
+            'circuit_code' => $circuit_code,
+            'agent_id' => $agent_id,
+            'session_id' => $session_id,
+            'secure_session_id' => $secure_session_id,
+            'firstname' => $firstname,
+            'lastname' => $lastname
+        ));
+    }
+	
 }
+
 ?>
diff --git a/login/login_config.inc.php b/login/login_config.inc.php
index 9fb72ec59f..4cce696522 100644
--- a/login/login_config.inc.php
+++ b/login/login_config.inc.php
@@ -2,9 +2,10 @@
 // All the user/login server specific stuff lives here
 
 // What we send to authenticate to the grid server
-$gridserver_sendkey="HEY GRID SERVER, I AM THE DAMN LOGIN SERVER, THIS IS MY KEY! ooh, randomness 32432gfrgergregrgrt34to44i433igfh44t09i094r09";
+$gridserver_sendkey="1234";
 
 // What we expect to get back from the grid server
-$gridserver_recvkey="YO LOGIN, I'm ThE ReAL thInG and CaSE SeNSiTIVe TOO! Random stuff is good in our keys - 2432324343ifvo3o332i32o32i32o";
+$gridserver_recvkey="1234";
 
+$gridserver_url="http://www.osgrid.org/ogs/gridserver/index.php";
 ?>