Add the ability for gods to impersonate users. For this, bit 6 needs to be

set in the target's UserFlags and the impersonator must have UserLevel 200 or above. The user can then log in using the target's name and their own password.
author: Melanie 2010-11-25 20:34:55 +0100
committer: Melanie 2010-11-25 20:34:55 +0100
commit: ee9aca9c5270e22407c3aa4aa96c76ca92f90bb9 (patch)
tree: bae269d89f90c22159946c494048293d1c6a9aa8 /OpenSim/Services/AuthenticationService
parent: Export the module interface for restart (diff)
download: opensim-SC_OLD-ee9aca9c5270e22407c3aa4aa96c76ca92f90bb9.zip
opensim-SC_OLD-ee9aca9c5270e22407c3aa4aa96c76ca92f90bb9.tar.gz
opensim-SC_OLD-ee9aca9c5270e22407c3aa4aa96c76ca92f90bb9.tar.bz2
opensim-SC_OLD-ee9aca9c5270e22407c3aa4aa96c76ca92f90bb9.tar.xz
3 files changed, 68 insertions, 7 deletions
diff --git a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
index edc1097..5980f0c 100644
--- a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
+++ b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
@@ -31,6 +31,8 @@ using log4net;
 using Nini.Config;
 using System.Reflection;
 using OpenSim.Services.Base;
+using OpenSim.Server.Base;
+using OpenSim.Services.Interfaces;
 using OpenSim.Data;
 using OpenSim.Framework;
@@ -49,6 +51,12 @@ namespace OpenSim.Services.AuthenticationService
                MethodBase.GetCurrentMethod().DeclaringType);
 
        protected IAuthenticationData m_Database;
+        protected IUserAccountService m_UserAccountService = null;
+        public AuthenticationServiceBase(IConfigSource config, IUserAccountService acct) : this(config)
+        {
+            m_UserAccountService = acct;
+        }
        public AuthenticationServiceBase(IConfigSource config) : base(config)
        {
diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
index 17619ff..cf7496f 100644
--- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -51,6 +51,12 @@ namespace OpenSim.Services.AuthenticationService
                LogManager.GetLogger(
                MethodBase.GetCurrentMethod().DeclaringType);
 
+        public PasswordAuthenticationService(IConfigSource config, IUserAccountService userService) :
+                base(config, userService)
+        {
+            m_log.Debug("[AUTH SERVICE]: Started with User Account access");
+        }
        public PasswordAuthenticationService(IConfigSource config) :
                base(config)
        {
@@ -58,28 +64,70 @@ namespace OpenSim.Services.AuthenticationService
        public string Authenticate(UUID principalID, string password, int lifetime)
        {
+            m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}, user account service present: {1}", principalID, m_UserAccountService != null);
            AuthenticationData data = m_Database.Get(principalID);
+            UserAccount user = null;
+            if (m_UserAccountService != null)
+                user = m_UserAccountService.GetUserAccount(UUID.Zero, principalID);
+            if (data == null || data.Data == null)
+            {
+                m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);
+                return String.Empty;
+            }
+            if (!data.Data.ContainsKey("passwordHash") ||
+                !data.Data.ContainsKey("passwordSalt"))
+            {
+                return String.Empty;
+            }
+            string hashed = Util.Md5Hash(password + ":" +
+                    data.Data["passwordSalt"].ToString());
+            m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
-            if (data != null && data.Data != null)
+            if (data.Data["passwordHash"].ToString() == hashed)
            {
-                if (!data.Data.ContainsKey("passwordHash") ||
+                return GetToken(principalID, lifetime);
+            }
+            if (user == null)
+            {
+                m_log.DebugFormat("[PASS AUTH]: No user record for {0}", principalID);
+                return String.Empty;
+            }
+            int impersonateFlag = 1 << 6;
+            if ((user.UserFlags & impersonateFlag) == 0)
+                return String.Empty;
+            List<UserAccount> accounts = m_UserAccountService.GetUserAccountsWhere(UUID.Zero, "UserLevel >= 200");
+            if (accounts == null || accounts.Count == 0)
+                return String.Empty;
+            foreach (UserAccount a in accounts)
+            {
+                data = m_Database.Get(a.PrincipalID);
+                if (data == null || data.Data == null ||
+                    !data.Data.ContainsKey("passwordHash") ||
                    !data.Data.ContainsKey("passwordSalt"))
                {
-                    return String.Empty;
+                    continue;
                }
-                string hashed = Util.Md5Hash(password + ":" +
+                hashed = Util.Md5Hash(password + ":" +
                        data.Data["passwordSalt"].ToString());
-                m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
                if (data.Data["passwordHash"].ToString() == hashed)
                {
+                    m_log.DebugFormat("[PASS AUTH]: {0} {1} impersonating {2}, proceeding with login", a.FirstName, a.LastName, principalID);
                    return GetToken(principalID, lifetime);
                }
            }
-            m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);
+            m_log.DebugFormat("[PASS AUTH]: Impersonation of {0} failed", principalID);
            return String.Empty;
        }
    }
diff --git a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
index d1a5b0f..6d9aae3 100644
--- a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
@@ -47,6 +47,11 @@ namespace OpenSim.Services.AuthenticationService
 //                LogManager.GetLogger(
 //                MethodBase.GetCurrentMethod().DeclaringType);
 
+        public WebkeyAuthenticationService(IConfigSource config, IUserAccountService userService) :
+                base(config, userService)
+        {
+        }
        public WebkeyAuthenticationService(IConfigSource config) :
                base(config)
        {
author	Melanie	2010-11-25 20:34:55 +0100
committer	Melanie	2010-11-25 20:34:55 +0100
commit	ee9aca9c5270e22407c3aa4aa96c76ca92f90bb9 (patch)
tree	bae269d89f90c22159946c494048293d1c6a9aa8 /OpenSim/Services/AuthenticationService
parent	Export the module interface for restart (diff)
download	opensim-SC_OLD-ee9aca9c5270e22407c3aa4aa96c76ca92f90bb9.zip opensim-SC_OLD-ee9aca9c5270e22407c3aa4aa96c76ca92f90bb9.tar.gz opensim-SC_OLD-ee9aca9c5270e22407c3aa4aa96c76ca92f90bb9.tar.bz2 opensim-SC_OLD-ee9aca9c5270e22407c3aa4aa96c76ca92f90bb9.tar.xz

diff --git a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs index edc1097..5980f0c 100644 --- a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs +++ b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
@@ -31,6 +31,8 @@ using log4net;
31	using Nini.Config;	31	using Nini.Config;
32	using System.Reflection;	32	using System.Reflection;
33	using OpenSim.Services.Base;	33	using OpenSim.Services.Base;
		34	using OpenSim.Server.Base;
		35	using OpenSim.Services.Interfaces;
34	using OpenSim.Data;	36	using OpenSim.Data;
35	using OpenSim.Framework;	37	using OpenSim.Framework;
36		38
@@ -49,6 +51,12 @@ namespace OpenSim.Services.AuthenticationService
49	MethodBase.GetCurrentMethod().DeclaringType);	51	MethodBase.GetCurrentMethod().DeclaringType);
50		52
51	protected IAuthenticationData m_Database;	53	protected IAuthenticationData m_Database;
		54	protected IUserAccountService m_UserAccountService = null;
		55
		56	public AuthenticationServiceBase(IConfigSource config, IUserAccountService acct) : this(config)
		57	{
		58	m_UserAccountService = acct;
		59	}
52		60
53	public AuthenticationServiceBase(IConfigSource config) : base(config)	61	public AuthenticationServiceBase(IConfigSource config) : base(config)
54	{	62	{


diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs index 17619ff..cf7496f 100644 --- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs +++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -51,6 +51,12 @@ namespace OpenSim.Services.AuthenticationService
51	LogManager.GetLogger(	51	LogManager.GetLogger(
52	MethodBase.GetCurrentMethod().DeclaringType);	52	MethodBase.GetCurrentMethod().DeclaringType);
53		53
		54	public PasswordAuthenticationService(IConfigSource config, IUserAccountService userService) :
		55	base(config, userService)
		56	{
		57	m_log.Debug("[AUTH SERVICE]: Started with User Account access");
		58	}
		59
54	public PasswordAuthenticationService(IConfigSource config) :	60	public PasswordAuthenticationService(IConfigSource config) :
55	base(config)	61	base(config)
56	{	62	{
@@ -58,28 +64,70 @@ namespace OpenSim.Services.AuthenticationService
58		64
59	public string Authenticate(UUID principalID, string password, int lifetime)	65	public string Authenticate(UUID principalID, string password, int lifetime)
60	{	66	{
		67	m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}, user account service present: {1}", principalID, m_UserAccountService != null);
61	AuthenticationData data = m_Database.Get(principalID);	68	AuthenticationData data = m_Database.Get(principalID);
		69	UserAccount user = null;
		70	if (m_UserAccountService != null)
		71	user = m_UserAccountService.GetUserAccount(UUID.Zero, principalID);
		72
		73	if (data == null \|\| data.Data == null)
		74	{
		75	m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);
		76	return String.Empty;
		77	}
		78
		79	if (!data.Data.ContainsKey("passwordHash") \|\|
		80	!data.Data.ContainsKey("passwordSalt"))
		81	{
		82	return String.Empty;
		83	}
		84
		85	string hashed = Util.Md5Hash(password + ":" +
		86	data.Data["passwordSalt"].ToString());
		87
		88	m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
62		89
63	if (data != null && data.Data != null)	90	if (data.Data["passwordHash"].ToString() == hashed)
64	{	91	{
65	if (!data.Data.ContainsKey("passwordHash") \|\|	92	return GetToken(principalID, lifetime);
		93	}
		94
		95	if (user == null)
		96	{
		97	m_log.DebugFormat("[PASS AUTH]: No user record for {0}", principalID);
		98	return String.Empty;
		99	}
		100
		101	int impersonateFlag = 1 << 6;
		102
		103	if ((user.UserFlags & impersonateFlag) == 0)
		104	return String.Empty;
		105
		106	List<UserAccount> accounts = m_UserAccountService.GetUserAccountsWhere(UUID.Zero, "UserLevel >= 200");
		107	if (accounts == null \|\| accounts.Count == 0)
		108	return String.Empty;
		109
		110	foreach (UserAccount a in accounts)
		111	{
		112	data = m_Database.Get(a.PrincipalID);
		113	if (data == null \|\| data.Data == null \|\|
		114	!data.Data.ContainsKey("passwordHash") \|\|
66	!data.Data.ContainsKey("passwordSalt"))	115	!data.Data.ContainsKey("passwordSalt"))
67	{	116	{
68	return String.Empty;	117	continue;
69	}	118	}
70		119
71	string hashed = Util.Md5Hash(password + ":" +	120	hashed = Util.Md5Hash(password + ":" +
72	data.Data["passwordSalt"].ToString());	121	data.Data["passwordSalt"].ToString());
73		122
74	m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
75
76	if (data.Data["passwordHash"].ToString() == hashed)	123	if (data.Data["passwordHash"].ToString() == hashed)
77	{	124	{
		125	m_log.DebugFormat("[PASS AUTH]: {0} {1} impersonating {2}, proceeding with login", a.FirstName, a.LastName, principalID);
78	return GetToken(principalID, lifetime);	126	return GetToken(principalID, lifetime);
79	}	127	}
80	}	128	}
81		129
82	m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);	130	m_log.DebugFormat("[PASS AUTH]: Impersonation of {0} failed", principalID);
83	return String.Empty;	131	return String.Empty;
84	}	132	}
85	}	133	}


diff --git a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs index d1a5b0f..6d9aae3 100644 --- a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs +++ b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
@@ -47,6 +47,11 @@ namespace OpenSim.Services.AuthenticationService
47	// LogManager.GetLogger(	47	// LogManager.GetLogger(
48	// MethodBase.GetCurrentMethod().DeclaringType);	48	// MethodBase.GetCurrentMethod().DeclaringType);
49		49
		50	public WebkeyAuthenticationService(IConfigSource config, IUserAccountService userService) :
		51	base(config, userService)
		52	{
		53	}
		54
50	public WebkeyAuthenticationService(IConfigSource config) :	55	public WebkeyAuthenticationService(IConfigSource config) :
51	base(config)	56	base(config)
52	{	57	{