diff --git a/OpenSim/Framework/AuthorizationRequest.cs b/OpenSim/Framework/AuthorizationRequest.cs index 864d87d956..3280c65391 100644 --- a/OpenSim/Framework/AuthorizationRequest.cs +++ b/OpenSim/Framework/AuthorizationRequest.cs @@ -29,7 +29,7 @@ namespace OpenSim.Framework { public class AuthorizationRequest { - private string m_ID; + private string m_userID; private string m_firstname; private string m_surname; private string m_email; @@ -40,46 +40,18 @@ namespace OpenSim.Framework { } - public AuthorizationRequest(string ID,string FirstName, string SurName, string Email, string RegionName, string RegionID) + public AuthorizationRequest(string ID, string RegionID) { - m_ID = ID; - m_firstname = FirstName; - m_surname = SurName; - m_email = Email; - m_regionName = RegionName; + m_userID = ID; m_regionID = RegionID; } public string ID { - get { return m_ID; } - set { m_ID = value; } + get { return m_userID; } + set { m_userID = value; } } - - public string FirstName - { - get { return m_firstname; } - set { m_firstname = value; } - } - - public string SurName - { - get { return m_surname; } - set { m_surname = value; } - } - - public string Email - { - get { return m_email; } - set { m_email = value; } - } - - public string RegionName - { - get { return m_regionName; } - set { m_regionName = value; } - } - + public string RegionID { get { return m_regionID; } diff --git a/OpenSim/Framework/AuthorizationResponse.cs b/OpenSim/Framework/AuthorizationResponse.cs index 5a03dfe238..c8d77dea22 100644 --- a/OpenSim/Framework/AuthorizationResponse.cs +++ b/OpenSim/Framework/AuthorizationResponse.cs @@ -36,7 +36,7 @@ namespace OpenSim.Framework { } - public AuthorizationResponse(bool isAuthorized,string message) + public AuthorizationResponse(bool isAuthorized, string message) { m_isAuthorized = isAuthorized; m_message = message; diff --git a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs index 797349678b..c52c257313 100644 --- a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs +++ b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs @@ -67,7 +67,7 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization IConfig moduleConfig = source.Configs["Modules"]; if (moduleConfig != null) { - string name = moduleConfig.GetString("AuthorizationServices", ""); + string name = moduleConfig.GetString("AuthorizationServices", string.Empty); if (name == Name) { IConfig authorizationConfig = source.Configs["AuthorizationService"]; @@ -132,9 +132,9 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization } - public bool isAuthorizedForRegion(UserProfileData user, RegionInfo region) + public bool IsAuthorizedForRegion(string userID, string regionID) { - return m_AuthorizationService.isAuthorizedForRegion( user, region); + return m_AuthorizationService.IsAuthorizedForRegion(userID, regionID); } } diff --git a/OpenSim/Region/Framework/Scenes/Scene.cs b/OpenSim/Region/Framework/Scenes/Scene.cs index 1346844a67..d95d9d3770 100644 --- a/OpenSim/Region/Framework/Scenes/Scene.cs +++ b/OpenSim/Region/Framework/Scenes/Scene.cs @@ -3250,12 +3250,10 @@ namespace OpenSim.Region.Framework.Scenes if (!m_strictAccessControl) return true; if (Permissions.IsGod(agent.AgentID)) return true; - - UserProfileData userProfile = CommsManager.UserService.GetUserProfile(agent.AgentID); - - if(AuthorizationService!=null) + + if (AuthorizationService != null) { - if(!AuthorizationService.isAuthorizedForRegion(userProfile,RegionInfo)) + if(!AuthorizationService.IsAuthorizedForRegion(agent.AgentID.ToString(), RegionInfo.RegionID.ToString())) { m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access to the region", agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName); diff --git a/OpenSim/Server/Handlers/Authorization/AuthorizationServerPostHandler.cs b/OpenSim/Server/Handlers/Authorization/AuthorizationServerPostHandler.cs index 407a18ad3b..fb079d35f0 100644 --- a/OpenSim/Server/Handlers/Authorization/AuthorizationServerPostHandler.cs +++ b/OpenSim/Server/Handlers/Authorization/AuthorizationServerPostHandler.cs @@ -60,7 +60,9 @@ namespace OpenSim.Server.Handlers.Authorization XmlSerializer xs = new XmlSerializer(typeof (AuthorizationRequest)); AuthorizationRequest Authorization = (AuthorizationRequest) xs.Deserialize(request); - AuthorizationResponse result = new AuthorizationResponse(true,Authorization.FirstName + " " + Authorization.SurName + " has been authorized"); + bool authorized = m_AuthorizationService.IsAuthorizedForRegion(Authorization.ID, Authorization.RegionID); + + AuthorizationResponse result = new AuthorizationResponse(authorized, Authorization.ID + " has been authorized"); xs = new XmlSerializer(typeof(AuthorizationResponse)); return ServerUtils.SerializeResult(xs, result); diff --git a/OpenSim/Services/AuthorizationService/AuthorizationService.cs b/OpenSim/Services/AuthorizationService/AuthorizationService.cs index e779325536..c795ba01f6 100644 --- a/OpenSim/Services/AuthorizationService/AuthorizationService.cs +++ b/OpenSim/Services/AuthorizationService/AuthorizationService.cs @@ -48,7 +48,7 @@ namespace OpenSim.Services.AuthorizationService m_log.Info("[AUTHORIZATION CONNECTOR]: Local Authorization service enabled"); } - public bool isAuthorizedForRegion(UserProfileData user, RegionInfo region) + public bool IsAuthorizedForRegion(string userID, string regionID) { return true; } diff --git a/OpenSim/Services/Connectors/Authorization/AuthorizationServiceConnector.cs b/OpenSim/Services/Connectors/Authorization/AuthorizationServiceConnector.cs index d65afc689c..d50a6ed721 100644 --- a/OpenSim/Services/Connectors/Authorization/AuthorizationServiceConnector.cs +++ b/OpenSim/Services/Connectors/Authorization/AuthorizationServiceConnector.cs @@ -88,14 +88,14 @@ namespace OpenSim.Services.Connectors m_ResponseOnFailure = responseOnFailure; } - public bool isAuthorizedForRegion(UserProfileData user, RegionInfo region) + public bool IsAuthorizedForRegion(string userID, string regionID) { // do a remote call to the authorization server specified in the AuthorizationServerURI - m_log.InfoFormat("[AUTHORIZATION CONNECTOR]: isAuthorizedForRegion checking {0} {1} at remote server {2}",user.FirstName,user.SurName, m_ServerURI); + m_log.InfoFormat("[AUTHORIZATION CONNECTOR]: IsAuthorizedForRegion checking {0} at remote server {1}", userID, m_ServerURI); string uri = m_ServerURI; - AuthorizationRequest req = new AuthorizationRequest(user.ID.ToString(),user.FirstName,user.SurName,user.Email,region.RegionName,region.RegionID.ToString()); + AuthorizationRequest req = new AuthorizationRequest(userID, regionID); AuthorizationResponse response; try @@ -104,16 +104,14 @@ namespace OpenSim.Services.Connectors } catch (Exception e) { - m_log.WarnFormat("[AUTHORIZATION CONNECTOR]: Unable to send authorize {0} {1} for region {2} error thrown during comms with remote server. Reason: {3}", user.FirstName,user.SurName,region.RegionName, e.Message); + m_log.WarnFormat("[AUTHORIZATION CONNECTOR]: Unable to send authorize {0} for region {1} error thrown during comms with remote server. Reason: {2}", userID, regionID, e.Message); m_log.WarnFormat("Inner Exception is {0}",e.InnerException); return m_ResponseOnFailure; } - m_log.DebugFormat("[AUTHORIZATION CONNECTOR] response from remote service was {0}",response.Message); - if(response.IsAuthorized) - return true; - else - return false; + m_log.DebugFormat("[AUTHORIZATION CONNECTOR] response from remote service was {0}", response.Message); + + return response.IsAuthorized; } } diff --git a/OpenSim/Services/Interfaces/IAuthorizationService.cs b/OpenSim/Services/Interfaces/IAuthorizationService.cs index e8b7298203..6acd1f6849 100644 --- a/OpenSim/Services/Interfaces/IAuthorizationService.cs +++ b/OpenSim/Services/Interfaces/IAuthorizationService.cs @@ -40,7 +40,7 @@ namespace OpenSim.Services.Interfaces // This method returns a simple true false indicating // whether or not a user has access to the region // - bool isAuthorizedForRegion(UserProfileData user, RegionInfo region); + bool IsAuthorizedForRegion(string userID, string regionID); } } diff --git a/bin/config-include/StandaloneHypergrid.ini b/bin/config-include/StandaloneHypergrid.ini index 6359ac0868..aa122be34e 100644 --- a/bin/config-include/StandaloneHypergrid.ini +++ b/bin/config-include/StandaloneHypergrid.ini @@ -11,6 +11,7 @@ AssetServices = "HGAssetBroker" InventoryServices = "HGInventoryBroker" NeighbourServices = "LocalNeighbourServicesConnector" + AuthorizationServices = "LocalAuthorizationServicesConnector" InventoryServiceInConnector = true AssetServiceInConnector = true HGAuthServiceInConnector = true @@ -31,6 +32,11 @@ LocalGridInventoryService = "OpenSim.Services.InventoryService.dll:InventoryService" HypergridInventoryService = "OpenSim.Services.Connectors.dll:HGInventoryServiceConnector" +[AuthorizationService] + LocalServiceModule = "OpenSim.Services.AuthorizationService.dll:AuthorizationService" + [AuthenticationService] ; For the HGAuthServiceInConnector - LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:HGAuthenticationService" \ No newline at end of file + LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:HGAuthenticationService" + + \ No newline at end of file