Re: [Opensim-dev] Coming up: region access control

2012-05-09 Thread Akira Sonoda 
Nice work !!! Thank you so much !!! Waiting for the "Allowed_Viewers"
policy ... which allows me to specify which viewers i want to allow on my
sims/regions

Akira

2012/3/17 Diva Canto 

> Hi all,
>
> I just committed a piece of code that performs access control in more ways
> than what is currently expressable by viewers. Specifically, it allows
> region operators to specify things like
> DisallowForeigners -- what it says
> DisallowResidents -- only admins and managers allowed in the region
>
> This is on a per-region basis, so you can have a simulator with several
> regions, each one ruled by a different policy.
>
> If there are other policies that make sense, please let me know. Also,
> DisallowResidents may be redundant with groups in place. But as far as I
> can see, without a groups service in place, there is no way to express that
> kind of access control, and I think that kind of control is important.
>
> This is the beginning of supporting rich access control policies in a
> federation scenario.
>
> http://opensimulator.org/**viewgit/?a=commit&p=opensim&h=**
> 33c14cb107ecb67a3e971d6adaab17**d173d52747
>
> Feedback welcome.
>
> Diva
>
> __**_
> Opensim-dev mailing list
> Opensim-dev@lists.berlios.de
> https://lists.berlios.de/**mailman/listinfo/opensim-dev
>
___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev

Re: [Opensim-dev] Coming up: region access control

2012-03-23 Thread James Stallings II 
Excellent Diva, Thanks :)

On Sun, Mar 18, 2012 at 4:28 PM, BlueWall  wrote:

> Nice. Also testing the email lists :)
>
> On Sat, 2012-03-17 at 14:26 -0700, Diva Canto wrote:
> > Unless you implemented your own authorization service, the
> > RemoteAuthorizationServicesConnector does absolutely nothing.
> >
> > On 3/17/2012 11:12 AM, Argus wrote:
> > > Hi Diva
> > >
> > >  Interessting new settings which i could use
> > >
> > >  I see in the GridCommon.ini that you added AuthorizationServices =
> > > "LocalAuthorizationServicesConnector". I am already using the
> > > "RemoteAuthorizationServicesConnector" in a few other projects. Taking
> > > a glance at the code both will not work together, right?
> > >
> > > Michelle
> > >
> > >
> > > Am 17.03.2012 18:15, schrieb Diva Canto:
> > >> Hi all,
> > >>
> > >> I just committed a piece of code that performs access control in more
> > >> ways than what is currently expressable by viewers. Specifically, it
> > >> allows region operators to specify things like
> > >> DisallowForeigners -- what it says
> > >> DisallowResidents -- only admins and managers allowed in the region
> > >>
> > >> This is on a per-region basis, so you can have a simulator with
> > >> several regions, each one ruled by a different policy.
> > >>
> > >> If there are other policies that make sense, please let me know.
> > >> Also, DisallowResidents may be redundant with groups in place. But as
> > >> far as I can see, without a groups service in place, there is no way
> > >> to express that kind of access control, and I think that kind of
> > >> control is important.
> > >>
> > >> This is the beginning of supporting rich access control policies in a
> > >> federation scenario.
> > >>
> > >>
> http://opensimulator.org/viewgit/?a=commit&p=opensim&h=33c14cb107ecb67a3e971d6adaab17d173d52747
> > >>
> > >>
> > >> Feedback welcome.
> > >>
> > >> Diva
> > >>
> > >> ___
> > >> Opensim-dev mailing list
> > >> Opensim-dev@lists.berlios.de
> > >> https://lists.berlios.de/mailman/listinfo/opensim-dev
> > >>
> > >
> > > ___
> > > Opensim-dev mailing list
> > > Opensim-dev@lists.berlios.de
> > > https://lists.berlios.de/mailman/listinfo/opensim-dev
> > >
> > >
> >
> > ___
> > Opensim-dev mailing list
> > Opensim-dev@lists.berlios.de
> > https://lists.berlios.de/mailman/listinfo/opensim-dev
>
>
> ___
> Opensim-dev mailing list
> Opensim-dev@lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>



-- 
===
http://simhost.com
http://twitter.com/jstallings2
http://www.linkedin.com/pub/5/770/a49
___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev

Re: [Opensim-dev] Coming up: region access control

2012-03-22 Thread Drew Hart 
I think this is great.  I don't know as much about OpenSim programming, so
forgive me if this is a complicated request, but as a web developer,
permissions is a huge thing.  For years, I used Drupal because they allowed
detailed permissions - who can write articles, who can comment, who can do
nothing, who can do everything, etc.  When Joomla finally added these (I
believe in version 1.6 or so), it was huge - so people/developers love
permissions.  I would take your idea and take it a step further.  Rather
than having a couple of groups and access levels, why not a completely
customizable solution.  Allow the grid owner to setup rules for residents
to create access groups - like those over 18/age verified (I know this
isn't an option now, but in the future), residents younger than 30 days,
admins, foreigners, and whatever.  You would need an interface to set this
up, need a way to automatically and/or manually assign residents and then I
would assume a one-column code in the database could be used to represent
the different categories and people in multiple categories.  So say
0=everyone, 1=over 18, 2=over 30 days old, etc., and then you could set
access to individual regions based on the code, say groups 1 and 2, or
whatever are allowed access to a particular sim.  I am oversimplifying and
this would probably be a pain, but it is an important thing that I think
would be of great use.

On Mon, Mar 19, 2012 at 9:01 AM, James Stallings II <
james.stalli...@gmail.com> wrote:

> Excellent Diva, Thanks :)
>
>
> On Sun, Mar 18, 2012 at 4:28 PM, BlueWall wrote:
>
>> Nice. Also testing the email lists :)
>>
>> On Sat, 2012-03-17 at 14:26 -0700, Diva Canto wrote:
>> > Unless you implemented your own authorization service, the
>> > RemoteAuthorizationServicesConnector does absolutely nothing.
>> >
>> > On 3/17/2012 11:12 AM, Argus wrote:
>> > > Hi Diva
>> > >
>> > >  Interessting new settings which i could use
>> > >
>> > >  I see in the GridCommon.ini that you added AuthorizationServices =
>> > > "LocalAuthorizationServicesConnector". I am already using the
>> > > "RemoteAuthorizationServicesConnector" in a few other projects. Taking
>> > > a glance at the code both will not work together, right?
>> > >
>> > > Michelle
>> > >
>> > >
>> > > Am 17.03.2012 18:15, schrieb Diva Canto:
>> > >> Hi all,
>> > >>
>> > >> I just committed a piece of code that performs access control in more
>> > >> ways than what is currently expressable by viewers. Specifically, it
>> > >> allows region operators to specify things like
>> > >> DisallowForeigners -- what it says
>> > >> DisallowResidents -- only admins and managers allowed in the region
>> > >>
>> > >> This is on a per-region basis, so you can have a simulator with
>> > >> several regions, each one ruled by a different policy.
>> > >>
>> > >> If there are other policies that make sense, please let me know.
>> > >> Also, DisallowResidents may be redundant with groups in place. But as
>> > >> far as I can see, without a groups service in place, there is no way
>> > >> to express that kind of access control, and I think that kind of
>> > >> control is important.
>> > >>
>> > >> This is the beginning of supporting rich access control policies in a
>> > >> federation scenario.
>> > >>
>> > >>
>> http://opensimulator.org/viewgit/?a=commit&p=opensim&h=33c14cb107ecb67a3e971d6adaab17d173d52747
>> > >>
>> > >>
>> > >> Feedback welcome.
>> > >>
>> > >> Diva
>> > >>
>> > >> ___
>> > >> Opensim-dev mailing list
>> > >> Opensim-dev@lists.berlios.de
>> > >> https://lists.berlios.de/mailman/listinfo/opensim-dev
>> > >>
>> > >
>> > > ___
>> > > Opensim-dev mailing list
>> > > Opensim-dev@lists.berlios.de
>> > > https://lists.berlios.de/mailman/listinfo/opensim-dev
>> > >
>> > >
>> >
>> > ___
>> > Opensim-dev mailing list
>> > Opensim-dev@lists.berlios.de
>> > https://lists.berlios.de/mailman/listinfo/opensim-dev
>>
>>
>> ___
>> Opensim-dev mailing list
>> Opensim-dev@lists.berlios.de
>> https://lists.berlios.de/mailman/listinfo/opensim-dev
>>
>
>
>
> --
> ===
> http://simhost.com
> http://twitter.com/jstallings2
> http://www.linkedin.com/pub/5/770/a49
>
> ___
> Opensim-dev mailing list
> Opensim-dev@lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>
___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev

Re: [Opensim-dev] Coming up: region access control

2012-03-21 Thread Argus 
So is it possible to have LocalAuthorizationServicesConnector AND 
RemoteAuthorizationServicesConnector running at the same time or not?


Am 17.03.2012 22:26, schrieb Diva Canto:
Unless you implemented your own authorization service, the 
RemoteAuthorizationServicesConnector does absolutely nothing.


On 3/17/2012 11:12 AM, Argus wrote:

Hi Diva

 Interessting new settings which i could use

 I see in the GridCommon.ini that you added AuthorizationServices = 
"LocalAuthorizationServicesConnector". I am already using the 
"RemoteAuthorizationServicesConnector" in a few other projects. 
Taking a glance at the code both will not work together, right?


Michelle


Am 17.03.2012 18:15, schrieb Diva Canto:

Hi all,

I just committed a piece of code that performs access control in 
more ways than what is currently expressable by viewers. 
Specifically, it allows region operators to specify things like

DisallowForeigners -- what it says
DisallowResidents -- only admins and managers allowed in the region

This is on a per-region basis, so you can have a simulator with 
several regions, each one ruled by a different policy.


If there are other policies that make sense, please let me know. 
Also, DisallowResidents may be redundant with groups in place. But 
as far as I can see, without a groups service in place, there is no 
way to express that kind of access control, and I think that kind of 
control is important.


This is the beginning of supporting rich access control policies in 
a federation scenario.


http://opensimulator.org/viewgit/?a=commit&p=opensim&h=33c14cb107ecb67a3e971d6adaab17d173d52747 



Feedback welcome.

Diva

___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev



___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev




___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev



___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev

Re: [Opensim-dev] Coming up: region access control

2012-03-19 Thread Diva Canto 
Unless you implemented your own authorization service, the 
RemoteAuthorizationServicesConnector does absolutely nothing.


On 3/17/2012 11:12 AM, Argus wrote:

Hi Diva

 Interessting new settings which i could use

 I see in the GridCommon.ini that you added AuthorizationServices = 
"LocalAuthorizationServicesConnector". I am already using the 
"RemoteAuthorizationServicesConnector" in a few other projects. Taking 
a glance at the code both will not work together, right?


Michelle


Am 17.03.2012 18:15, schrieb Diva Canto:

Hi all,

I just committed a piece of code that performs access control in more 
ways than what is currently expressable by viewers. Specifically, it 
allows region operators to specify things like

DisallowForeigners -- what it says
DisallowResidents -- only admins and managers allowed in the region

This is on a per-region basis, so you can have a simulator with 
several regions, each one ruled by a different policy.


If there are other policies that make sense, please let me know. 
Also, DisallowResidents may be redundant with groups in place. But as 
far as I can see, without a groups service in place, there is no way 
to express that kind of access control, and I think that kind of 
control is important.


This is the beginning of supporting rich access control policies in a 
federation scenario.


http://opensimulator.org/viewgit/?a=commit&p=opensim&h=33c14cb107ecb67a3e971d6adaab17d173d52747 



Feedback welcome.

Diva

___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev



___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev




___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev

Re: [Opensim-dev] Coming up: region access control

2012-03-19 Thread Cristina Videira Lopes 
No. Not without some coding to integrate both, which you can easily do 
if that's what you want.


On 3/19/2012 10:13 AM, Argus wrote:
So is it possible to have LocalAuthorizationServicesConnector AND 
RemoteAuthorizationServicesConnector running at the same time or not?


Am 17.03.2012 22:26, schrieb Diva Canto:
Unless you implemented your own authorization service, the 
RemoteAuthorizationServicesConnector does absolutely nothing.


On 3/17/2012 11:12 AM, Argus wrote:

Hi Diva

 Interessting new settings which i could use

 I see in the GridCommon.ini that you added AuthorizationServices = 
"LocalAuthorizationServicesConnector". I am already using the 
"RemoteAuthorizationServicesConnector" in a few other projects. 
Taking a glance at the code both will not work together, right?


Michelle


Am 17.03.2012 18:15, schrieb Diva Canto:

Hi all,

I just committed a piece of code that performs access control in 
more ways than what is currently expressable by viewers. 
Specifically, it allows region operators to specify things like

DisallowForeigners -- what it says
DisallowResidents -- only admins and managers allowed in the region

This is on a per-region basis, so you can have a simulator with 
several regions, each one ruled by a different policy.


If there are other policies that make sense, please let me know. 
Also, DisallowResidents may be redundant with groups in place. But 
as far as I can see, without a groups service in place, there is no 
way to express that kind of access control, and I think that kind 
of control is important.


This is the beginning of supporting rich access control policies in 
a federation scenario.


http://opensimulator.org/viewgit/?a=commit&p=opensim&h=33c14cb107ecb67a3e971d6adaab17d173d52747 



Feedback welcome.

Diva

___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev



___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev




___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev



___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev

___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev

Re: [Opensim-dev] Coming up: region access control

2012-03-18 Thread BlueWall 
Nice. Also testing the email lists :)

On Sat, 2012-03-17 at 14:26 -0700, Diva Canto wrote:
> Unless you implemented your own authorization service, the 
> RemoteAuthorizationServicesConnector does absolutely nothing.
> 
> On 3/17/2012 11:12 AM, Argus wrote:
> > Hi Diva
> >
> >  Interessting new settings which i could use
> >
> >  I see in the GridCommon.ini that you added AuthorizationServices = 
> > "LocalAuthorizationServicesConnector". I am already using the 
> > "RemoteAuthorizationServicesConnector" in a few other projects. Taking 
> > a glance at the code both will not work together, right?
> >
> > Michelle
> >
> >
> > Am 17.03.2012 18:15, schrieb Diva Canto:
> >> Hi all,
> >>
> >> I just committed a piece of code that performs access control in more 
> >> ways than what is currently expressable by viewers. Specifically, it 
> >> allows region operators to specify things like
> >> DisallowForeigners -- what it says
> >> DisallowResidents -- only admins and managers allowed in the region
> >>
> >> This is on a per-region basis, so you can have a simulator with 
> >> several regions, each one ruled by a different policy.
> >>
> >> If there are other policies that make sense, please let me know. 
> >> Also, DisallowResidents may be redundant with groups in place. But as 
> >> far as I can see, without a groups service in place, there is no way 
> >> to express that kind of access control, and I think that kind of 
> >> control is important.
> >>
> >> This is the beginning of supporting rich access control policies in a 
> >> federation scenario.
> >>
> >> http://opensimulator.org/viewgit/?a=commit&p=opensim&h=33c14cb107ecb67a3e971d6adaab17d173d52747
> >>  
> >>
> >>
> >> Feedback welcome.
> >>
> >> Diva
> >>
> >> ___
> >> Opensim-dev mailing list
> >> Opensim-dev@lists.berlios.de
> >> https://lists.berlios.de/mailman/listinfo/opensim-dev
> >>
> >
> > ___
> > Opensim-dev mailing list
> > Opensim-dev@lists.berlios.de
> > https://lists.berlios.de/mailman/listinfo/opensim-dev
> >
> >
> 
> ___
> Opensim-dev mailing list
> Opensim-dev@lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev


___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev

Re: [Opensim-dev] Coming up: region access control

2012-03-17 Thread Argus 

Hi Diva

 Interessting new settings which i could use

 I see in the GridCommon.ini that you added AuthorizationServices = 
"LocalAuthorizationServicesConnector". I am already using the 
"RemoteAuthorizationServicesConnector" in a few other projects. Taking a 
glance at the code both will not work together, right?


Michelle


Am 17.03.2012 18:15, schrieb Diva Canto:

Hi all,

I just committed a piece of code that performs access control in more 
ways than what is currently expressable by viewers. Specifically, it 
allows region operators to specify things like

DisallowForeigners -- what it says
DisallowResidents -- only admins and managers allowed in the region

This is on a per-region basis, so you can have a simulator with 
several regions, each one ruled by a different policy.


If there are other policies that make sense, please let me know. Also, 
DisallowResidents may be redundant with groups in place. But as far as 
I can see, without a groups service in place, there is no way to 
express that kind of access control, and I think that kind of control 
is important.


This is the beginning of supporting rich access control policies in a 
federation scenario.


http://opensimulator.org/viewgit/?a=commit&p=opensim&h=33c14cb107ecb67a3e971d6adaab17d173d52747 



Feedback welcome.

Diva

___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev



___
Opensim-dev mailing list
Opensim-dev@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev