aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim
diff options
context:
space:
mode:
authorJustin Clark-Casey (justincc)2009-09-11 18:20:41 +0100
committerJustin Clark-Casey (justincc)2009-09-11 18:20:41 +0100
commitf20a052ef50761a08cade9902d0ffdbc643fad30 (patch)
treea48e496d23c5024dfacc774f4943e69cb174c02e /OpenSim
parentRemove bug where iar created folders could not be deleted after relog (diff)
parentmoved AuthorizationRequest and AuthorizationResponse to IAuthorizationService... (diff)
downloadopensim-SC_OLD-f20a052ef50761a08cade9902d0ffdbc643fad30.zip
opensim-SC_OLD-f20a052ef50761a08cade9902d0ffdbc643fad30.tar.gz
opensim-SC_OLD-f20a052ef50761a08cade9902d0ffdbc643fad30.tar.bz2
opensim-SC_OLD-f20a052ef50761a08cade9902d0ffdbc643fad30.tar.xz
Merge branch 'master' of ssh://justincc@opensimulator.org/var/git/opensim
Diffstat (limited to '')
-rw-r--r--OpenSim/Grid/UserServer.Modules/UserManager.cs1
-rw-r--r--OpenSim/Region/Communications/OGS1/OGS1UserDataPlugin.cs1
-rw-r--r--OpenSim/Region/CoreModules/Resources/CoreModulePlugin.addin.xml2
-rw-r--r--OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs141
-rw-r--r--OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/RemoteAuthorizationServiceConnector.cs155
-rw-r--r--OpenSim/Region/Framework/Scenes/Scene.cs31
-rw-r--r--OpenSim/Server/Handlers/Authorization/AuthorizationServerConnector.cs61
-rw-r--r--OpenSim/Server/Handlers/Authorization/AuthorizationServerPostHandler.cs72
-rw-r--r--OpenSim/Services/AuthorizationService/AuthorizationService.cs56
-rw-r--r--OpenSim/Services/AuthorizationService/AuthorizationServiceBase.cs83
-rw-r--r--OpenSim/Services/Connectors/Authorization/AuthorizationServiceConnector.cs117
-rw-r--r--OpenSim/Services/Interfaces/IAuthorizationService.cs144
12 files changed, 863 insertions, 1 deletions
diff --git a/OpenSim/Grid/UserServer.Modules/UserManager.cs b/OpenSim/Grid/UserServer.Modules/UserManager.cs
index 0320156..002f232 100644
--- a/OpenSim/Grid/UserServer.Modules/UserManager.cs
+++ b/OpenSim/Grid/UserServer.Modules/UserManager.cs
@@ -166,6 +166,7 @@ namespace OpenSim.Grid.UserServer.Modules
166 // Account information 166 // Account information
167 responseData["firstname"] = profile.FirstName; 167 responseData["firstname"] = profile.FirstName;
168 responseData["lastname"] = profile.SurName; 168 responseData["lastname"] = profile.SurName;
169 responseData["email"] = profile.Email;
169 responseData["uuid"] = profile.ID.ToString(); 170 responseData["uuid"] = profile.ID.ToString();
170 // Server Information 171 // Server Information
171 responseData["server_inventory"] = profile.UserInventoryURI; 172 responseData["server_inventory"] = profile.UserInventoryURI;
diff --git a/OpenSim/Region/Communications/OGS1/OGS1UserDataPlugin.cs b/OpenSim/Region/Communications/OGS1/OGS1UserDataPlugin.cs
index ec8512a..adc12aa 100644
--- a/OpenSim/Region/Communications/OGS1/OGS1UserDataPlugin.cs
+++ b/OpenSim/Region/Communications/OGS1/OGS1UserDataPlugin.cs
@@ -651,6 +651,7 @@ namespace OpenSim.Region.Communications.OGS1
651 UserProfileData userData = new UserProfileData(); 651 UserProfileData userData = new UserProfileData();
652 userData.FirstName = (string)data["firstname"]; 652 userData.FirstName = (string)data["firstname"];
653 userData.SurName = (string)data["lastname"]; 653 userData.SurName = (string)data["lastname"];
654 userData.Email = (string)data["email"];
654 userData.ID = new UUID((string)data["uuid"]); 655 userData.ID = new UUID((string)data["uuid"]);
655 userData.Created = Convert.ToInt32(data["profile_created"]); 656 userData.Created = Convert.ToInt32(data["profile_created"]);
656 userData.UserInventoryURI = (string)data["server_inventory"]; 657 userData.UserInventoryURI = (string)data["server_inventory"];
diff --git a/OpenSim/Region/CoreModules/Resources/CoreModulePlugin.addin.xml b/OpenSim/Region/CoreModules/Resources/CoreModulePlugin.addin.xml
index 0de5215..f9e61aa 100644
--- a/OpenSim/Region/CoreModules/Resources/CoreModulePlugin.addin.xml
+++ b/OpenSim/Region/CoreModules/Resources/CoreModulePlugin.addin.xml
@@ -26,6 +26,8 @@
26 <RegionModule id="RemoteUserServicesConnector" type="OpenSim.Region.CoreModules.ServiceConnectorsOut.User.RemoteUserServicesConnector" /> 26 <RegionModule id="RemoteUserServicesConnector" type="OpenSim.Region.CoreModules.ServiceConnectorsOut.User.RemoteUserServicesConnector" />
27 <RegionModule id="LocalAssetServicesConnector" type="OpenSim.Region.CoreModules.ServiceConnectorsOut.Asset.LocalAssetServicesConnector" /> 27 <RegionModule id="LocalAssetServicesConnector" type="OpenSim.Region.CoreModules.ServiceConnectorsOut.Asset.LocalAssetServicesConnector" />
28 <RegionModule id="RemoteAssetServicesConnector" type="OpenSim.Region.CoreModules.ServiceConnectorsOut.Asset.RemoteAssetServicesConnector" /> 28 <RegionModule id="RemoteAssetServicesConnector" type="OpenSim.Region.CoreModules.ServiceConnectorsOut.Asset.RemoteAssetServicesConnector" />
29 <RegionModule id="LocalAuthorizationServicesConnector" type="OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization.LocalAuthorizationServicesConnector" />
30 <RegionModule id="RemoteAuthorizationServicesConnector" type="OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization.RemoteAuthorizationServicesConnector" />
29 <RegionModule id="HGAssetBroker" type="OpenSim.Region.CoreModules.ServiceConnectorsOut.Asset.HGAssetBroker" /> 31 <RegionModule id="HGAssetBroker" type="OpenSim.Region.CoreModules.ServiceConnectorsOut.Asset.HGAssetBroker" />
30 <RegionModule id="LocalInventoryServicesConnector" type="OpenSim.Region.CoreModules.ServiceConnectorsOut.Inventory.LocalInventoryServicesConnector" /> 32 <RegionModule id="LocalInventoryServicesConnector" type="OpenSim.Region.CoreModules.ServiceConnectorsOut.Inventory.LocalInventoryServicesConnector" />
31 <RegionModule id="RemoteInventoryServicesConnector" type="OpenSim.Region.CoreModules.ServiceConnectorsOut.Inventory.RemoteInventoryServicesConnector" /> 33 <RegionModule id="RemoteInventoryServicesConnector" type="OpenSim.Region.CoreModules.ServiceConnectorsOut.Inventory.RemoteInventoryServicesConnector" />
diff --git a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs
new file mode 100644
index 0000000..c52c257
--- /dev/null
+++ b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs
@@ -0,0 +1,141 @@
1/*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28using log4net;
29using Nini.Config;
30using System;
31using System.Collections.Generic;
32using System.Reflection;
33using OpenSim.Framework;
34using OpenSim.Server.Base;
35using OpenSim.Region.Framework.Interfaces;
36using OpenSim.Region.Framework.Scenes;
37using OpenSim.Services.Interfaces;
38using OpenMetaverse;
39
40namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization
41{
42 public class LocalAuthorizationServicesConnector :
43 ISharedRegionModule, IAuthorizationService
44 {
45 private static readonly ILog m_log =
46 LogManager.GetLogger(
47 MethodBase.GetCurrentMethod().DeclaringType);
48
49 private IAuthorizationService m_AuthorizationService;
50
51 private bool m_Enabled = false;
52
53 public Type ReplaceableInterface
54 {
55 get { return null; }
56 }
57
58 public string Name
59 {
60 get { return "LocalAuthorizationServicesConnector"; }
61 }
62
63 public void Initialise(IConfigSource source)
64 {
65 m_log.Info("[AUTHORIZATION CONNECTOR]: Initialise");
66
67 IConfig moduleConfig = source.Configs["Modules"];
68 if (moduleConfig != null)
69 {
70 string name = moduleConfig.GetString("AuthorizationServices", string.Empty);
71 if (name == Name)
72 {
73 IConfig authorizationConfig = source.Configs["AuthorizationService"];
74 if (authorizationConfig == null)
75 {
76 m_log.Error("[AUTHORIZATION CONNECTOR]: AuthorizationService missing from OpenSim.ini");
77 return;
78 }
79
80 string serviceDll = authorizationConfig.GetString("LocalServiceModule",
81 String.Empty);
82
83 if (serviceDll == String.Empty)
84 {
85 m_log.Error("[AUTHORIZATION CONNECTOR]: No LocalServiceModule named in section AuthorizationService");
86 return;
87 }
88
89 Object[] args = new Object[] { source };
90 m_AuthorizationService =
91 ServerUtils.LoadPlugin<IAuthorizationService>(serviceDll,
92 args);
93
94 if (m_AuthorizationService == null)
95 {
96 m_log.Error("[AUTHORIZATION CONNECTOR]: Can't load authorization service");
97 return;
98 }
99 m_Enabled = true;
100 m_log.Info("[AUTHORIZATION CONNECTOR]: Local authorization connector enabled");
101 }
102 }
103 }
104
105 public void PostInitialise()
106 {
107 }
108
109 public void Close()
110 {
111 }
112
113 public void AddRegion(Scene scene)
114 {
115 if (!m_Enabled)
116 return;
117
118 scene.RegisterModuleInterface<IAuthorizationService>(this);
119 }
120
121 public void RemoveRegion(Scene scene)
122 {
123 }
124
125 public void RegionLoaded(Scene scene)
126 {
127 if (!m_Enabled)
128 return;
129
130 m_log.InfoFormat("[AUTHORIZATION CONNECTOR]: Enabled local authorization for region {0}", scene.RegionInfo.RegionName);
131
132
133 }
134
135 public bool IsAuthorizedForRegion(string userID, string regionID)
136 {
137 return m_AuthorizationService.IsAuthorizedForRegion(userID, regionID);
138 }
139
140 }
141}
diff --git a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/RemoteAuthorizationServiceConnector.cs b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/RemoteAuthorizationServiceConnector.cs
new file mode 100644
index 0000000..ac8b566
--- /dev/null
+++ b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/RemoteAuthorizationServiceConnector.cs
@@ -0,0 +1,155 @@
1/*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28using log4net;
29using System;
30using System.Collections.Generic;
31using System.Reflection;
32using Nini.Config;
33using OpenSim.Framework;
34using OpenSim.Services.Connectors;
35using OpenSim.Region.Framework.Interfaces;
36using OpenSim.Region.Framework.Scenes;
37using OpenSim.Services.Interfaces;
38using OpenMetaverse;
39
40namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization
41{
42 public class RemoteAuthorizationServicesConnector :
43 AuthorizationServicesConnector, ISharedRegionModule, IAuthorizationService
44 {
45 private static readonly ILog m_log =
46 LogManager.GetLogger(
47 MethodBase.GetCurrentMethod().DeclaringType);
48
49 private bool m_Enabled = false;
50 private List<Scene> m_scenes = new List<Scene>();
51
52 public Type ReplaceableInterface
53 {
54 get { return null; }
55 }
56
57 public string Name
58 {
59 get { return "RemoteAuthorizationServicesConnector"; }
60 }
61
62 public override void Initialise(IConfigSource source)
63 {
64 IConfig moduleConfig = source.Configs["Modules"];
65 if (moduleConfig != null)
66 {
67 string name = moduleConfig.GetString("AuthorizationServices", "");
68 if (name == Name)
69 {
70 IConfig authorizationConfig = source.Configs["AuthorizationService"];
71 if (authorizationConfig == null)
72 {
73 m_log.Error("[REMOTE AUTHORIZATION CONNECTOR]: AuthorizationService missing from OpenSim.ini");
74 return;
75 }
76
77 m_Enabled = true;
78
79 base.Initialise(source);
80
81 m_log.Info("[REMOTE AUTHORIZATION CONNECTOR]: Remote authorization enabled");
82 }
83 }
84 }
85
86 public void PostInitialise()
87 {
88 }
89
90 public void Close()
91 {
92 }
93
94 public void AddRegion(Scene scene)
95 {
96 if (!m_Enabled)
97 return;
98
99 if (!m_scenes.Contains(scene))
100 {
101 m_scenes.Add(scene);
102 scene.RegisterModuleInterface<IAuthorizationService>(this);
103 }
104
105 }
106
107 public void RemoveRegion(Scene scene)
108 {
109 }
110
111 public void RegionLoaded(Scene scene)
112 {
113 if (!m_Enabled)
114 return;
115
116 m_log.InfoFormat("[REMOTE AUTHORIZATION CONNECTOR]: Enabled remote authorization for region {0}", scene.RegionInfo.RegionName);
117
118 }
119
120 public bool IsAuthorizedForRegion(string userID, string regionID)
121 {
122 m_log.InfoFormat("[REMOTE AUTHORIZATION CONNECTOR]: IsAuthorizedForRegion checking {0} for region {1}", userID, regionID);
123
124 bool isAuthorized = true;
125
126 // get the scene this call is being made for
127 Scene scene = null;
128 lock (m_scenes)
129 {
130 foreach (Scene nextScene in m_scenes)
131 {
132 if (nextScene.RegionInfo.RegionID.ToString() == regionID)
133 {
134 scene = nextScene;
135 }
136 }
137 }
138
139 if(scene != null)
140 {
141 UserProfileData profile = scene.CommsManager.UserService.GetUserProfile(new UUID(userID));
142 isAuthorized = IsAuthorizedForRegion(userID, profile.FirstName, profile.SurName,
143 profile.Email, scene.RegionInfo.RegionName, regionID);
144 }
145 else
146 {
147 m_log.ErrorFormat("[REMOTE AUTHORIZATION CONNECTOR] IsAuthorizedForRegion, can't find scene to match region id of {0} ",regionID);
148 }
149
150
151 return isAuthorized;
152
153 }
154 }
155}
diff --git a/OpenSim/Region/Framework/Scenes/Scene.cs b/OpenSim/Region/Framework/Scenes/Scene.cs
index 5e27eff..d95d9d3 100644
--- a/OpenSim/Region/Framework/Scenes/Scene.cs
+++ b/OpenSim/Region/Framework/Scenes/Scene.cs
@@ -134,6 +134,7 @@ namespace OpenSim.Region.Framework.Scenes
134 public IXfer XferManager; 134 public IXfer XferManager;
135 135
136 protected IAssetService m_AssetService = null; 136 protected IAssetService m_AssetService = null;
137 protected IAuthorizationService m_AuthorizationService = null;
137 138
138 public IAssetService AssetService 139 public IAssetService AssetService
139 { 140 {
@@ -152,6 +153,25 @@ namespace OpenSim.Region.Framework.Scenes
152 return m_AssetService; 153 return m_AssetService;
153 } 154 }
154 } 155 }
156
157 public IAuthorizationService AuthorizationService
158 {
159 get
160 {
161 if (m_AuthorizationService == null)
162 {
163 m_AuthorizationService = RequestModuleInterface<IAuthorizationService>();
164
165 if (m_AuthorizationService == null)
166 {
167 // don't throw an exception if no authorization service is set for the time being
168 m_log.InfoFormat("[SCENE]: No Authorization service is configured");
169 }
170 }
171
172 return m_AuthorizationService;
173 }
174 }
155 175
156 protected IInventoryService m_InventoryService = null; 176 protected IInventoryService m_InventoryService = null;
157 177
@@ -3230,7 +3250,16 @@ namespace OpenSim.Region.Framework.Scenes
3230 3250
3231 if (!m_strictAccessControl) return true; 3251 if (!m_strictAccessControl) return true;
3232 if (Permissions.IsGod(agent.AgentID)) return true; 3252 if (Permissions.IsGod(agent.AgentID)) return true;
3233 3253
3254 if (AuthorizationService != null)
3255 {
3256 if(!AuthorizationService.IsAuthorizedForRegion(agent.AgentID.ToString(), RegionInfo.RegionID.ToString()))
3257 {
3258 m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access to the region",
3259 agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
3260 return false;
3261 }
3262 }
3234 3263
3235 if (m_regInfo.EstateSettings.IsBanned(agent.AgentID)) 3264 if (m_regInfo.EstateSettings.IsBanned(agent.AgentID))
3236 { 3265 {
diff --git a/OpenSim/Server/Handlers/Authorization/AuthorizationServerConnector.cs b/OpenSim/Server/Handlers/Authorization/AuthorizationServerConnector.cs
new file mode 100644
index 0000000..0d9f239
--- /dev/null
+++ b/OpenSim/Server/Handlers/Authorization/AuthorizationServerConnector.cs
@@ -0,0 +1,61 @@
1/*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28using System;
29using Nini.Config;
30using OpenSim.Server.Base;
31using OpenSim.Services.Interfaces;
32using OpenSim.Framework.Servers.HttpServer;
33using OpenSim.Server.Handlers.Base;
34
35namespace OpenSim.Server.Handlers.Authorization
36{
37 public class AuthorizationServerConnector : ServiceConnector
38 {
39 private IAuthorizationService m_AuthorizationService;
40
41 public AuthorizationServerConnector(IConfigSource config, IHttpServer server) :
42 base(config, server)
43 {
44 IConfig serverConfig = config.Configs["AuthorizationService"];
45 if (serverConfig == null)
46 throw new Exception("No section 'Server' in config file");
47
48 string authorizationService = serverConfig.GetString("LocalServiceModule",
49 String.Empty);
50
51 if (authorizationService == String.Empty)
52 throw new Exception("No AuthorizationService in config file");
53
54 Object[] args = new Object[] { config };
55 m_AuthorizationService =
56 ServerUtils.LoadPlugin<IAuthorizationService>(authorizationService, args);
57
58 server.AddStreamHandler(new AuthorizationServerPostHandler(m_AuthorizationService));
59 }
60 }
61}
diff --git a/OpenSim/Server/Handlers/Authorization/AuthorizationServerPostHandler.cs b/OpenSim/Server/Handlers/Authorization/AuthorizationServerPostHandler.cs
new file mode 100644
index 0000000..fb079d3
--- /dev/null
+++ b/OpenSim/Server/Handlers/Authorization/AuthorizationServerPostHandler.cs
@@ -0,0 +1,72 @@
1/*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28using Nini.Config;
29using log4net;
30using System;
31using System.Reflection;
32using System.IO;
33using System.Net;
34using System.Text;
35using System.Text.RegularExpressions;
36using System.Xml;
37using System.Xml.Serialization;
38using OpenSim.Server.Base;
39using OpenSim.Services.Interfaces;
40using OpenSim.Framework;
41using OpenSim.Framework.Servers.HttpServer;
42
43namespace OpenSim.Server.Handlers.Authorization
44{
45 public class AuthorizationServerPostHandler : BaseStreamHandler
46 {
47 private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
48
49 private IAuthorizationService m_AuthorizationService;
50
51 public AuthorizationServerPostHandler(IAuthorizationService service) :
52 base("POST", "/authorization")
53 {
54 m_AuthorizationService = service;
55 }
56
57 public override byte[] Handle(string path, Stream request,
58 OSHttpRequest httpRequest, OSHttpResponse httpResponse)
59 {
60 XmlSerializer xs = new XmlSerializer(typeof (AuthorizationRequest));
61 AuthorizationRequest Authorization = (AuthorizationRequest) xs.Deserialize(request);
62
63 bool authorized = m_AuthorizationService.IsAuthorizedForRegion(Authorization.ID, Authorization.RegionID);
64
65 AuthorizationResponse result = new AuthorizationResponse(authorized, Authorization.ID + " has been authorized");
66
67 xs = new XmlSerializer(typeof(AuthorizationResponse));
68 return ServerUtils.SerializeResult(xs, result);
69
70 }
71 }
72}
diff --git a/OpenSim/Services/AuthorizationService/AuthorizationService.cs b/OpenSim/Services/AuthorizationService/AuthorizationService.cs
new file mode 100644
index 0000000..c795ba0
--- /dev/null
+++ b/OpenSim/Services/AuthorizationService/AuthorizationService.cs
@@ -0,0 +1,56 @@
1/*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28using System;
29using System.Reflection;
30using Nini.Config;
31using log4net;
32using OpenSim.Framework;
33using OpenSim.Framework.Console;
34using OpenSim.Data;
35using OpenSim.Services.Interfaces;
36using OpenMetaverse;
37
38namespace OpenSim.Services.AuthorizationService
39{
40 public class AuthorizationService : AuthorizationServiceBase, IAuthorizationService
41 {
42 private static readonly ILog m_log =
43 LogManager.GetLogger(
44 MethodBase.GetCurrentMethod().DeclaringType);
45
46 public AuthorizationService(IConfigSource config) : base(config)
47 {
48 m_log.Info("[AUTHORIZATION CONNECTOR]: Local Authorization service enabled");
49 }
50
51 public bool IsAuthorizedForRegion(string userID, string regionID)
52 {
53 return true;
54 }
55 }
56}
diff --git a/OpenSim/Services/AuthorizationService/AuthorizationServiceBase.cs b/OpenSim/Services/AuthorizationService/AuthorizationServiceBase.cs
new file mode 100644
index 0000000..9e6d070
--- /dev/null
+++ b/OpenSim/Services/AuthorizationService/AuthorizationServiceBase.cs
@@ -0,0 +1,83 @@
1/*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28using System;
29using System.Reflection;
30using Nini.Config;
31using OpenSim.Framework;
32using OpenSim.Data;
33using OpenSim.Services.Interfaces;
34using OpenSim.Services.Base;
35
36namespace OpenSim.Services.AuthorizationService
37{
38 public class AuthorizationServiceBase : ServiceBase
39 {
40 protected IAssetDataPlugin m_Database = null;
41
42 public AuthorizationServiceBase(IConfigSource config) : base(config)
43 {
44 string dllName = String.Empty;
45 string connString = String.Empty;
46
47 //
48 // Try reading the [AuthorizationService] section first, if it exists
49 //
50 IConfig assetConfig = config.Configs["AuthorizationService"];
51 if (assetConfig != null)
52 {
53 dllName = assetConfig.GetString("StorageProvider", dllName);
54 connString = assetConfig.GetString("ConnectionString", connString);
55 }
56
57 //
58 // Try reading the [DatabaseService] section, if it exists
59 //
60 IConfig dbConfig = config.Configs["DatabaseService"];
61 if (dbConfig != null)
62 {
63 if (dllName == String.Empty)
64 dllName = dbConfig.GetString("StorageProvider", String.Empty);
65 if (connString == String.Empty)
66 connString = dbConfig.GetString("ConnectionString", String.Empty);
67 }
68
69 //
70 // We tried, but this doesn't exist. We can't proceed.
71 //
72 if (dllName.Equals(String.Empty))
73 throw new Exception("No StorageProvider configured");
74
75 m_Database = LoadPlugin<IAssetDataPlugin>(dllName);
76 if (m_Database == null)
77 throw new Exception("Could not find a storage interface in the given module");
78
79 m_Database.Initialise(connString);
80
81 }
82 }
83}
diff --git a/OpenSim/Services/Connectors/Authorization/AuthorizationServiceConnector.cs b/OpenSim/Services/Connectors/Authorization/AuthorizationServiceConnector.cs
new file mode 100644
index 0000000..98309f1
--- /dev/null
+++ b/OpenSim/Services/Connectors/Authorization/AuthorizationServiceConnector.cs
@@ -0,0 +1,117 @@
1/*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28using log4net;
29using System;
30using System.Collections.Generic;
31using System.IO;
32using System.Reflection;
33using Nini.Config;
34using OpenSim.Framework;
35using OpenSim.Framework.Communications;
36using OpenSim.Framework.Servers.HttpServer;
37using OpenSim.Services.Interfaces;
38using OpenMetaverse;
39
40namespace OpenSim.Services.Connectors
41{
42 public class AuthorizationServicesConnector
43 {
44 private static readonly ILog m_log =
45 LogManager.GetLogger(
46 MethodBase.GetCurrentMethod().DeclaringType);
47
48 private string m_ServerURI = String.Empty;
49 private bool m_ResponseOnFailure = true;
50
51 public AuthorizationServicesConnector()
52 {
53 }
54
55 public AuthorizationServicesConnector(string serverURI)
56 {
57 m_ServerURI = serverURI.TrimEnd('/');
58 }
59
60 public AuthorizationServicesConnector(IConfigSource source)
61 {
62 Initialise(source);
63 }
64
65 public virtual void Initialise(IConfigSource source)
66 {
67 IConfig authorizationConfig = source.Configs["AuthorizationService"];
68 if (authorizationConfig == null)
69 {
70 m_log.Error("[AUTHORIZATION CONNECTOR]: AuthorizationService missing from OpenSim.ini");
71 throw new Exception("Authorization connector init error");
72 }
73
74 string serviceURI = authorizationConfig.GetString("AuthorizationServerURI",
75 String.Empty);
76
77 if (serviceURI == String.Empty)
78 {
79 m_log.Error("[AUTHORIZATION CONNECTOR]: No Server URI named in section AuthorizationService");
80 throw new Exception("Authorization connector init error");
81 }
82 m_ServerURI = serviceURI;
83
84 // this dictates what happens if the remote service fails, if the service fails and the value is true
85 // the user is authorized for the region.
86 bool responseOnFailure = authorizationConfig.GetBoolean("ResponseOnFailure",true);
87
88 m_ResponseOnFailure = responseOnFailure;
89 }
90
91 public bool IsAuthorizedForRegion(string userID, string firstname, string surname, string email, string regionName, string regionID)
92 {
93 // do a remote call to the authorization server specified in the AuthorizationServerURI
94 m_log.InfoFormat("[AUTHORIZATION CONNECTOR]: IsAuthorizedForRegion checking {0} at remote server {1}", userID, m_ServerURI);
95
96 string uri = m_ServerURI;
97
98 AuthorizationRequest req = new AuthorizationRequest(userID, firstname, surname, email, regionName, regionID);
99
100 AuthorizationResponse response;
101 try
102 {
103 response = SynchronousRestObjectRequester.MakeRequest<AuthorizationRequest, AuthorizationResponse>("POST", uri, req);
104 }
105 catch (Exception e)
106 {
107 m_log.WarnFormat("[AUTHORIZATION CONNECTOR]: Unable to send authorize {0} for region {1} error thrown during comms with remote server. Reason: {2}", userID, regionID, e.Message);
108 return m_ResponseOnFailure;
109 }
110
111 m_log.DebugFormat("[AUTHORIZATION CONNECTOR] response from remote service was {0}", response.Message);
112
113 return response.IsAuthorized;
114 }
115
116 }
117}
diff --git a/OpenSim/Services/Interfaces/IAuthorizationService.cs b/OpenSim/Services/Interfaces/IAuthorizationService.cs
new file mode 100644
index 0000000..91afa9a
--- /dev/null
+++ b/OpenSim/Services/Interfaces/IAuthorizationService.cs
@@ -0,0 +1,144 @@
1/*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28using System;
29using OpenSim.Framework;
30
31namespace OpenSim.Services.Interfaces
32{
33 // Generic Authorization service used for authorizing principals in a particular region
34
35 public interface IAuthorizationService
36 {
37 //////////////////////////////////////////////////////
38 // Authorized
39 //
40 // This method returns a simple true false indicating
41 // whether or not a user has access to the region
42 //
43 bool IsAuthorizedForRegion(string userID, string regionID);
44
45 }
46
47 public class AuthorizationRequest
48 {
49 private string m_userID;
50 private string m_firstname;
51 private string m_surname;
52 private string m_email;
53 private string m_regionName;
54 private string m_regionID;
55
56 public AuthorizationRequest()
57 {
58 }
59
60 public AuthorizationRequest(string ID, string RegionID)
61 {
62 m_userID = ID;
63 m_regionID = RegionID;
64 }
65
66 public AuthorizationRequest(string ID,string FirstName, string SurName, string Email, string RegionName, string RegionID)
67 {
68 m_userID = ID;
69 m_firstname = FirstName;
70 m_surname = SurName;
71 m_email = Email;
72 m_regionName = RegionName;
73 m_regionID = RegionID;
74 }
75
76 public string ID
77 {
78 get { return m_userID; }
79 set { m_userID = value; }
80 }
81
82 public string FirstName
83 {
84 get { return m_firstname; }
85 set { m_firstname = value; }
86 }
87
88 public string SurName
89 {
90 get { return m_surname; }
91 set { m_surname = value; }
92 }
93
94 public string Email
95 {
96 get { return m_email; }
97 set { m_email = value; }
98 }
99
100 public string RegionName
101 {
102 get { return m_regionName; }
103 set { m_regionName = value; }
104 }
105
106 public string RegionID
107 {
108 get { return m_regionID; }
109 set { m_regionID = value; }
110 }
111
112
113
114 }
115
116 public class AuthorizationResponse
117 {
118 private bool m_isAuthorized;
119 private string m_message;
120
121 public AuthorizationResponse()
122 {
123 }
124
125 public AuthorizationResponse(bool isAuthorized, string message)
126 {
127 m_isAuthorized = isAuthorized;
128 m_message = message;
129
130 }
131
132 public bool IsAuthorized
133 {
134 get { return m_isAuthorized; }
135 set { m_isAuthorized = value; }
136 }
137
138 public string Message
139 {
140 get { return m_message; }
141 set { m_message = value; }
142 }
143 }
144}