diff --git a/OpenSim/Grid/UserServer.Modules/UserManager.cs b/OpenSim/Grid/UserServer.Modules/UserManager.cs
index 0320156445..002f232a63 100644
--- a/OpenSim/Grid/UserServer.Modules/UserManager.cs
+++ b/OpenSim/Grid/UserServer.Modules/UserManager.cs
@@ -166,6 +166,7 @@ namespace OpenSim.Grid.UserServer.Modules
// Account information
responseData["firstname"] = profile.FirstName;
responseData["lastname"] = profile.SurName;
+ responseData["email"] = profile.Email;
responseData["uuid"] = profile.ID.ToString();
// Server Information
responseData["server_inventory"] = profile.UserInventoryURI;
diff --git a/OpenSim/Region/Communications/OGS1/OGS1UserDataPlugin.cs b/OpenSim/Region/Communications/OGS1/OGS1UserDataPlugin.cs
index ec8512aff8..adc12aa0ef 100644
--- a/OpenSim/Region/Communications/OGS1/OGS1UserDataPlugin.cs
+++ b/OpenSim/Region/Communications/OGS1/OGS1UserDataPlugin.cs
@@ -651,6 +651,7 @@ namespace OpenSim.Region.Communications.OGS1
UserProfileData userData = new UserProfileData();
userData.FirstName = (string)data["firstname"];
userData.SurName = (string)data["lastname"];
+ userData.Email = (string)data["email"];
userData.ID = new UUID((string)data["uuid"]);
userData.Created = Convert.ToInt32(data["profile_created"]);
userData.UserInventoryURI = (string)data["server_inventory"];
diff --git a/OpenSim/Region/CoreModules/Resources/CoreModulePlugin.addin.xml b/OpenSim/Region/CoreModules/Resources/CoreModulePlugin.addin.xml
index 0de5215cb0..f9e61aa972 100644
--- a/OpenSim/Region/CoreModules/Resources/CoreModulePlugin.addin.xml
+++ b/OpenSim/Region/CoreModules/Resources/CoreModulePlugin.addin.xml
@@ -26,6 +26,8 @@
+
+
diff --git a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs
new file mode 100644
index 0000000000..c52c257313
--- /dev/null
+++ b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs
@@ -0,0 +1,141 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * * Neither the name of the OpenSimulator Project nor the
+ * names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+using log4net;
+using Nini.Config;
+using System;
+using System.Collections.Generic;
+using System.Reflection;
+using OpenSim.Framework;
+using OpenSim.Server.Base;
+using OpenSim.Region.Framework.Interfaces;
+using OpenSim.Region.Framework.Scenes;
+using OpenSim.Services.Interfaces;
+using OpenMetaverse;
+
+namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization
+{
+ public class LocalAuthorizationServicesConnector :
+ ISharedRegionModule, IAuthorizationService
+ {
+ private static readonly ILog m_log =
+ LogManager.GetLogger(
+ MethodBase.GetCurrentMethod().DeclaringType);
+
+ private IAuthorizationService m_AuthorizationService;
+
+ private bool m_Enabled = false;
+
+ public Type ReplaceableInterface
+ {
+ get { return null; }
+ }
+
+ public string Name
+ {
+ get { return "LocalAuthorizationServicesConnector"; }
+ }
+
+ public void Initialise(IConfigSource source)
+ {
+ m_log.Info("[AUTHORIZATION CONNECTOR]: Initialise");
+
+ IConfig moduleConfig = source.Configs["Modules"];
+ if (moduleConfig != null)
+ {
+ string name = moduleConfig.GetString("AuthorizationServices", string.Empty);
+ if (name == Name)
+ {
+ IConfig authorizationConfig = source.Configs["AuthorizationService"];
+ if (authorizationConfig == null)
+ {
+ m_log.Error("[AUTHORIZATION CONNECTOR]: AuthorizationService missing from OpenSim.ini");
+ return;
+ }
+
+ string serviceDll = authorizationConfig.GetString("LocalServiceModule",
+ String.Empty);
+
+ if (serviceDll == String.Empty)
+ {
+ m_log.Error("[AUTHORIZATION CONNECTOR]: No LocalServiceModule named in section AuthorizationService");
+ return;
+ }
+
+ Object[] args = new Object[] { source };
+ m_AuthorizationService =
+ ServerUtils.LoadPlugin(serviceDll,
+ args);
+
+ if (m_AuthorizationService == null)
+ {
+ m_log.Error("[AUTHORIZATION CONNECTOR]: Can't load authorization service");
+ return;
+ }
+ m_Enabled = true;
+ m_log.Info("[AUTHORIZATION CONNECTOR]: Local authorization connector enabled");
+ }
+ }
+ }
+
+ public void PostInitialise()
+ {
+ }
+
+ public void Close()
+ {
+ }
+
+ public void AddRegion(Scene scene)
+ {
+ if (!m_Enabled)
+ return;
+
+ scene.RegisterModuleInterface(this);
+ }
+
+ public void RemoveRegion(Scene scene)
+ {
+ }
+
+ public void RegionLoaded(Scene scene)
+ {
+ if (!m_Enabled)
+ return;
+
+ m_log.InfoFormat("[AUTHORIZATION CONNECTOR]: Enabled local authorization for region {0}", scene.RegionInfo.RegionName);
+
+
+ }
+
+ public bool IsAuthorizedForRegion(string userID, string regionID)
+ {
+ return m_AuthorizationService.IsAuthorizedForRegion(userID, regionID);
+ }
+
+ }
+}
diff --git a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/RemoteAuthorizationServiceConnector.cs b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/RemoteAuthorizationServiceConnector.cs
new file mode 100644
index 0000000000..ac8b566b04
--- /dev/null
+++ b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/RemoteAuthorizationServiceConnector.cs
@@ -0,0 +1,155 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * * Neither the name of the OpenSimulator Project nor the
+ * names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+using log4net;
+using System;
+using System.Collections.Generic;
+using System.Reflection;
+using Nini.Config;
+using OpenSim.Framework;
+using OpenSim.Services.Connectors;
+using OpenSim.Region.Framework.Interfaces;
+using OpenSim.Region.Framework.Scenes;
+using OpenSim.Services.Interfaces;
+using OpenMetaverse;
+
+namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization
+{
+ public class RemoteAuthorizationServicesConnector :
+ AuthorizationServicesConnector, ISharedRegionModule, IAuthorizationService
+ {
+ private static readonly ILog m_log =
+ LogManager.GetLogger(
+ MethodBase.GetCurrentMethod().DeclaringType);
+
+ private bool m_Enabled = false;
+ private List m_scenes = new List();
+
+ public Type ReplaceableInterface
+ {
+ get { return null; }
+ }
+
+ public string Name
+ {
+ get { return "RemoteAuthorizationServicesConnector"; }
+ }
+
+ public override void Initialise(IConfigSource source)
+ {
+ IConfig moduleConfig = source.Configs["Modules"];
+ if (moduleConfig != null)
+ {
+ string name = moduleConfig.GetString("AuthorizationServices", "");
+ if (name == Name)
+ {
+ IConfig authorizationConfig = source.Configs["AuthorizationService"];
+ if (authorizationConfig == null)
+ {
+ m_log.Error("[REMOTE AUTHORIZATION CONNECTOR]: AuthorizationService missing from OpenSim.ini");
+ return;
+ }
+
+ m_Enabled = true;
+
+ base.Initialise(source);
+
+ m_log.Info("[REMOTE AUTHORIZATION CONNECTOR]: Remote authorization enabled");
+ }
+ }
+ }
+
+ public void PostInitialise()
+ {
+ }
+
+ public void Close()
+ {
+ }
+
+ public void AddRegion(Scene scene)
+ {
+ if (!m_Enabled)
+ return;
+
+ if (!m_scenes.Contains(scene))
+ {
+ m_scenes.Add(scene);
+ scene.RegisterModuleInterface(this);
+ }
+
+ }
+
+ public void RemoveRegion(Scene scene)
+ {
+ }
+
+ public void RegionLoaded(Scene scene)
+ {
+ if (!m_Enabled)
+ return;
+
+ m_log.InfoFormat("[REMOTE AUTHORIZATION CONNECTOR]: Enabled remote authorization for region {0}", scene.RegionInfo.RegionName);
+
+ }
+
+ public bool IsAuthorizedForRegion(string userID, string regionID)
+ {
+ m_log.InfoFormat("[REMOTE AUTHORIZATION CONNECTOR]: IsAuthorizedForRegion checking {0} for region {1}", userID, regionID);
+
+ bool isAuthorized = true;
+
+ // get the scene this call is being made for
+ Scene scene = null;
+ lock (m_scenes)
+ {
+ foreach (Scene nextScene in m_scenes)
+ {
+ if (nextScene.RegionInfo.RegionID.ToString() == regionID)
+ {
+ scene = nextScene;
+ }
+ }
+ }
+
+ if(scene != null)
+ {
+ UserProfileData profile = scene.CommsManager.UserService.GetUserProfile(new UUID(userID));
+ isAuthorized = IsAuthorizedForRegion(userID, profile.FirstName, profile.SurName,
+ profile.Email, scene.RegionInfo.RegionName, regionID);
+ }
+ else
+ {
+ m_log.ErrorFormat("[REMOTE AUTHORIZATION CONNECTOR] IsAuthorizedForRegion, can't find scene to match region id of {0} ",regionID);
+ }
+
+
+ return isAuthorized;
+
+ }
+ }
+}
diff --git a/OpenSim/Region/Framework/Scenes/Scene.cs b/OpenSim/Region/Framework/Scenes/Scene.cs
index 5e27effd08..d95d9d3770 100644
--- a/OpenSim/Region/Framework/Scenes/Scene.cs
+++ b/OpenSim/Region/Framework/Scenes/Scene.cs
@@ -134,6 +134,7 @@ namespace OpenSim.Region.Framework.Scenes
public IXfer XferManager;
protected IAssetService m_AssetService = null;
+ protected IAuthorizationService m_AuthorizationService = null;
public IAssetService AssetService
{
@@ -152,6 +153,25 @@ namespace OpenSim.Region.Framework.Scenes
return m_AssetService;
}
}
+
+ public IAuthorizationService AuthorizationService
+ {
+ get
+ {
+ if (m_AuthorizationService == null)
+ {
+ m_AuthorizationService = RequestModuleInterface();
+
+ if (m_AuthorizationService == null)
+ {
+ // don't throw an exception if no authorization service is set for the time being
+ m_log.InfoFormat("[SCENE]: No Authorization service is configured");
+ }
+ }
+
+ return m_AuthorizationService;
+ }
+ }
protected IInventoryService m_InventoryService = null;
@@ -3230,7 +3250,16 @@ namespace OpenSim.Region.Framework.Scenes
if (!m_strictAccessControl) return true;
if (Permissions.IsGod(agent.AgentID)) return true;
-
+
+ if (AuthorizationService != null)
+ {
+ if(!AuthorizationService.IsAuthorizedForRegion(agent.AgentID.ToString(), RegionInfo.RegionID.ToString()))
+ {
+ m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access to the region",
+ agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
+ return false;
+ }
+ }
if (m_regInfo.EstateSettings.IsBanned(agent.AgentID))
{
diff --git a/OpenSim/Server/Handlers/Authorization/AuthorizationServerConnector.cs b/OpenSim/Server/Handlers/Authorization/AuthorizationServerConnector.cs
new file mode 100644
index 0000000000..0d9f239fe6
--- /dev/null
+++ b/OpenSim/Server/Handlers/Authorization/AuthorizationServerConnector.cs
@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * * Neither the name of the OpenSimulator Project nor the
+ * names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+using System;
+using Nini.Config;
+using OpenSim.Server.Base;
+using OpenSim.Services.Interfaces;
+using OpenSim.Framework.Servers.HttpServer;
+using OpenSim.Server.Handlers.Base;
+
+namespace OpenSim.Server.Handlers.Authorization
+{
+ public class AuthorizationServerConnector : ServiceConnector
+ {
+ private IAuthorizationService m_AuthorizationService;
+
+ public AuthorizationServerConnector(IConfigSource config, IHttpServer server) :
+ base(config, server)
+ {
+ IConfig serverConfig = config.Configs["AuthorizationService"];
+ if (serverConfig == null)
+ throw new Exception("No section 'Server' in config file");
+
+ string authorizationService = serverConfig.GetString("LocalServiceModule",
+ String.Empty);
+
+ if (authorizationService == String.Empty)
+ throw new Exception("No AuthorizationService in config file");
+
+ Object[] args = new Object[] { config };
+ m_AuthorizationService =
+ ServerUtils.LoadPlugin(authorizationService, args);
+
+ server.AddStreamHandler(new AuthorizationServerPostHandler(m_AuthorizationService));
+ }
+ }
+}
diff --git a/OpenSim/Server/Handlers/Authorization/AuthorizationServerPostHandler.cs b/OpenSim/Server/Handlers/Authorization/AuthorizationServerPostHandler.cs
new file mode 100644
index 0000000000..fb079d35f0
--- /dev/null
+++ b/OpenSim/Server/Handlers/Authorization/AuthorizationServerPostHandler.cs
@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * * Neither the name of the OpenSimulator Project nor the
+ * names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+using Nini.Config;
+using log4net;
+using System;
+using System.Reflection;
+using System.IO;
+using System.Net;
+using System.Text;
+using System.Text.RegularExpressions;
+using System.Xml;
+using System.Xml.Serialization;
+using OpenSim.Server.Base;
+using OpenSim.Services.Interfaces;
+using OpenSim.Framework;
+using OpenSim.Framework.Servers.HttpServer;
+
+namespace OpenSim.Server.Handlers.Authorization
+{
+ public class AuthorizationServerPostHandler : BaseStreamHandler
+ {
+ private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
+
+ private IAuthorizationService m_AuthorizationService;
+
+ public AuthorizationServerPostHandler(IAuthorizationService service) :
+ base("POST", "/authorization")
+ {
+ m_AuthorizationService = service;
+ }
+
+ public override byte[] Handle(string path, Stream request,
+ OSHttpRequest httpRequest, OSHttpResponse httpResponse)
+ {
+ XmlSerializer xs = new XmlSerializer(typeof (AuthorizationRequest));
+ AuthorizationRequest Authorization = (AuthorizationRequest) xs.Deserialize(request);
+
+ bool authorized = m_AuthorizationService.IsAuthorizedForRegion(Authorization.ID, Authorization.RegionID);
+
+ AuthorizationResponse result = new AuthorizationResponse(authorized, Authorization.ID + " has been authorized");
+
+ xs = new XmlSerializer(typeof(AuthorizationResponse));
+ return ServerUtils.SerializeResult(xs, result);
+
+ }
+ }
+}
diff --git a/OpenSim/Services/AuthorizationService/AuthorizationService.cs b/OpenSim/Services/AuthorizationService/AuthorizationService.cs
new file mode 100644
index 0000000000..c795ba01f6
--- /dev/null
+++ b/OpenSim/Services/AuthorizationService/AuthorizationService.cs
@@ -0,0 +1,56 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * * Neither the name of the OpenSimulator Project nor the
+ * names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+using System;
+using System.Reflection;
+using Nini.Config;
+using log4net;
+using OpenSim.Framework;
+using OpenSim.Framework.Console;
+using OpenSim.Data;
+using OpenSim.Services.Interfaces;
+using OpenMetaverse;
+
+namespace OpenSim.Services.AuthorizationService
+{
+ public class AuthorizationService : AuthorizationServiceBase, IAuthorizationService
+ {
+ private static readonly ILog m_log =
+ LogManager.GetLogger(
+ MethodBase.GetCurrentMethod().DeclaringType);
+
+ public AuthorizationService(IConfigSource config) : base(config)
+ {
+ m_log.Info("[AUTHORIZATION CONNECTOR]: Local Authorization service enabled");
+ }
+
+ public bool IsAuthorizedForRegion(string userID, string regionID)
+ {
+ return true;
+ }
+ }
+}
diff --git a/OpenSim/Services/AuthorizationService/AuthorizationServiceBase.cs b/OpenSim/Services/AuthorizationService/AuthorizationServiceBase.cs
new file mode 100644
index 0000000000..9e6d070b4b
--- /dev/null
+++ b/OpenSim/Services/AuthorizationService/AuthorizationServiceBase.cs
@@ -0,0 +1,83 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * * Neither the name of the OpenSimulator Project nor the
+ * names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+using System;
+using System.Reflection;
+using Nini.Config;
+using OpenSim.Framework;
+using OpenSim.Data;
+using OpenSim.Services.Interfaces;
+using OpenSim.Services.Base;
+
+namespace OpenSim.Services.AuthorizationService
+{
+ public class AuthorizationServiceBase : ServiceBase
+ {
+ protected IAssetDataPlugin m_Database = null;
+
+ public AuthorizationServiceBase(IConfigSource config) : base(config)
+ {
+ string dllName = String.Empty;
+ string connString = String.Empty;
+
+ //
+ // Try reading the [AuthorizationService] section first, if it exists
+ //
+ IConfig assetConfig = config.Configs["AuthorizationService"];
+ if (assetConfig != null)
+ {
+ dllName = assetConfig.GetString("StorageProvider", dllName);
+ connString = assetConfig.GetString("ConnectionString", connString);
+ }
+
+ //
+ // Try reading the [DatabaseService] section, if it exists
+ //
+ IConfig dbConfig = config.Configs["DatabaseService"];
+ if (dbConfig != null)
+ {
+ if (dllName == String.Empty)
+ dllName = dbConfig.GetString("StorageProvider", String.Empty);
+ if (connString == String.Empty)
+ connString = dbConfig.GetString("ConnectionString", String.Empty);
+ }
+
+ //
+ // We tried, but this doesn't exist. We can't proceed.
+ //
+ if (dllName.Equals(String.Empty))
+ throw new Exception("No StorageProvider configured");
+
+ m_Database = LoadPlugin(dllName);
+ if (m_Database == null)
+ throw new Exception("Could not find a storage interface in the given module");
+
+ m_Database.Initialise(connString);
+
+ }
+ }
+}
diff --git a/OpenSim/Services/Connectors/Authorization/AuthorizationServiceConnector.cs b/OpenSim/Services/Connectors/Authorization/AuthorizationServiceConnector.cs
new file mode 100644
index 0000000000..98309f1c08
--- /dev/null
+++ b/OpenSim/Services/Connectors/Authorization/AuthorizationServiceConnector.cs
@@ -0,0 +1,117 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * * Neither the name of the OpenSimulator Project nor the
+ * names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+using log4net;
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Reflection;
+using Nini.Config;
+using OpenSim.Framework;
+using OpenSim.Framework.Communications;
+using OpenSim.Framework.Servers.HttpServer;
+using OpenSim.Services.Interfaces;
+using OpenMetaverse;
+
+namespace OpenSim.Services.Connectors
+{
+ public class AuthorizationServicesConnector
+ {
+ private static readonly ILog m_log =
+ LogManager.GetLogger(
+ MethodBase.GetCurrentMethod().DeclaringType);
+
+ private string m_ServerURI = String.Empty;
+ private bool m_ResponseOnFailure = true;
+
+ public AuthorizationServicesConnector()
+ {
+ }
+
+ public AuthorizationServicesConnector(string serverURI)
+ {
+ m_ServerURI = serverURI.TrimEnd('/');
+ }
+
+ public AuthorizationServicesConnector(IConfigSource source)
+ {
+ Initialise(source);
+ }
+
+ public virtual void Initialise(IConfigSource source)
+ {
+ IConfig authorizationConfig = source.Configs["AuthorizationService"];
+ if (authorizationConfig == null)
+ {
+ m_log.Error("[AUTHORIZATION CONNECTOR]: AuthorizationService missing from OpenSim.ini");
+ throw new Exception("Authorization connector init error");
+ }
+
+ string serviceURI = authorizationConfig.GetString("AuthorizationServerURI",
+ String.Empty);
+
+ if (serviceURI == String.Empty)
+ {
+ m_log.Error("[AUTHORIZATION CONNECTOR]: No Server URI named in section AuthorizationService");
+ throw new Exception("Authorization connector init error");
+ }
+ m_ServerURI = serviceURI;
+
+ // this dictates what happens if the remote service fails, if the service fails and the value is true
+ // the user is authorized for the region.
+ bool responseOnFailure = authorizationConfig.GetBoolean("ResponseOnFailure",true);
+
+ m_ResponseOnFailure = responseOnFailure;
+ }
+
+ public bool IsAuthorizedForRegion(string userID, string firstname, string surname, string email, string regionName, string regionID)
+ {
+ // do a remote call to the authorization server specified in the AuthorizationServerURI
+ m_log.InfoFormat("[AUTHORIZATION CONNECTOR]: IsAuthorizedForRegion checking {0} at remote server {1}", userID, m_ServerURI);
+
+ string uri = m_ServerURI;
+
+ AuthorizationRequest req = new AuthorizationRequest(userID, firstname, surname, email, regionName, regionID);
+
+ AuthorizationResponse response;
+ try
+ {
+ response = SynchronousRestObjectRequester.MakeRequest("POST", uri, req);
+ }
+ catch (Exception e)
+ {
+ m_log.WarnFormat("[AUTHORIZATION CONNECTOR]: Unable to send authorize {0} for region {1} error thrown during comms with remote server. Reason: {2}", userID, regionID, e.Message);
+ return m_ResponseOnFailure;
+ }
+
+ m_log.DebugFormat("[AUTHORIZATION CONNECTOR] response from remote service was {0}", response.Message);
+
+ return response.IsAuthorized;
+ }
+
+ }
+}
diff --git a/OpenSim/Services/Interfaces/IAuthorizationService.cs b/OpenSim/Services/Interfaces/IAuthorizationService.cs
new file mode 100644
index 0000000000..91afa9aa30
--- /dev/null
+++ b/OpenSim/Services/Interfaces/IAuthorizationService.cs
@@ -0,0 +1,144 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * * Neither the name of the OpenSimulator Project nor the
+ * names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+using System;
+using OpenSim.Framework;
+
+namespace OpenSim.Services.Interfaces
+{
+ // Generic Authorization service used for authorizing principals in a particular region
+
+ public interface IAuthorizationService
+ {
+ //////////////////////////////////////////////////////
+ // Authorized
+ //
+ // This method returns a simple true false indicating
+ // whether or not a user has access to the region
+ //
+ bool IsAuthorizedForRegion(string userID, string regionID);
+
+ }
+
+ public class AuthorizationRequest
+ {
+ private string m_userID;
+ private string m_firstname;
+ private string m_surname;
+ private string m_email;
+ private string m_regionName;
+ private string m_regionID;
+
+ public AuthorizationRequest()
+ {
+ }
+
+ public AuthorizationRequest(string ID, string RegionID)
+ {
+ m_userID = ID;
+ m_regionID = RegionID;
+ }
+
+ public AuthorizationRequest(string ID,string FirstName, string SurName, string Email, string RegionName, string RegionID)
+ {
+ m_userID = ID;
+ m_firstname = FirstName;
+ m_surname = SurName;
+ m_email = Email;
+ m_regionName = RegionName;
+ m_regionID = RegionID;
+ }
+
+ public string ID
+ {
+ get { return m_userID; }
+ set { m_userID = value; }
+ }
+
+ public string FirstName
+ {
+ get { return m_firstname; }
+ set { m_firstname = value; }
+ }
+
+ public string SurName
+ {
+ get { return m_surname; }
+ set { m_surname = value; }
+ }
+
+ public string Email
+ {
+ get { return m_email; }
+ set { m_email = value; }
+ }
+
+ public string RegionName
+ {
+ get { return m_regionName; }
+ set { m_regionName = value; }
+ }
+
+ public string RegionID
+ {
+ get { return m_regionID; }
+ set { m_regionID = value; }
+ }
+
+
+
+ }
+
+ public class AuthorizationResponse
+ {
+ private bool m_isAuthorized;
+ private string m_message;
+
+ public AuthorizationResponse()
+ {
+ }
+
+ public AuthorizationResponse(bool isAuthorized, string message)
+ {
+ m_isAuthorized = isAuthorized;
+ m_message = message;
+
+ }
+
+ public bool IsAuthorized
+ {
+ get { return m_isAuthorized; }
+ set { m_isAuthorized = value; }
+ }
+
+ public string Message
+ {
+ get { return m_message; }
+ set { m_message = value; }
+ }
+ }
+}
diff --git a/bin/config-include/Grid.ini b/bin/config-include/Grid.ini
index 3b8f3a9737..10f7dbdb28 100644
--- a/bin/config-include/Grid.ini
+++ b/bin/config-include/Grid.ini
@@ -10,6 +10,7 @@
[Modules]
AssetServices = "RemoteAssetServicesConnector"
InventoryServices = "RemoteInventoryServicesConnector"
+ AuthorizationServices = "RemoteAuthorizationServicesConnector"
NeighbourServices = "RemoteNeighbourServicesConnector"
NeighbourServiceInConnector = true
LandServiceInConnector = true
diff --git a/bin/config-include/Standalone.ini b/bin/config-include/Standalone.ini
index c1873584d1..24020b63ff 100644
--- a/bin/config-include/Standalone.ini
+++ b/bin/config-include/Standalone.ini
@@ -11,9 +11,13 @@
AssetServices = "LocalAssetServicesConnector"
InventoryServices = "LocalInventoryServicesConnector"
NeighbourServices = "LocalNeighbourServicesConnector"
+ AuthorizationServices = "LocalAuthorizationServicesConnector"
[AssetService]
LocalServiceModule = "OpenSim.Services.AssetService.dll:AssetService"
[InventoryService]
LocalServiceModule = "OpenSim.Services.InventoryService.dll:InventoryService"
+
+[AuthorizationService]
+ LocalServiceModule = "OpenSim.Services.AuthorizationService.dll:AuthorizationService"
diff --git a/bin/config-include/StandaloneHypergrid.ini b/bin/config-include/StandaloneHypergrid.ini
index 6359ac0868..aa122be34e 100644
--- a/bin/config-include/StandaloneHypergrid.ini
+++ b/bin/config-include/StandaloneHypergrid.ini
@@ -11,6 +11,7 @@
AssetServices = "HGAssetBroker"
InventoryServices = "HGInventoryBroker"
NeighbourServices = "LocalNeighbourServicesConnector"
+ AuthorizationServices = "LocalAuthorizationServicesConnector"
InventoryServiceInConnector = true
AssetServiceInConnector = true
HGAuthServiceInConnector = true
@@ -31,6 +32,11 @@
LocalGridInventoryService = "OpenSim.Services.InventoryService.dll:InventoryService"
HypergridInventoryService = "OpenSim.Services.Connectors.dll:HGInventoryServiceConnector"
+[AuthorizationService]
+ LocalServiceModule = "OpenSim.Services.AuthorizationService.dll:AuthorizationService"
+
[AuthenticationService]
; For the HGAuthServiceInConnector
- LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:HGAuthenticationService"
\ No newline at end of file
+ LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:HGAuthenticationService"
+
+
\ No newline at end of file
diff --git a/prebuild.xml b/prebuild.xml
index b84fddd17b..77e536ad1f 100644
--- a/prebuild.xml
+++ b/prebuild.xml
@@ -1289,6 +1289,37 @@
+
+
+
+
+ ../../../bin/
+
+
+
+
+ ../../../bin/
+
+
+
+ ../../../bin/
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+