Thanks again Ryan and Jonne I have indeed found a mail which explains my problem:
http://www.mail-archive.com/realxtend@googlegroups.com/msg00979.html The problem is the same. I guess Mikko Pallari has added a switch somewhere to check server ip upon an authentication request (server_check_ip). The only relevant switch I have found though is in AuthenticationSettings.xml which is: <check_server_ip>True</check_server_ip> I had already tried setting this to false but the problem still persists. Also as Jonne suggested I have tried setting my WAN IP for my three servers in xml configuration files. My viewer cant even connect to the opensim server that way... I tried all combinations of these(like setting opensim to internal ip and authentication to external, vice versa etc etc)... still I couldnt solve it. Do you know how I can contact Mikko Pallari? Perhaps an e-mail adress or something like that? He seems to know a lot about this issue. Also I could not find the source code of the application at: http://sourceforge.net/projects/realxtendserver/ Only binaries are there... I have already checked-out source code of the latest version of OpenSim and Modrex Modules however these dont include the source code for the authentication server... I cannot find the source code of the authentication server anywhere at the moment. The binary exists(authenticationserver-0.5) but no source code. And I still think the problem occurs due to a bug in this server. Is there anyone who actually managed to deploy a server which can be connected through WAN? Or any tutorials around? LAN and Local connection is easily done... but there should be someone who had connected through WAN via DSL connection. And finally I get the following error when I try to connect with login_name@<wan ip> perhaps it helps to debug it further: OpenSim server console: 18:41:48 - [REXLOGIN]: XMLRPC Client is realXtend 1.20.13.91224, start location is last 18:41:48 - [AUTHENTICATIONSERVICE]: SimAuthenticationAccount with account 18:41:49 - [AUTHENTICATION SERVICE]: Failed creating XmlRpcRequest 18:41:49 - [AUTHENTICATIONSERVICE]: SimAuthenticationAccount: Response is null. 18:41:49 - [LOGIN END]: XMLRPC User testuser@<WAN IP>:10001 ( 444dc39e712276580b40647a9f1807d60b481a4a) failed authentication Authentication server console: 18:37:42 - Authentication# : 18:41:44 - [LOGIN]: Authenticating Test User 18:41:44 - ------------------------------------------- 18:41:44 - CLIENT LOGGIN IN TO SIM: testuser@<WAN IP>:9000 18:41:44 - ------------------------------------------- And the error message I see on my viewer's screen: Login Failed: Could not authenticate your avatar. Please check your user name and password, and check the grid if problem persists. <WAN IP> I've mentioned in above error outputs is actually my WAN IP I wrote it like that due to security issues :D. Anyway... I have tried hacking client code a bit especially llstartup.cpp and lluserauth.cpp in case I can generate an XMLRPC login message where authentication ip is set same as the internal ip of the server. But it didnt work either :(:(:(... Perhaps there is some other way of doing it from client code with a hack. Something I havent realized yet. I again thank you all for your care in this subject. Best, Ateş Akaydın On 7 Ocak, 09:35, Ryan McDougall <sempu...@gmail.com> wrote: > The source can be found here:http://sourceforge.net/projects/realxtendserver/ > > I seem to recall a discussion about this issue before. Perhaps you can > look at the mailing list archives for an answer. Unfortunately, 0.5 > isn't being actively worked on any more, as we are focusing on Naali > and > Taiga:http://wiki.realxtend.org/index.php/Main_Page#Developer_Preview_Releases > > Cheers, > > On Wed, Jan 6, 2010 at 6:28 PM, akaydin <atesakay...@gmail.com> wrote: > > Ryan thanks a lot for your answer. > > > Unfortunately testu...@192.168.0.2 does not work from outside network. > > Nothing happens if I use internal ip here(192.168.0.2) however if I > > use WAN IP then I can connect to the authentication server(from what I > > see on authentication server console) but login operation fails. And > > if I can connect to the authentication server(althought login > > operation fails) then I believe that should mean that the WAN ip > > resolves correctly and redirected through my NAT. > > > I may be wrong but it seems like" testuser@<wan_ip>" is also sent as a > > complete string in some part of an xml message to the authentication > > server. I believe only the left part before "@" sign - that is > > "testuser" - and user password should be enough to authenticate a user > > (considering that ip adress is already resolved). > > > It seems to me that Authentication server simply checks if > > "testuser@<wan_ip>" matches with a string that it forms from local > > ip... like "testu...@192.168.0.2" and boom!.... these two dont match > > so login fails... > > > Internal ip stays the same for all pcs connected to a particular LAN. > > So no problems occur if I try to connect from a seperate pc which is > > in the same LAN with my server since username and host strings will > > always match. (actually this is what I have been doing till now). > > > These are all my assumptions though. I may be wrong but I believe > > something like this is the primary reason of this problem. > > > Can I download authentication server's source code from somewhere? > > perhaps I can try to fix this in source code... I have checked modrex > > site but couldn't find an svn link particularly for authentication and > > avatar storage servers. > > > Perhaps you are right though. I only have basic knowledge of > > networking so there may be a way of configuring the network so that > > this problem is fixed. > > > Is there a tutorial on how to do such a network configuration? Or is > > there anyone who successfully deployed a RealXTend server which > > operates on net standalone? Preferably someone who did it with DSL > > connection(and in my case also dynamic ip :D) > > > I would be happy to hear from you all... > > > And Ryan Thanks again for your answer, > > > Regards, > > > Ates Akaydin > > > On 6 Ocak, 16:44, Ryan McDougall <sempu...@gmail.com> wrote: > >> Once again, this is before my time, and I've never once worked on the > >> authentication servers, but afaik, this was a fundamental choice to > >> mimick the way e-mail works. You can't just send an email to "joe", it > >> has to be "joe" at "example.com", where example.com is a computer that > >> knows a certain joe among many. It works because there is an entry in > >> the DNS server that says the mail server that's authoritative for > >> example.com, and mail clients do a DNS query to find the IP. A number > >> of people here have set up reX for the public (such as > >> world.evocativi.com), so it *is* possible -- but you may need DNS > >> and/or public IPs... > > >> So basically, I think this an internal network configuration issue, > >> and kinda beyond what we're capable of helping you with. Network > >> configuration is not easy, and present a barrier to adoption of VW > >> servers (actually any non-trivial home server). Does > >> "testu...@192.168.0.2" work from outside the network? > > >> If anyone knows better than me, feel free to correct me. Better a > >> half-assed answer than none. > > >> Cheers, > > >> On Wed, Jan 6, 2010 at 10:16 AM, akaydin <atesakay...@gmail.com> wrote: > >> > Is there a way to configure authentication server such that it > >> > neglects IP attached to user name during authentication process. And > >> > authenticate solely on username and password instead. Nothing else? > > >> > On 6 Ocak, 10:12, akaydin <atesakay...@gmail.com> wrote: > >> >> Hi again, > > >> >> I've read most of the manuals and made necessary modifications to my > >> >> httpsettings and configuration xml files. > > >> >> I now have a server machine connected to the internet via ADSL(Dynamic > >> >> IP). It has some internal ip adress like 192.168.0.2 assigned by the > >> >> DHCP of the Adsl Modem. I have configured necessary ip values in my > >> >> xml files to this value 192.168.0.2. > > >> >> However since the modem routs data to several machines at once I had > >> >> to make a quick NAT configuration for RealXTend ports. So I had > >> >> directed my wan ports 7000-12000 to lan ports 7000-12000 on > >> >> 192.168.0.2 > > >> >> Now here comes the tricky part. No matter what I do I cannot > >> >> authenticate my avatar from the avatar server. > > >> >> I set the user name and connect to fields to the following in the > >> >> client ui. > > >> >> User name: testuser@<wan ip> > >> >> Connect to: <wan ip>:9000 > > >> >> where <wan ip> is my WAN ip. > > >> >> Anyway I see opensim server capturing the data I send on the console > >> >> log and creating an XMLRPC message for authentication server. However > >> >> Authentication Server does nothing and returns null. So my login > >> >> process fails with a "Login Failed: Could not authenticate your > >> >> avatar. Please check your user name and password and check the grid if > >> >> problem persists" message > > >> >> If I try to connect to my server with a client on the server machine > >> >> with following parameters: > > >> >> User name: testu...@192.168.0.2 > >> >> Connect to: 192.168.0.2:9000 > > >> >> Then I can connect without a problem. I can assure that the username > >> >> and password are correct I guess the domain name after "@" sign in > >> >> user name causes this. In a way that authentication server receives > >> >> wan-ip instead of 192.168.0.2 when I try to connect from a remote > >> >> client and doest not authenticate as wan-ip does not match with lan-ip > >> >> at that step. > > >> >> Can anyone help me solve this problem? > > >> >> Thanks a lot, > > >> >> Best Regards, > > >> >> Ates Akaydin > > >> > -- > >> >http://groups.google.com/group/realxtend > >> >http://www.realxtend.org > > > On 6 Ocak, 16:44, Ryan McDougall <sempu...@gmail.com> wrote: > >> Once again, this is before my time, and I've never once worked on the > >> authentication servers, but afaik, this was a fundamental choice to > >> mimick the way e-mail works. You can't just send an email to "joe", it > >> has to be "joe" at "example.com", where example.com is a computer that > >> knows a certain joe among many. It works because there is an entry in > >> the DNS server that says the mail server that's authoritative for > >> example.com, and mail clients do a DNS query to find the IP. A number > >> of people here have set up reX for the public (such as > >> world.evocativi.com), so it *is* possible -- but you may need DNS > >> and/or public IPs... > > >> So basically, I think this an internal network configuration issue, > >> and kinda beyond what we're capable of helping you with. Network > >> configuration is not easy, and present a barrier to adoption of VW > >> servers (actually any non-trivial home server). Does > >> "testu...@192.168.0.2" work from outside the network? > > >> If anyone knows better than me, feel free to correct me. Better a > >> half-assed answer than none. > > >> Cheers, > > >> On Wed, Jan 6, 2010 at 10:16 AM, akaydin <atesakay...@gmail.com> wrote: > >> > Is there a way to configure authentication server such that it > >> > neglects IP attached to user name during authentication process. And > >> > authenticate solely on username and password instead. Nothing else? > > >> > On 6 Ocak, 10:12, akaydin <atesakay...@gmail.com> wrote: > >> >> Hi again, > > >> >> I've read most of the manuals and made necessary modifications to my > >> >> httpsettings and configuration xml files. > > >> >> I now have a server machine connected to the internet via ADSL(Dynamic > >> >> IP). It has some internal ip adress like 192.168.0.2 assigned by the > >> >> DHCP of the Adsl Modem. I have configured necessary ip values in my > >> >> xml files to this value 192.168.0.2. > > >> >> However since the modem routs data to several machines at once I had > >> >> to make a quick NAT configuration for RealXTend ports. So I had > >> >> directed my wan ports 7000-12000 to lan ports 7000-12000 on > >> >> 192.168.0.2 > > >> >> Now here comes the tricky part. No matter what I do I cannot > >> >> authenticate my avatar from the avatar server. > > >> >> I set the user name and connect to fields to the following in the > >> >> client ui. > > >> >> User name: testuser@<wan ip> > >> >> Connect to: <wan ip>:9000 > > >> >> where <wan ip> is my WAN ip. > > >> >> Anyway I see opensim server capturing the data I send on the console > >> >> log and creating an XMLRPC message for authentication server. However > >> >> Authentication Server does nothing and returns null. So my login > >> >> process fails with a "Login Failed: Could not authenticate your > >> >> avatar. Please check your user name and password and check the grid if > >> >> problem persists" message > > >> >> If I try to connect to my server with a client on the server machine > >> >> with following parameters: > > >> >> User name: testu...@192.168.0.2 > >> >> Connect to: 192.168.0.2:9000 > > >> >> Then I can connect without a problem. I can assure that the username > >> >> and password are correct I guess the domain name after "@" sign in > >> >> user name causes this. In a way that authentication server receives > >> >> wan-ip instead of 192.168.0.2 when I try to connect from a remote > >> >> client and doest not authenticate as wan-ip does not match with lan-ip > >> >> at that step. > > >> >> Can anyone help me solve this problem? > > >> >> Thanks a lot, > > >> >> Best Regards, > > >> >> Ates Akaydin > > ... > > tamamını oku » On 7 Ocak, 09:35, Ryan McDougall <sempu...@gmail.com> wrote: > The source can be found here:http://sourceforge.net/projects/realxtendserver/ > > I seem to recall a discussion about this issue before. Perhaps you can > look at the mailing list archives for an answer. Unfortunately, 0.5 > isn't being actively worked on any more, as we are focusing on Naali > and > Taiga:http://wiki.realxtend.org/index.php/Main_Page#Developer_Preview_Releases > > Cheers, > > On Wed, Jan 6, 2010 at 6:28 PM, akaydin <atesakay...@gmail.com> wrote: > > Ryan thanks a lot for your answer. > > > Unfortunately testu...@192.168.0.2 does not work from outside network. > > Nothing happens if I use internal ip here(192.168.0.2) however if I > > use WAN IP then I can connect to the authentication server(from what I > > see on authentication server console) but login operation fails. And > > if I can connect to the authentication server(althought login > > operation fails) then I believe that should mean that the WAN ip > > resolves correctly and redirected through my NAT. > > > I may be wrong but it seems like" testuser@<wan_ip>" is also sent as a > > complete string in some part of an xml message to the authentication > > server. I believe only the left part before "@" sign - that is > > "testuser" - and user password should be enough to authenticate a user > > (considering that ip adress is already resolved). > > > It seems to me that Authentication server simply checks if > > "testuser@<wan_ip>" matches with a string that it forms from local > > ip... like "testu...@192.168.0.2" and boom!.... these two dont match > > so login fails... > > > Internal ip stays the same for all pcs connected to a particular LAN. > > So no problems occur if I try to connect from a seperate pc which is > > in the same LAN with my server since username and host strings will > > always match. (actually this is what I have been doing till now). > > > These are all my assumptions though. I may be wrong but I believe > > something like this is the primary reason of this problem. > > > Can I download authentication server's source code from somewhere? > > perhaps I can try to fix this in source code... I have checked modrex > > site but couldn't find an svn link particularly for authentication and > > avatar storage servers. > > > Perhaps you are right though. I only have basic knowledge of > > networking so there may be a way of configuring the network so that > > this problem is fixed. > > > Is there a tutorial on how to do such a network configuration? Or is > > there anyone who successfully deployed a RealXTend server which > > operates on net standalone? Preferably someone who did it with DSL > > connection(and in my case also dynamic ip :D) > > > I would be happy to hear from you all... > > > And Ryan Thanks again for your answer, > > > Regards, > > > Ates Akaydin > > > On 6 Ocak, 16:44, Ryan McDougall <sempu...@gmail.com> wrote: > >> Once again, this is before my time, and I've never once worked on the > >> authentication servers, but afaik, this was a fundamental choice to > >> mimick the way e-mail works. You can't just send an email to "joe", it > >> has to be "joe" at "example.com", where example.com is a computer that > >> knows a certain joe among many. It works because there is an entry in > >> the DNS server that says the mail server that's authoritative for > >> example.com, and mail clients do a DNS query to find the IP. A number > >> of people here have set up reX for the public (such as > >> world.evocativi.com), so it *is* possible -- but you may need DNS > >> and/or public IPs... > > >> So basically, I think this an internal network configuration issue, > >> and kinda beyond what we're capable of helping you with. Network > >> configuration is not easy, and present a barrier to adoption of VW > >> servers (actually any non-trivial home server). Does > >> "testu...@192.168.0.2" work from outside the network? > > >> If anyone knows better than me, feel free to correct me. Better a > >> half-assed answer than none. > > >> Cheers, > > >> On Wed, Jan 6, 2010 at 10:16 AM, akaydin <atesakay...@gmail.com> wrote: > >> > Is there a way to configure authentication server such that it > >> > neglects IP attached to user name during authentication process. And > >> > authenticate solely on username and password instead. Nothing else? > > >> > On 6 Ocak, 10:12, akaydin <atesakay...@gmail.com> wrote: > >> >> Hi again, > > >> >> I've read most of the manuals and made necessary modifications to my > >> >> httpsettings and configuration xml files. > > >> >> I now have a server machine connected to the internet via ADSL(Dynamic > >> >> IP). It has some internal ip adress like 192.168.0.2 assigned by the > >> >> DHCP of the Adsl Modem. I have configured necessary ip values in my > >> >> xml files to this value 192.168.0.2. > > >> >> However since the modem routs data to several machines at once I had > >> >> to make a quick NAT configuration for RealXTend ports. So I had > >> >> directed my wan ports 7000-12000 to lan ports 7000-12000 on > >> >> 192.168.0.2 > > >> >> Now here comes the tricky part. No matter what I do I cannot > >> >> authenticate my avatar from the avatar server. > > >> >> I set the user name and connect to fields to the following in the > >> >> client ui. > > >> >> User name: testuser@<wan ip> > >> >> Connect to: <wan ip>:9000 > > >> >> where <wan ip> is my WAN ip. > > >> >> Anyway I see opensim server capturing the data I send on the console > >> >> log and creating an XMLRPC message for authentication server. However > >> >> Authentication Server does nothing and returns null. So my login > >> >> process fails with a "Login Failed: Could not authenticate your > >> >> avatar. Please check your user name and password and check the grid if > >> >> problem persists" message > > >> >> If I try to connect to my server with a client on the server machine > >> >> with following parameters: > > >> >> User name: testu...@192.168.0.2 > >> >> Connect to: 192.168.0.2:9000 > > >> >> Then I can connect without a problem. I can assure that the username > >> >> and password are correct I guess the domain name after "@" sign in > >> >> user name causes this. In a way that authentication server receives > >> >> wan-ip instead of 192.168.0.2 when I try to connect from a remote > >> >> client and doest not authenticate as wan-ip does not match with lan-ip > >> >> at that step. > > >> >> Can anyone help me solve this problem? > > >> >> Thanks a lot, > > >> >> Best Regards, > > >> >> Ates Akaydin > > >> > -- > >> >http://groups.google.com/group/realxtend > >> >http://www.realxtend.org > > > On 6 Ocak, 16:44, Ryan McDougall <sempu...@gmail.com> wrote: > >> Once again, this is before my time, and I've never once worked on the > >> authentication servers, but afaik, this was a fundamental choice to > >> mimick the way e-mail works. You can't just send an email to "joe", it > >> has to be "joe" at "example.com", where example.com is a computer that > >> knows a certain joe among many. It works because there is an entry in > >> the DNS server that says the mail server that's authoritative for > >> example.com, and mail clients do a DNS query to find the IP. A number > >> of people here have set up reX for the public (such as > >> world.evocativi.com), so it *is* possible -- but you may need DNS > >> and/or public IPs... > > >> So basically, I think this an internal network configuration issue, > >> and kinda beyond what we're capable of helping you with. Network > >> configuration is not easy, and present a barrier to adoption of VW > >> servers (actually any non-trivial home server). Does > >> "testu...@192.168.0.2" work from outside the network? > > >> If anyone knows better than me, feel free to correct me. Better a > >> half-assed answer than none. > > >> Cheers, > > >> On Wed, Jan 6, 2010 at 10:16 AM, akaydin <atesakay...@gmail.com> wrote: > >> > Is there a way to configure authentication server such that it > >> > neglects IP attached to user name during authentication process. And > >> > authenticate solely on username and password instead. Nothing else? > > >> > On 6 Ocak, 10:12, akaydin <atesakay...@gmail.com> wrote: > >> >> Hi again, > > >> >> I've read most of the manuals and made necessary modifications to my > >> >> httpsettings and configuration xml files. > > >> >> I now have a server machine connected to the internet via ADSL(Dynamic > >> >> IP). It has some internal ip adress like 192.168.0.2 assigned by the > >> >> DHCP of the Adsl Modem. I have configured necessary ip values in my > >> >> xml files to this value 192.168.0.2. > > >> >> However since the modem routs data to several machines at once I had > >> >> to make a quick NAT configuration for RealXTend ports. So I had > >> >> directed my wan ports 7000-12000 to lan ports 7000-12000 on > >> >> 192.168.0.2 > > >> >> Now here comes the tricky part. No matter what I do I cannot > >> >> authenticate my avatar from the avatar server. > > >> >> I set the user name and connect to fields to the following in the > >> >> client ui. > > >> >> User name: testuser@<wan ip> > >> >> Connect to: <wan ip>:9000 > > >> >> where <wan ip> is my WAN ip. > > >> >> Anyway I see opensim server capturing the data I send on the console > >> >> log and creating an XMLRPC message for authentication server. However > >> >> Authentication Server does nothing and returns null. So my login > >> >> process fails with a "Login Failed: Could not authenticate your > >> >> avatar. Please check your user name and password and check the grid if > >> >> problem persists" message > > >> >> If I try to connect to my server with a client on the server machine > >> >> with following parameters: > > >> >> User name: testu...@192.168.0.2 > >> >> Connect to: 192.168.0.2:9000 > > >> >> Then I can connect without a problem. I can assure that the username > >> >> and password are correct I guess the domain name after "@" sign in > >> >> user name causes this. In a way that authentication server receives > >> >> wan-ip instead of 192.168.0.2 when I try to connect from a remote > >> >> client and doest not authenticate as wan-ip does not match with lan-ip > >> >> at that step. > > >> >> Can anyone help me solve this problem? > > >> >> Thanks a lot, > > >> >> Best Regards, > > >> >> Ates Akaydin > > ... > > tamamını oku »
-- http://groups.google.com/group/realxtend http://www.realxtend.org
