Add option to allow remote http calls to setpassword in the AuthenticationService.

This is switched on by setting AllowSetPassword = true in the [AuthenticationService] section of Robust.ini or Robust.HG.ini Default is false as before.
author: Justin Clark-Casey (justincc) 2011-10-19 19:01:57 +0100
committer: Justin Clark-Casey (justincc) 2011-10-19 19:03:17 +0100
commit: d9184eceab5ff9087801b0f0d447dec2f5227a50 (patch)
tree: 18f4a8125c67fd86db53106f798b52296bb44ab3
parent: Slightly change log message in LoadRegionsPlugin (diff)
download: opensim-SC_OLD-d9184eceab5ff9087801b0f0d447dec2f5227a50.zip
opensim-SC_OLD-d9184eceab5ff9087801b0f0d447dec2f5227a50.tar.gz
opensim-SC_OLD-d9184eceab5ff9087801b0f0d447dec2f5227a50.tar.bz2
opensim-SC_OLD-d9184eceab5ff9087801b0f0d447dec2f5227a50.tar.xz
4 files changed, 58 insertions, 27 deletions
diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
index adb1e5b..848a037 100644
--- a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
+++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
@@ -58,7 +58,7 @@ namespace OpenSim.Server.Handlers.Authentication
            Object[] args = new Object[] { config };
            m_AuthenticationService = ServerUtils.LoadPlugin<IAuthenticationService>(authenticationService, args);
-            server.AddStreamHandler(new AuthenticationServerPostHandler(m_AuthenticationService));
+            server.AddStreamHandler(new AuthenticationServerPostHandler(m_AuthenticationService, serverConfig));
        }
    }
 }
diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
index 47bc860..ae71945 100644
--- a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
+++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
@@ -49,11 +49,20 @@ namespace OpenSim.Server.Handlers.Authentication
        // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
        private IAuthenticationService m_AuthenticationService;
+        private bool m_AllowSetPassword = false;
        public AuthenticationServerPostHandler(IAuthenticationService service) :
+                this(service, null) {}
+        public AuthenticationServerPostHandler(IAuthenticationService service, IConfig config) :
                base("POST", "/auth")
        {
            m_AuthenticationService = service;
+            if (config != null)
+            {
+                m_AllowSetPassword = config.GetBoolean("AllowSetPassword", m_AllowSetPassword);
+            }
        }
        public override byte[] Handle(string path, Stream request,
@@ -113,31 +122,45 @@ namespace OpenSim.Server.Handlers.Authentication
            switch (method)
            {
-            case "authenticate":
+                case "authenticate":
-                if (!request.ContainsKey("PASSWORD"))
+                    if (!request.ContainsKey("PASSWORD"))
+                        return FailureResult();
+                    
+                    token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"].ToString(), lifetime);
+    
+                    if (token != String.Empty)
+                        return SuccessResult(token);
                    return FailureResult();
-                
+    
-                token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"].ToString(), lifetime);
+                case "setpassword":
+                    if (!m_AllowSetPassword)
-                if (token != String.Empty)
+                        return FailureResult();
-                    return SuccessResult(token);
-                return FailureResult();
+                    if (!request.ContainsKey("PASSWORD"))
-            case "verify":
+                        return FailureResult();
-                if (!request.ContainsKey("TOKEN"))
+    
+                    if (m_AuthenticationService.SetPassword(principalID, request["PASSWORD"].ToString()))
+                        return SuccessResult();
+                    else
+                        return FailureResult();
+    
+                case "verify":
+                    if (!request.ContainsKey("TOKEN"))
+                        return FailureResult();
+                    
+                    if (m_AuthenticationService.Verify(principalID, request["TOKEN"].ToString(), lifetime))
+                        return SuccessResult();
+    
                    return FailureResult();
-                
+    
-                if (m_AuthenticationService.Verify(principalID, request["TOKEN"].ToString(), lifetime))
+                case "release":
-                    return SuccessResult();
+                    if (!request.ContainsKey("TOKEN"))
+                        return FailureResult();
-                return FailureResult();
+    
-            case "release":
+                    if (m_AuthenticationService.Release(principalID, request["TOKEN"].ToString()))
-                if (!request.ContainsKey("TOKEN"))
+                        return SuccessResult();
+    
                    return FailureResult();
-                if (m_AuthenticationService.Release(principalID, request["TOKEN"].ToString()))
-                    return SuccessResult();
-                return FailureResult();
            }
            return FailureResult();
diff --git a/bin/Robust.HG.ini.example b/bin/Robust.HG.ini.example
index 5958fc1..aed1d33 100644
--- a/bin/Robust.HG.ini.example
+++ b/bin/Robust.HG.ini.example
@@ -146,6 +146,10 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
    LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
    ; Realm = "useraccounts"
+    ;; Allow the service to process HTTP setpassword calls.
+    ;; Default is false.
+    ; AllowSetPassword = false
 [OpenIdService]
    ; for the server connector
    AuthenticationServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
@@ -173,11 +177,11 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
    ;; Default is false
    ; CreateDefaultAvatarEntries = false
-    ;; Allow the service to process HTTP create user calls.
+    ;; Allow the service to process HTTP createuser calls.
    ;; Default is false.
    ; AllowCreateUser = false
-    ;; Allow the service to process HTTP set account calls.
+    ;; Allow the service to process HTTP setaccount calls.
    ;; Default is false.
    ; AllowSetAccount = false
diff --git a/bin/Robust.ini.example b/bin/Robust.ini.example
index 2c8770a..522cc56 100644
--- a/bin/Robust.ini.example
+++ b/bin/Robust.ini.example
@@ -129,6 +129,10 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
    ; for the server connector
    LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
+    ;; Allow the service to process HTTP setpassword calls.
+    ;; Default is false.
+    ; AllowSetPassword = false
 [OpenIdService]
    ; for the server connector
    AuthenticationServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
@@ -156,11 +160,11 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
    ;; Default is false
    ; CreateDefaultAvatarEntries = false
-    ;; Allow the service to process HTTP create user calls.
+    ;; Allow the service to process HTTP createuser calls.
    ;; Default is false.
    ; AllowCreateUser = false
-    ;; Allow the service to process HTTP set account calls.
+    ;; Allow the service to process HTTP setaccount calls.
    ;; Default is false.
    ; AllowSetAccount = false
author	Justin Clark-Casey (justincc)	2011-10-19 19:01:57 +0100
committer	Justin Clark-Casey (justincc)	2011-10-19 19:03:17 +0100
commit	d9184eceab5ff9087801b0f0d447dec2f5227a50 (patch)
tree	18f4a8125c67fd86db53106f798b52296bb44ab3
parent	Slightly change log message in LoadRegionsPlugin (diff)
download	opensim-SC_OLD-d9184eceab5ff9087801b0f0d447dec2f5227a50.zip opensim-SC_OLD-d9184eceab5ff9087801b0f0d447dec2f5227a50.tar.gz opensim-SC_OLD-d9184eceab5ff9087801b0f0d447dec2f5227a50.tar.bz2 opensim-SC_OLD-d9184eceab5ff9087801b0f0d447dec2f5227a50.tar.xz

diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs index adb1e5b..848a037 100644 --- a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs +++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
@@ -58,7 +58,7 @@ namespace OpenSim.Server.Handlers.Authentication
58	Object[] args = new Object[] { config };	58	Object[] args = new Object[] { config };
59	m_AuthenticationService = ServerUtils.LoadPlugin<IAuthenticationService>(authenticationService, args);	59	m_AuthenticationService = ServerUtils.LoadPlugin<IAuthenticationService>(authenticationService, args);
60		60
61	server.AddStreamHandler(new AuthenticationServerPostHandler(m_AuthenticationService));	61	server.AddStreamHandler(new AuthenticationServerPostHandler(m_AuthenticationService, serverConfig));
62	}	62	}
63	}	63	}
64	}	64	}


diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs index 47bc860..ae71945 100644 --- a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs +++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
@@ -49,11 +49,20 @@ namespace OpenSim.Server.Handlers.Authentication
49	// private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);	49	// private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
50		50
51	private IAuthenticationService m_AuthenticationService;	51	private IAuthenticationService m_AuthenticationService;
		52	private bool m_AllowSetPassword = false;
52		53
53	public AuthenticationServerPostHandler(IAuthenticationService service) :	54	public AuthenticationServerPostHandler(IAuthenticationService service) :
		55	this(service, null) {}
		56
		57	public AuthenticationServerPostHandler(IAuthenticationService service, IConfig config) :
54	base("POST", "/auth")	58	base("POST", "/auth")
55	{	59	{
56	m_AuthenticationService = service;	60	m_AuthenticationService = service;
		61
		62	if (config != null)
		63	{
		64	m_AllowSetPassword = config.GetBoolean("AllowSetPassword", m_AllowSetPassword);
		65	}
57	}	66	}
58		67
59	public override byte[] Handle(string path, Stream request,	68	public override byte[] Handle(string path, Stream request,
@@ -113,31 +122,45 @@ namespace OpenSim.Server.Handlers.Authentication
113		122
114	switch (method)	123	switch (method)
115	{	124	{
116	case "authenticate":	125	case "authenticate":
117	if (!request.ContainsKey("PASSWORD"))	126	if (!request.ContainsKey("PASSWORD"))
		127	return FailureResult();
		128
		129	token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"].ToString(), lifetime);
		130
		131	if (token != String.Empty)
		132	return SuccessResult(token);
118	return FailureResult();	133	return FailureResult();
119		134
120	token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"].ToString(), lifetime);	135	case "setpassword":
121		136	if (!m_AllowSetPassword)
122	if (token != String.Empty)	137	return FailureResult();
123	return SuccessResult(token);	138
124	return FailureResult();	139	if (!request.ContainsKey("PASSWORD"))
125	case "verify":	140	return FailureResult();
126	if (!request.ContainsKey("TOKEN"))	141
		142	if (m_AuthenticationService.SetPassword(principalID, request["PASSWORD"].ToString()))
		143	return SuccessResult();
		144	else
		145	return FailureResult();
		146
		147	case "verify":
		148	if (!request.ContainsKey("TOKEN"))
		149	return FailureResult();
		150
		151	if (m_AuthenticationService.Verify(principalID, request["TOKEN"].ToString(), lifetime))
		152	return SuccessResult();
		153
127	return FailureResult();	154	return FailureResult();
128		155
129	if (m_AuthenticationService.Verify(principalID, request["TOKEN"].ToString(), lifetime))	156	case "release":
130	return SuccessResult();	157	if (!request.ContainsKey("TOKEN"))
131		158	return FailureResult();
132	return FailureResult();	159
133	case "release":	160	if (m_AuthenticationService.Release(principalID, request["TOKEN"].ToString()))
134	if (!request.ContainsKey("TOKEN"))	161	return SuccessResult();
		162
135	return FailureResult();	163	return FailureResult();
136
137	if (m_AuthenticationService.Release(principalID, request["TOKEN"].ToString()))
138	return SuccessResult();
139
140	return FailureResult();
141	}	164	}
142		165
143	return FailureResult();	166	return FailureResult();


diff --git a/bin/Robust.HG.ini.example b/bin/Robust.HG.ini.example index 5958fc1..aed1d33 100644 --- a/bin/Robust.HG.ini.example +++ b/bin/Robust.HG.ini.example
@@ -146,6 +146,10 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
146	LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"	146	LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
147	; Realm = "useraccounts"	147	; Realm = "useraccounts"
148		148
		149	;; Allow the service to process HTTP setpassword calls.
		150	;; Default is false.
		151	; AllowSetPassword = false
		152
149	[OpenIdService]	153	[OpenIdService]
150	; for the server connector	154	; for the server connector
151	AuthenticationServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"	155	AuthenticationServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
@@ -173,11 +177,11 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
173	;; Default is false	177	;; Default is false
174	; CreateDefaultAvatarEntries = false	178	; CreateDefaultAvatarEntries = false
175		179
176	;; Allow the service to process HTTP create user calls.	180	;; Allow the service to process HTTP createuser calls.
177	;; Default is false.	181	;; Default is false.
178	; AllowCreateUser = false	182	; AllowCreateUser = false
179		183
180	;; Allow the service to process HTTP set account calls.	184	;; Allow the service to process HTTP setaccount calls.
181	;; Default is false.	185	;; Default is false.
182	; AllowSetAccount = false	186	; AllowSetAccount = false
183		187


diff --git a/bin/Robust.ini.example b/bin/Robust.ini.example index 2c8770a..522cc56 100644 --- a/bin/Robust.ini.example +++ b/bin/Robust.ini.example
@@ -129,6 +129,10 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
129	; for the server connector	129	; for the server connector
130	LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"	130	LocalServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
131		131
		132	;; Allow the service to process HTTP setpassword calls.
		133	;; Default is false.
		134	; AllowSetPassword = false
		135
132	[OpenIdService]	136	[OpenIdService]
133	; for the server connector	137	; for the server connector
134	AuthenticationServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"	138	AuthenticationServiceModule = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
@@ -156,11 +160,11 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
156	;; Default is false	160	;; Default is false
157	; CreateDefaultAvatarEntries = false	161	; CreateDefaultAvatarEntries = false
158		162
159	;; Allow the service to process HTTP create user calls.	163	;; Allow the service to process HTTP createuser calls.
160	;; Default is false.	164	;; Default is false.
161	; AllowCreateUser = false	165	; AllowCreateUser = false
162		166
163	;; Allow the service to process HTTP set account calls.	167	;; Allow the service to process HTTP setaccount calls.
164	;; Default is false.	168	;; Default is false.
165	; AllowSetAccount = false	169	; AllowSetAccount = false
166		170