Changed the interface of IAuthorizationService to get less data.
parent
b5c8925fdf
commit
ce332f235c
|
@ -29,7 +29,7 @@ namespace OpenSim.Framework
|
|||
{
|
||||
public class AuthorizationRequest
|
||||
{
|
||||
private string m_ID;
|
||||
private string m_userID;
|
||||
private string m_firstname;
|
||||
private string m_surname;
|
||||
private string m_email;
|
||||
|
@ -40,44 +40,16 @@ namespace OpenSim.Framework
|
|||
{
|
||||
}
|
||||
|
||||
public AuthorizationRequest(string ID,string FirstName, string SurName, string Email, string RegionName, string RegionID)
|
||||
public AuthorizationRequest(string ID, string RegionID)
|
||||
{
|
||||
m_ID = ID;
|
||||
m_firstname = FirstName;
|
||||
m_surname = SurName;
|
||||
m_email = Email;
|
||||
m_regionName = RegionName;
|
||||
m_userID = ID;
|
||||
m_regionID = RegionID;
|
||||
}
|
||||
|
||||
public string ID
|
||||
{
|
||||
get { return m_ID; }
|
||||
set { m_ID = value; }
|
||||
}
|
||||
|
||||
public string FirstName
|
||||
{
|
||||
get { return m_firstname; }
|
||||
set { m_firstname = value; }
|
||||
}
|
||||
|
||||
public string SurName
|
||||
{
|
||||
get { return m_surname; }
|
||||
set { m_surname = value; }
|
||||
}
|
||||
|
||||
public string Email
|
||||
{
|
||||
get { return m_email; }
|
||||
set { m_email = value; }
|
||||
}
|
||||
|
||||
public string RegionName
|
||||
{
|
||||
get { return m_regionName; }
|
||||
set { m_regionName = value; }
|
||||
get { return m_userID; }
|
||||
set { m_userID = value; }
|
||||
}
|
||||
|
||||
public string RegionID
|
||||
|
|
|
@ -67,7 +67,7 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization
|
|||
IConfig moduleConfig = source.Configs["Modules"];
|
||||
if (moduleConfig != null)
|
||||
{
|
||||
string name = moduleConfig.GetString("AuthorizationServices", "");
|
||||
string name = moduleConfig.GetString("AuthorizationServices", string.Empty);
|
||||
if (name == Name)
|
||||
{
|
||||
IConfig authorizationConfig = source.Configs["AuthorizationService"];
|
||||
|
@ -132,9 +132,9 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization
|
|||
|
||||
}
|
||||
|
||||
public bool isAuthorizedForRegion(UserProfileData user, RegionInfo region)
|
||||
public bool IsAuthorizedForRegion(string userID, string regionID)
|
||||
{
|
||||
return m_AuthorizationService.isAuthorizedForRegion( user, region);
|
||||
return m_AuthorizationService.IsAuthorizedForRegion(userID, regionID);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -3251,11 +3251,9 @@ namespace OpenSim.Region.Framework.Scenes
|
|||
if (!m_strictAccessControl) return true;
|
||||
if (Permissions.IsGod(agent.AgentID)) return true;
|
||||
|
||||
UserProfileData userProfile = CommsManager.UserService.GetUserProfile(agent.AgentID);
|
||||
|
||||
if (AuthorizationService != null)
|
||||
{
|
||||
if(!AuthorizationService.isAuthorizedForRegion(userProfile,RegionInfo))
|
||||
if(!AuthorizationService.IsAuthorizedForRegion(agent.AgentID.ToString(), RegionInfo.RegionID.ToString()))
|
||||
{
|
||||
m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access to the region",
|
||||
agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
|
||||
|
|
|
@ -60,7 +60,9 @@ namespace OpenSim.Server.Handlers.Authorization
|
|||
XmlSerializer xs = new XmlSerializer(typeof (AuthorizationRequest));
|
||||
AuthorizationRequest Authorization = (AuthorizationRequest) xs.Deserialize(request);
|
||||
|
||||
AuthorizationResponse result = new AuthorizationResponse(true,Authorization.FirstName + " " + Authorization.SurName + " has been authorized");
|
||||
bool authorized = m_AuthorizationService.IsAuthorizedForRegion(Authorization.ID, Authorization.RegionID);
|
||||
|
||||
AuthorizationResponse result = new AuthorizationResponse(authorized, Authorization.ID + " has been authorized");
|
||||
|
||||
xs = new XmlSerializer(typeof(AuthorizationResponse));
|
||||
return ServerUtils.SerializeResult(xs, result);
|
||||
|
|
|
@ -48,7 +48,7 @@ namespace OpenSim.Services.AuthorizationService
|
|||
m_log.Info("[AUTHORIZATION CONNECTOR]: Local Authorization service enabled");
|
||||
}
|
||||
|
||||
public bool isAuthorizedForRegion(UserProfileData user, RegionInfo region)
|
||||
public bool IsAuthorizedForRegion(string userID, string regionID)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
|
|
@ -88,14 +88,14 @@ namespace OpenSim.Services.Connectors
|
|||
m_ResponseOnFailure = responseOnFailure;
|
||||
}
|
||||
|
||||
public bool isAuthorizedForRegion(UserProfileData user, RegionInfo region)
|
||||
public bool IsAuthorizedForRegion(string userID, string regionID)
|
||||
{
|
||||
// do a remote call to the authorization server specified in the AuthorizationServerURI
|
||||
m_log.InfoFormat("[AUTHORIZATION CONNECTOR]: isAuthorizedForRegion checking {0} {1} at remote server {2}",user.FirstName,user.SurName, m_ServerURI);
|
||||
m_log.InfoFormat("[AUTHORIZATION CONNECTOR]: IsAuthorizedForRegion checking {0} at remote server {1}", userID, m_ServerURI);
|
||||
|
||||
string uri = m_ServerURI;
|
||||
|
||||
AuthorizationRequest req = new AuthorizationRequest(user.ID.ToString(),user.FirstName,user.SurName,user.Email,region.RegionName,region.RegionID.ToString());
|
||||
AuthorizationRequest req = new AuthorizationRequest(userID, regionID);
|
||||
|
||||
AuthorizationResponse response;
|
||||
try
|
||||
|
@ -104,16 +104,14 @@ namespace OpenSim.Services.Connectors
|
|||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
m_log.WarnFormat("[AUTHORIZATION CONNECTOR]: Unable to send authorize {0} {1} for region {2} error thrown during comms with remote server. Reason: {3}", user.FirstName,user.SurName,region.RegionName, e.Message);
|
||||
m_log.WarnFormat("[AUTHORIZATION CONNECTOR]: Unable to send authorize {0} for region {1} error thrown during comms with remote server. Reason: {2}", userID, regionID, e.Message);
|
||||
m_log.WarnFormat("Inner Exception is {0}",e.InnerException);
|
||||
return m_ResponseOnFailure;
|
||||
}
|
||||
|
||||
m_log.DebugFormat("[AUTHORIZATION CONNECTOR] response from remote service was {0}", response.Message);
|
||||
if(response.IsAuthorized)
|
||||
return true;
|
||||
else
|
||||
return false;
|
||||
|
||||
return response.IsAuthorized;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -40,7 +40,7 @@ namespace OpenSim.Services.Interfaces
|
|||
// This method returns a simple true false indicating
|
||||
// whether or not a user has access to the region
|
||||
//
|
||||
bool isAuthorizedForRegion(UserProfileData user, RegionInfo region);
|
||||
bool IsAuthorizedForRegion(string userID, string regionID);
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
@ -11,6 +11,7 @@
|
|||
AssetServices = "HGAssetBroker"
|
||||
InventoryServices = "HGInventoryBroker"
|
||||
NeighbourServices = "LocalNeighbourServicesConnector"
|
||||
AuthorizationServices = "LocalAuthorizationServicesConnector"
|
||||
InventoryServiceInConnector = true
|
||||
AssetServiceInConnector = true
|
||||
HGAuthServiceInConnector = true
|
||||
|
@ -31,6 +32,11 @@
|
|||
LocalGridInventoryService = "OpenSim.Services.InventoryService.dll:InventoryService"
|
||||
HypergridInventoryService = "OpenSim.Services.Connectors.dll:HGInventoryServiceConnector"
|
||||
|
||||
[AuthorizationService]
|
||||
LocalServiceModule = "OpenSim.Services.AuthorizationService.dll:AuthorizationService"
|
||||
|
||||
[AuthenticationService]
|
||||
; For the HGAuthServiceInConnector
|
||||
LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:HGAuthenticationService"
|
||||
|
||||
|
Loading…
Reference in New Issue