aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Services/AuthenticationService
diff options
context:
space:
mode:
Diffstat (limited to 'OpenSim/Services/AuthenticationService')
-rw-r--r--OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs9
-rw-r--r--OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs91
-rw-r--r--OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs12
-rw-r--r--OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs16
4 files changed, 106 insertions, 22 deletions
diff --git a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
index 229f557..e42f9a0 100644
--- a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
+++ b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
@@ -30,10 +30,11 @@ using OpenMetaverse;
30using log4net; 30using log4net;
31using Nini.Config; 31using Nini.Config;
32using System.Reflection; 32using System.Reflection;
33using OpenSim.Server.Base;
34using OpenSim.Services.Interfaces;
33using OpenSim.Data; 35using OpenSim.Data;
34using OpenSim.Framework; 36using OpenSim.Framework;
35using OpenSim.Services.Base; 37using OpenSim.Services.Base;
36using OpenSim.Services.Interfaces;
37 38
38namespace OpenSim.Services.AuthenticationService 39namespace OpenSim.Services.AuthenticationService
39{ 40{
@@ -50,6 +51,12 @@ namespace OpenSim.Services.AuthenticationService
50 MethodBase.GetCurrentMethod().DeclaringType); 51 MethodBase.GetCurrentMethod().DeclaringType);
51 52
52 protected IAuthenticationData m_Database; 53 protected IAuthenticationData m_Database;
54 protected IUserAccountService m_UserAccountService = null;
55
56 public AuthenticationServiceBase(IConfigSource config, IUserAccountService acct) : this(config)
57 {
58 m_UserAccountService = acct;
59 }
53 60
54 public AuthenticationServiceBase(IConfigSource config) : base(config) 61 public AuthenticationServiceBase(IConfigSource config) : base(config)
55 { 62 {
diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
index 5f1bde1..9d12d47 100644
--- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -51,6 +51,12 @@ namespace OpenSim.Services.AuthenticationService
51 LogManager.GetLogger( 51 LogManager.GetLogger(
52 MethodBase.GetCurrentMethod().DeclaringType); 52 MethodBase.GetCurrentMethod().DeclaringType);
53 53
54 public PasswordAuthenticationService(IConfigSource config, IUserAccountService userService) :
55 base(config, userService)
56 {
57 m_log.Debug("[AUTH SERVICE]: Started with User Account access");
58 }
59
54 public PasswordAuthenticationService(IConfigSource config) : 60 public PasswordAuthenticationService(IConfigSource config) :
55 base(config) 61 base(config)
56 { 62 {
@@ -58,42 +64,91 @@ namespace OpenSim.Services.AuthenticationService
58 64
59 public string Authenticate(UUID principalID, string password, int lifetime) 65 public string Authenticate(UUID principalID, string password, int lifetime)
60 { 66 {
67 UUID realID;
68
69 return Authenticate(principalID, password, lifetime, out realID);
70 }
71
72 public string Authenticate(UUID principalID, string password, int lifetime, out UUID realID)
73 {
74 realID = UUID.Zero;
75
76 m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}, user account service present: {1}", principalID, m_UserAccountService != null);
61 AuthenticationData data = m_Database.Get(principalID); 77 AuthenticationData data = m_Database.Get(principalID);
78 UserAccount user = null;
79 if (m_UserAccountService != null)
80 user = m_UserAccountService.GetUserAccount(UUID.Zero, principalID);
62 81
63 if (data == null) 82 if (data == null || data.Data == null)
64 { 83 {
65 m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} not found", principalID); 84 m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);
66 return String.Empty; 85 return String.Empty;
67 } 86 }
68 else if (data.Data == null) 87
88 if (!data.Data.ContainsKey("passwordHash") ||
89 !data.Data.ContainsKey("passwordSalt"))
69 { 90 {
70 m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} data not found", principalID);
71 return String.Empty; 91 return String.Empty;
72 } 92 }
73 else if (!data.Data.ContainsKey("passwordHash") || !data.Data.ContainsKey("passwordSalt")) 93
94 string hashed = Util.Md5Hash(password + ":" +
95 data.Data["passwordSalt"].ToString());
96
97 m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
98
99 if (data.Data["passwordHash"].ToString() == hashed)
100 {
101 return GetToken(principalID, lifetime);
102 }
103
104 if (user == null)
74 { 105 {
75 m_log.DebugFormat( 106 m_log.DebugFormat("[PASS AUTH]: No user record for {0}", principalID);
76 "[AUTH SERVICE]: PrincipalID {0} data didn't contain either passwordHash or passwordSalt", principalID);
77 return String.Empty; 107 return String.Empty;
78 } 108 }
79 else 109
110 int impersonateFlag = 1 << 6;
111
112 if ((user.UserFlags & impersonateFlag) == 0)
113 return String.Empty;
114
115 m_log.DebugFormat("[PASS AUTH]: Attempting impersonation");
116
117 List<UserAccount> accounts = m_UserAccountService.GetUserAccountsWhere(UUID.Zero, "UserLevel >= 200");
118 if (accounts == null || accounts.Count == 0)
119 return String.Empty;
120
121 foreach (UserAccount a in accounts)
80 { 122 {
81 string hashed = Util.Md5Hash(password + ":" + data.Data["passwordSalt"].ToString()); 123 data = m_Database.Get(a.PrincipalID);
124 if (data == null || data.Data == null ||
125 !data.Data.ContainsKey("passwordHash") ||
126 !data.Data.ContainsKey("passwordSalt"))
127 {
128 continue;
129 }
130
131// m_log.DebugFormat("[PASS AUTH]: Trying {0}", data.PrincipalID);
82 132
83 m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString()); 133 hashed = Util.Md5Hash(password + ":" +
134 data.Data["passwordSalt"].ToString());
84 135
85 if (data.Data["passwordHash"].ToString() == hashed) 136 if (data.Data["passwordHash"].ToString() == hashed)
86 { 137 {
138 m_log.DebugFormat("[PASS AUTH]: {0} {1} impersonating {2}, proceeding with login", a.FirstName, a.LastName, principalID);
139 realID = a.PrincipalID;
87 return GetToken(principalID, lifetime); 140 return GetToken(principalID, lifetime);
88 } 141 }
89 else 142// else
90 { 143// {
91 m_log.DebugFormat( 144// m_log.DebugFormat(
92 "[AUTH SERVICE]: Salted hash {0} of given password did not match salted hash of {1} for PrincipalID {2}. Authentication failure.", 145// "[AUTH SERVICE]: Salted hash {0} of given password did not match salted hash of {1} for PrincipalID {2}. Authentication failure.",
93 hashed, data.Data["passwordHash"], principalID); 146// hashed, data.Data["passwordHash"], data.PrincipalID);
94 return String.Empty; 147// }
95 }
96 } 148 }
149
150 m_log.DebugFormat("[PASS AUTH]: Impersonation of {0} failed", principalID);
151 return String.Empty;
97 } 152 }
98 } 153 }
99} \ No newline at end of file 154}
diff --git a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
index 2344c0e..47b4fa6 100644
--- a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
@@ -49,12 +49,24 @@ namespace OpenSim.Services.AuthenticationService
49 private static readonly ILog m_log = 49 private static readonly ILog m_log =
50 LogManager.GetLogger( 50 LogManager.GetLogger(
51 MethodBase.GetCurrentMethod().DeclaringType); 51 MethodBase.GetCurrentMethod().DeclaringType);
52
53 public WebkeyAuthenticationService(IConfigSource config, IUserAccountService userService) :
54 base(config, userService)
55 {
56 }
52 57
53 public WebkeyAuthenticationService(IConfigSource config) : 58 public WebkeyAuthenticationService(IConfigSource config) :
54 base(config) 59 base(config)
55 { 60 {
56 } 61 }
57 62
63 public string Authenticate(UUID principalID, string password, int lifetime, out UUID realID)
64 {
65 realID = UUID.Zero;
66
67 return Authenticate(principalID, password, lifetime);
68 }
69
58 public string Authenticate(UUID principalID, string password, int lifetime) 70 public string Authenticate(UUID principalID, string password, int lifetime)
59 { 71 {
60 if (new UUID(password) == UUID.Zero) 72 if (new UUID(password) == UUID.Zero)
diff --git a/OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs
index 2c6cebd..7fbf36d 100644
--- a/OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs
@@ -55,6 +55,13 @@ namespace OpenSim.Services.AuthenticationService
55 55
56 public string Authenticate(UUID principalID, string password, int lifetime) 56 public string Authenticate(UUID principalID, string password, int lifetime)
57 { 57 {
58 UUID realID;
59
60 return Authenticate(principalID, password, lifetime, out realID);
61 }
62
63 public string Authenticate(UUID principalID, string password, int lifetime, out UUID realID)
64 {
58 AuthenticationData data = m_Database.Get(principalID); 65 AuthenticationData data = m_Database.Get(principalID);
59 string result = String.Empty; 66 string result = String.Empty;
60 if (data != null && data.Data != null) 67 if (data != null && data.Data != null)
@@ -62,7 +69,7 @@ namespace OpenSim.Services.AuthenticationService
62 if (data.Data.ContainsKey("webLoginKey")) 69 if (data.Data.ContainsKey("webLoginKey"))
63 { 70 {
64 m_log.DebugFormat("[AUTH SERVICE]: Attempting web key authentication for PrincipalID {0}", principalID); 71 m_log.DebugFormat("[AUTH SERVICE]: Attempting web key authentication for PrincipalID {0}", principalID);
65 result = m_svcChecks["web_login_key"].Authenticate(principalID, password, lifetime); 72 result = m_svcChecks["web_login_key"].Authenticate(principalID, password, lifetime, out realID);
66 if (result == String.Empty) 73 if (result == String.Empty)
67 { 74 {
68 m_log.DebugFormat("[AUTH SERVICE]: Web Login failed for PrincipalID {0}", principalID); 75 m_log.DebugFormat("[AUTH SERVICE]: Web Login failed for PrincipalID {0}", principalID);
@@ -71,12 +78,15 @@ namespace OpenSim.Services.AuthenticationService
71 if (result == string.Empty && data.Data.ContainsKey("passwordHash") && data.Data.ContainsKey("passwordSalt")) 78 if (result == string.Empty && data.Data.ContainsKey("passwordHash") && data.Data.ContainsKey("passwordSalt"))
72 { 79 {
73 m_log.DebugFormat("[AUTH SERVICE]: Attempting password authentication for PrincipalID {0}", principalID); 80 m_log.DebugFormat("[AUTH SERVICE]: Attempting password authentication for PrincipalID {0}", principalID);
74 result = m_svcChecks["password"].Authenticate(principalID, password, lifetime); 81 result = m_svcChecks["password"].Authenticate(principalID, password, lifetime, out realID);
75 if (result == String.Empty) 82 if (result == String.Empty)
76 { 83 {
77 m_log.DebugFormat("[AUTH SERVICE]: Password login failed for PrincipalID {0}", principalID); 84 m_log.DebugFormat("[AUTH SERVICE]: Password login failed for PrincipalID {0}", principalID);
78 } 85 }
79 } 86 }
87
88 realID = UUID.Zero;
89
80 if (result == string.Empty) 90 if (result == string.Empty)
81 { 91 {
82 m_log.DebugFormat("[AUTH SERVICE]: Both password and webLoginKey-based authentication failed for PrincipalID {0}", principalID); 92 m_log.DebugFormat("[AUTH SERVICE]: Both password and webLoginKey-based authentication failed for PrincipalID {0}", principalID);
@@ -89,4 +99,4 @@ namespace OpenSim.Services.AuthenticationService
89 return result; 99 return result;
90 } 100 }
91 } 101 }
92} \ No newline at end of file 102}