diff options
author | Melanie | 2010-11-25 20:34:55 +0100 |
---|---|---|
committer | Melanie | 2010-11-25 20:34:55 +0100 |
commit | ee9aca9c5270e22407c3aa4aa96c76ca92f90bb9 (patch) | |
tree | bae269d89f90c22159946c494048293d1c6a9aa8 /OpenSim/Services/AuthenticationService | |
parent | Export the module interface for restart (diff) | |
download | opensim-SC-ee9aca9c5270e22407c3aa4aa96c76ca92f90bb9.zip opensim-SC-ee9aca9c5270e22407c3aa4aa96c76ca92f90bb9.tar.gz opensim-SC-ee9aca9c5270e22407c3aa4aa96c76ca92f90bb9.tar.bz2 opensim-SC-ee9aca9c5270e22407c3aa4aa96c76ca92f90bb9.tar.xz |
Add the ability for gods to impersonate users. For this, bit 6 needs to be
set in the target's UserFlags and the impersonator must have UserLevel 200
or above. The user can then log in using the target's name and their own
password.
Diffstat (limited to '')
3 files changed, 68 insertions, 7 deletions
diff --git a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs index edc1097..5980f0c 100644 --- a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs +++ b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs | |||
@@ -31,6 +31,8 @@ using log4net; | |||
31 | using Nini.Config; | 31 | using Nini.Config; |
32 | using System.Reflection; | 32 | using System.Reflection; |
33 | using OpenSim.Services.Base; | 33 | using OpenSim.Services.Base; |
34 | using OpenSim.Server.Base; | ||
35 | using OpenSim.Services.Interfaces; | ||
34 | using OpenSim.Data; | 36 | using OpenSim.Data; |
35 | using OpenSim.Framework; | 37 | using OpenSim.Framework; |
36 | 38 | ||
@@ -49,6 +51,12 @@ namespace OpenSim.Services.AuthenticationService | |||
49 | MethodBase.GetCurrentMethod().DeclaringType); | 51 | MethodBase.GetCurrentMethod().DeclaringType); |
50 | 52 | ||
51 | protected IAuthenticationData m_Database; | 53 | protected IAuthenticationData m_Database; |
54 | protected IUserAccountService m_UserAccountService = null; | ||
55 | |||
56 | public AuthenticationServiceBase(IConfigSource config, IUserAccountService acct) : this(config) | ||
57 | { | ||
58 | m_UserAccountService = acct; | ||
59 | } | ||
52 | 60 | ||
53 | public AuthenticationServiceBase(IConfigSource config) : base(config) | 61 | public AuthenticationServiceBase(IConfigSource config) : base(config) |
54 | { | 62 | { |
diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs index 17619ff..cf7496f 100644 --- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs +++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs | |||
@@ -51,6 +51,12 @@ namespace OpenSim.Services.AuthenticationService | |||
51 | LogManager.GetLogger( | 51 | LogManager.GetLogger( |
52 | MethodBase.GetCurrentMethod().DeclaringType); | 52 | MethodBase.GetCurrentMethod().DeclaringType); |
53 | 53 | ||
54 | public PasswordAuthenticationService(IConfigSource config, IUserAccountService userService) : | ||
55 | base(config, userService) | ||
56 | { | ||
57 | m_log.Debug("[AUTH SERVICE]: Started with User Account access"); | ||
58 | } | ||
59 | |||
54 | public PasswordAuthenticationService(IConfigSource config) : | 60 | public PasswordAuthenticationService(IConfigSource config) : |
55 | base(config) | 61 | base(config) |
56 | { | 62 | { |
@@ -58,28 +64,70 @@ namespace OpenSim.Services.AuthenticationService | |||
58 | 64 | ||
59 | public string Authenticate(UUID principalID, string password, int lifetime) | 65 | public string Authenticate(UUID principalID, string password, int lifetime) |
60 | { | 66 | { |
67 | m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}, user account service present: {1}", principalID, m_UserAccountService != null); | ||
61 | AuthenticationData data = m_Database.Get(principalID); | 68 | AuthenticationData data = m_Database.Get(principalID); |
69 | UserAccount user = null; | ||
70 | if (m_UserAccountService != null) | ||
71 | user = m_UserAccountService.GetUserAccount(UUID.Zero, principalID); | ||
72 | |||
73 | if (data == null || data.Data == null) | ||
74 | { | ||
75 | m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID); | ||
76 | return String.Empty; | ||
77 | } | ||
78 | |||
79 | if (!data.Data.ContainsKey("passwordHash") || | ||
80 | !data.Data.ContainsKey("passwordSalt")) | ||
81 | { | ||
82 | return String.Empty; | ||
83 | } | ||
84 | |||
85 | string hashed = Util.Md5Hash(password + ":" + | ||
86 | data.Data["passwordSalt"].ToString()); | ||
87 | |||
88 | m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString()); | ||
62 | 89 | ||
63 | if (data != null && data.Data != null) | 90 | if (data.Data["passwordHash"].ToString() == hashed) |
64 | { | 91 | { |
65 | if (!data.Data.ContainsKey("passwordHash") || | 92 | return GetToken(principalID, lifetime); |
93 | } | ||
94 | |||
95 | if (user == null) | ||
96 | { | ||
97 | m_log.DebugFormat("[PASS AUTH]: No user record for {0}", principalID); | ||
98 | return String.Empty; | ||
99 | } | ||
100 | |||
101 | int impersonateFlag = 1 << 6; | ||
102 | |||
103 | if ((user.UserFlags & impersonateFlag) == 0) | ||
104 | return String.Empty; | ||
105 | |||
106 | List<UserAccount> accounts = m_UserAccountService.GetUserAccountsWhere(UUID.Zero, "UserLevel >= 200"); | ||
107 | if (accounts == null || accounts.Count == 0) | ||
108 | return String.Empty; | ||
109 | |||
110 | foreach (UserAccount a in accounts) | ||
111 | { | ||
112 | data = m_Database.Get(a.PrincipalID); | ||
113 | if (data == null || data.Data == null || | ||
114 | !data.Data.ContainsKey("passwordHash") || | ||
66 | !data.Data.ContainsKey("passwordSalt")) | 115 | !data.Data.ContainsKey("passwordSalt")) |
67 | { | 116 | { |
68 | return String.Empty; | 117 | continue; |
69 | } | 118 | } |
70 | 119 | ||
71 | string hashed = Util.Md5Hash(password + ":" + | 120 | hashed = Util.Md5Hash(password + ":" + |
72 | data.Data["passwordSalt"].ToString()); | 121 | data.Data["passwordSalt"].ToString()); |
73 | 122 | ||
74 | m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString()); | ||
75 | |||
76 | if (data.Data["passwordHash"].ToString() == hashed) | 123 | if (data.Data["passwordHash"].ToString() == hashed) |
77 | { | 124 | { |
125 | m_log.DebugFormat("[PASS AUTH]: {0} {1} impersonating {2}, proceeding with login", a.FirstName, a.LastName, principalID); | ||
78 | return GetToken(principalID, lifetime); | 126 | return GetToken(principalID, lifetime); |
79 | } | 127 | } |
80 | } | 128 | } |
81 | 129 | ||
82 | m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID); | 130 | m_log.DebugFormat("[PASS AUTH]: Impersonation of {0} failed", principalID); |
83 | return String.Empty; | 131 | return String.Empty; |
84 | } | 132 | } |
85 | } | 133 | } |
diff --git a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs index d1a5b0f..6d9aae3 100644 --- a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs +++ b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs | |||
@@ -47,6 +47,11 @@ namespace OpenSim.Services.AuthenticationService | |||
47 | // LogManager.GetLogger( | 47 | // LogManager.GetLogger( |
48 | // MethodBase.GetCurrentMethod().DeclaringType); | 48 | // MethodBase.GetCurrentMethod().DeclaringType); |
49 | 49 | ||
50 | public WebkeyAuthenticationService(IConfigSource config, IUserAccountService userService) : | ||
51 | base(config, userService) | ||
52 | { | ||
53 | } | ||
54 | |||
50 | public WebkeyAuthenticationService(IConfigSource config) : | 55 | public WebkeyAuthenticationService(IConfigSource config) : |
51 | base(config) | 56 | base(config) |
52 | { | 57 | { |