[Opensim-dev] User Authentication

Hi, I'm about to start tightening the ropes for the Hypergrid in order to make it safer, and also make safer some loose ends of OpenSim without HG, and I would appreciate feedback on this. The first issue that needs to be addressed is the issue of user authentication. The regions need to be ab

Re: [Opensim-dev] User Authentication

Hello I got promising link from yesterday from Ryan (sempuki): http://dev.aol.com/OpenidTokenExchange That seems to be developed to solve exactly this problem. First point of authentication fetches tokens from token exchange, passes those temporary tokens to other components which use them to va

Re: [Opensim-dev] User Authentication

s and offer my whole hearted support to encourage folks to test it *before* I get up one morning and find "Wright Plaza" is a smoking hole in the ground. Charles Krinke From: Diva Canto To: opensim-dev@lists.berlios.de Sent: Monday, Februar

Re: [Opensim-dev] User Authentication

Tommi Laukkanen kirjoitti: > I got promising link from yesterday from Ryan (sempuki): > http://dev.aol.com/OpenidTokenExchange > That seems to be developed to solve exactly this problem. First point > of authentication fetches tokens from token yep and a token is also what the original / current

Re: [Opensim-dev] User Authentication

Auftrag von Toni Alatalo Gesendet: Mo 23.02.2009 21:37 An: opensim-dev@lists.berlios.de Betreff: Re: [Opensim-dev] User Authentication Tommi Laukkanen kirjoitti: > I got promising link from yesterday from Ryan (sempuki): > http://dev.aol.com/OpenidTokenExchange > That seems to be dev

Re: [Opensim-dev] User Authentication

t; -Ursprüngliche Nachricht- > Von: opensim-dev-boun...@lists.berlios.de im Auftrag von Toni Alatalo > Gesendet: Mo 23.02.2009 21:37 > An: opensim-dev@lists.berlios.de > Betreff: Re: [Opensim-dev] User Authentication > > Tommi Laukkanen kirjoitti: > >> I got

Re: [Opensim-dev] User Authentication

As we cannot change the viewer at the moment one could use the opensim login code to create the token... regards, Tommi ___ Opensim-dev mailing list Opensim-dev@lists.berlios.de https://lists.berlios.de/mailman/listinfo/opensim-dev

Re: [Opensim-dev] User Authentication

uftrag von Tommi Laukkanen Gesendet: Montag, 23. Februar 2009 22:03 An: opensim-dev@lists.berlios.de Betreff: Re: [Opensim-dev] User Authentication As we cannot change the viewer at the moment one could use the opensim login code to create the token... regar

Re: [Opensim-dev] User Authentication

You could use the LLClientView to do it as well. So other protocols (MXP) with their own client views could go directly to proper model. ___ Opensim-dev mailing list Opensim-dev@lists.berlios.de https://lists.berlios.de/mailman/listinfo/opensim-dev

Re: [Opensim-dev] User Authentication

gration. Cheers, Ralf -- Date: Mon, 23 Feb 2009 21:48:00 +0100 From: "Dirk Krause" Subject: Re: [Opensim-dev] User Authentication To: Message-ID: <72c1c9e5780a134f896530d480f22bb702142...@hermes.bitlab.de> Content-Type: text/plain;

Re: [Opensim-dev] User Authentication

Right. The constraint here, let's not forget, is that we want to continue to reuse the LL viewer for a while. I'm going to read that doc about OpenID tokens, but if it requires participation from the viewer, forget it... We are and will continue to be in LL Viewer hacking mode in the foreseeable

Re: [Opensim-dev] User Authentication

I meant that in LLClientView login we could contact the open id token provider for token. Each ugaim could basicly implement open id token provider functionality as well in case all users are not interested to use external token provider. This would enable us to use grid based user directories as b

Re: [Opensim-dev] User Authentication

expect that time to be later this year at a minimum. Charles From: Diva Canto To: opensim-dev@lists.berlios.de Sent: Monday, February 23, 2009 2:31:25 PM Subject: Re: [Opensim-dev] User Authentication Right. The constraint here, let's not forget, is th

Re: [Opensim-dev] User Authentication

[Restoring this thread back as an opensim-dev thread -- apparently it got forwarded to the REX mailing list, and got some extra words in the subject. Whatever I'm going to do in the OpenSim code right now will assume an unmodified LL Viewer... and normal routers] Diva Canto wrote: Rephrasing m

Re: [Opensim-dev] User Authentication

Mark Malewski wrote: Just to clarify... */> Grids could provide openIDs in the form of "/**/openid.osgrid.org/users/screenname/* */"/* With all grids being independent of one another, or in the example given by John, maybe use an "openid.osgrid.org/user

Re: [Opensim-dev] User Authentication

>-Original Message- >From: opensim-dev-boun...@lists.berlios.de [mailto:opensim-dev- >boun...@lists.berlios.de] On Behalf Of Diva Canto >Sent: Monday, February 23, 2009 5:06 PM >To: opensim-dev@lists.berlios.de >Subject: Re: [Opensim-dev] User Authentication >

Re: [Opensim-dev] User Authentication

ct Charles p.s. "Sports Illuminated". I like that one. From: Diva Canto To: opensim-dev@lists.berlios.de Sent: Monday, February 23, 2009 5:05:42 PM Subject: Re: [Opensim-dev] User Authentication Mark Malewski wrote: Just to clarify... > Grids c

Re: [Opensim-dev] User Authentication

Crista, If Grid owners chose to use OpenID to allow users to authenticate (between grids) that would be a choice that a Grid owner would have to make. You can't just expect ALL grids to be wide open, without any form of interoperable secure authentication (trust) between grids, and also expect ev

Re: [Opensim-dev] User Authentication

, Hurliman, John wrote: > >-Original Message- > >From: opensim-dev-boun...@lists.berlios.de [mailto:opensim-dev- > >boun...@lists.berlios.de] On Behalf Of Diva Canto > >Sent: Monday, February 23, 2009 5:06 PM > >To: opensim-dev@lists.berlios.de &g

Re: [Opensim-dev] User Authentication

With all due respect to you and the people who find the problem of bounded interoperability interesting, that is not the problem I'm trying to solve. We have different goals. So, find a solution for your problem (not difficult, in my view, and it looks like you already found it), and those of u

Re: [Opensim-dev] User Authentication

x27; printed on it. Von: opensim-dev-boun...@lists.berlios.de [mailto:opensim-dev-boun...@lists.berlios.de] Im Auftrag von Diva Canto Gesendet: Dienstag, 24. Februar 2009 02:06 An: opensim-dev@lists.berlios.de Betreff: Re: [Opensim-dev] User Authentication Mark Malewski wrote:

Re: [Opensim-dev] User Authentication

ubject: Re: [Opensim-dev] User Authentication Right. The constraint here, let's not forget, is that we want to continue to reuse the LL viewer for a while. I'm going to read that doc about OpenID tokens, but if it requires participation from the viewer, forget it... We are and will c

Re: [Opensim-dev] User Authentication

om: d...@metaverseink.com To: opensim-dev@lists.berlios.de Subject: Re: [Opensim-dev] User Authentication Right. The constraint here, let's not forget, is that we want to continue to reuse the LL viewer for a while. I'm going to read that doc about OpenID tokens, but if it requires particip

Re: [Opensim-dev] User Authentication

n:* opensim-dev-boun...@lists.berlios.de [mailto:opensim-dev-boun...@lists.berlios.de] *Im Auftrag von *Diva Canto *Gesendet:* Dienstag, 24. Februar 2009 02:06 *An:* opensim-dev@lists.berlios.de *Betreff:* Re: [Opensim-dev] User Authentication Mark Malewski wrote: Just to clarify... /*> Grid

Re: [Opensim-dev] User Authentication

Thanks for all these ideas. As usual, talking throws everything up in the air, then it's up to whoever wants to act to pick up the interesting bits. Here's my summary and proposed action items. User authentication / security is a critical thing in interoperability, and it requires a serious com

Re: [Opensim-dev] User Authentication

Hi, On Tue, 24 Feb 2009 19:54:16 -0800 Diva Canto wrote: > * Within a few days: write a simple [optional] > UserAuthenticationModule along the lines of option a) that does the > following: upon a NewUserConnection, regions will check with the > incoming user's User server that the declared user

Re: [Opensim-dev] User Authentication

Mike Mazur wrote: Hi, On Tue, 24 Feb 2009 19:54:16 -0800 Diva Canto wrote: * Within a few days: write a simple [optional] UserAuthenticationModule along the lines of option a) that does the following: upon a NewUserConnection, regions will check with the incoming user's User server that t

Re: [Opensim-dev] User Authentication

Behalf Of Diva Canto Sent: Tuesday, 24 February 2009 9:03 PM To: opensim-dev@lists.berlios.de Subject: Re: [Opensim-dev] User Authentication Mike Mazur wrote: Hi, On Tue, 24 Feb 2009 19:54:16 -0800 Diva Canto <mailto:d...@metaverseink.com> wrote: * Within a few days: write a simple [op

Re: [Opensim-dev] User Authentication

pproach has worked well for us and our clients. > > > Most of the code for these options are actually already out there in various > scattered projects. > > > Best regards, > Stefan Andersson > Tribal Media AB > > > > > > > Date: Mon, 23 Feb

Re: [Opensim-dev] User Authentication

data.com > To: opensim-dev@lists.berlios.de > Subject: Re: [Opensim-dev] User Authentication > > Hi, > > extra Client-Software may work well for Tribal, but who would want > to maintain Windows, Linux and Mac versions of this? > I believe Tribal's launcher is Windows

Re: [Opensim-dev] User Authentication

packets in too. Adam *From:* opensim-dev-boun...@lists.berlios.de [mailto:opensim-dev-boun...@lists.berlios.de] *On Behalf Of *Diva Canto *Sent:* Tuesday, 24 February 2009 9:03 PM *To:* opensim-dev@lists.berlios.de *Subject:* Re: [Opensim-dev] User Authentication Mike Mazur wrote: Hi,

Re: [Opensim-dev] User Authentication

regards, Stefan Andersson Tribal Media AB > Date: Wed, 25 Feb 2009 08:13:48 + > From: mela...@t-data.com > To: opensim-dev@lists.berlios.de > Subject: Re: [Opensim-dev] User Authentication > > Hi, > > extra Client-Software may work well for Tribal, but who would want >

Re: [Opensim-dev] User Authentication

Diva Canto wrote: > Mike Mazur wrote: >> Hi, >> >> On Tue, 24 Feb 2009 19:54:16 -0800 >> Diva Canto wrote: >> >> >>> * Within a few days: write a simple [optional] >>> UserAuthenticationModule along the lines of option a) that does the >>> following: upon a NewUserConnection, regions will che

Re: [Opensim-dev] User Authentication

Justin Clark-Casey wrote: Just so I'm clear, your new scheme proposes the following steps? 1) When a client enters a new region (whether by initial login, teleport or region crossing), the region server will ask the user server if the IP given by the client matches that which it has previously

Re: [Opensim-dev] User Authentication

>-Original Message- >From: opensim-dev-boun...@lists.berlios.de [mailto:opensim-dev- >boun...@lists.berlios.de] On Behalf Of Justin Clark-Casey >Sent: Wednesday, February 25, 2009 9:18 AM >To: opensim-dev@lists.berlios.de >Subject: Re: [Opensim-dev] User Authentication &

Re: [Opensim-dev] User Authentication

s.de] On Behalf Of Justin Clark-Casey Sent: Wednesday, February 25, 2009 9:18 AM To: opensim-dev@lists.berlios.de Subject: Re: [Opensim-dev] User Authentication Diva Canto wrote: Mike Mazur wrote: Hi, On Tue, 24 Feb 2009 19:54:16 -0800 Diva Canto wrote: * Within a

Re: [Opensim-dev] User Authentication

Diva Canto wrote: > Justin Clark-Casey wrote: >> Just so I'm clear, your new scheme proposes the following steps? >> 1) When a client enters a new region (whether by initial login, teleport or >> region crossing), the region server will >> ask the user server if the IP given by the client matche

Re: [Opensim-dev] User Authentication

gt;> From: opensim-dev-boun...@lists.berlios.de [mailto:opensim-dev- >>> boun...@lists.berlios.de] On Behalf Of Justin Clark-Casey >>> Sent: Wednesday, February 25, 2009 9:18 AM >>> To: opensim-dev@lists.berlios.de >>> Subject: Re: [Opensim-dev] User Authentication >>>

Re: [Opensim-dev] User Authentication

Justin Clark-Casey wrote: > I must admit, I'm surprised that the spoofer can receive the packet at all if > it's being sent to the IP given (the > spoofed one). But I shall bow to those with superior raw sockets knowledge > than myself The spoofer can't receive the packet sent from the server,

Re: [Opensim-dev] User Authentication

Diva Canto wrote: > Justin Clark-Casey wrote: >> I must admit, I'm surprised that the spoofer can receive the packet at all >> if it's being sent to the IP given (the >> spoofed one). But I shall bow to those with superior raw sockets knowledge >> than myself > > The spoofer can't receive the

Re: [Opensim-dev] User Authentication

Melanie wrote: > Hi, > > extra Client-Software may work well for Tribal, but who would want > to maintain Windows, Linux and Mac versions of this? > I believe Tribal's launcher is Windows only, that makes it somewhat > easier, but seeing that many devs are on Linux, locking out all > Linuxers l

Re: [Opensim-dev] User Authentication

Stefan Andersson wrote: > Melanie, > > I wasn't suggesting the use of our client software, I was describing a > solution that has worked well for us. I believe that there are some > issues that simply can't be solved with an unhacked sl viewer, and this > would be a nice base to work around it. >