3 files changed, 85 insertions, 5 deletions

diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
new file mode 100644
index 0000000..07dea4a
--- /dev/null
+++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerConnector.cs
@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *     * Neither the name of the OpenSimulator Project nor the
+ *       names of its contributors may be used to endorse or promote products
+ *       derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+using System;
+using Nini.Config;
+using OpenSim.Server.Base;
+using OpenSim.Services.Interfaces;
+using OpenSim.Framework.Servers.HttpServer;
+using OpenSim.Server.Handlers.Base;
+
+namespace OpenSim.Server.Handlers.Authentication
+{
+    public class AuthenticationServiceConnector : ServiceConnector
+    {
+        private IAuthenticationService m_AuthenticationService;
+
+        public AuthenticationServiceConnector(IConfigSource config, IHttpServer server) :
+                base(config, server)
+        {
+            IConfig serverConfig = config.Configs["AuthenticationService"];
+            if (serverConfig == null)
+                throw new Exception("No section 'Server' in config file");
+
+            string authenticationService = serverConfig.GetString("AuthenticationServiceModule",
+                    String.Empty);
+
+            if (authenticationService == String.Empty)
+                throw new Exception("No AuthenticationService in config file");
+
+            Object[] args = new Object[] { config };
+            m_AuthenticationService =
+                    ServerUtils.LoadPlugin<IAuthenticationService>(authenticationService, args);
+
+            //server.AddStreamHandler(new AuthenticationServerGetHandler(m_AuthenticationService));
+        }
+    }
+}
diff --git a/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs b/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs
index 0d7a493..dd32ec9 100644
--- a/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs
+++ b/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs
@@ -108,7 +108,7 @@ namespace OpenSim.Server.Handlers.Simulation
                     httpResponse.StatusCode = (int)HttpStatusCode.Unauthorized;
                     return result;
                 }
-                if (!m_AuthenticationService.VerifyKey(agentID, authToken))
+                if (!m_AuthenticationService.VerifyUserKey(agentID, authToken))
                 {
                     m_log.InfoFormat("[AgentPostHandler]: Authentication failed for agent message {0}", path);
                     httpResponse.StatusCode = (int)HttpStatusCode.Forbidden;
diff --git a/OpenSim/Services/Interfaces/IAuthenticationService.cs b/OpenSim/Services/Interfaces/IAuthenticationService.cs
index 835b68f..35831c1 100644
--- a/OpenSim/Services/Interfaces/IAuthenticationService.cs
+++ b/OpenSim/Services/Interfaces/IAuthenticationService.cs
@@ -32,10 +32,29 @@ namespace OpenSim.Services.Interfaces
 {
     public interface IAuthenticationService
     {
-        string GetNewKey(UUID userID, UUID authToken);
+        // Create a new user session. If one exists, it is cleared
+        //
+        UUID AllocateUserSession(UUID userID);
 
-        bool VerifyKey(UUID userID, string key);
-        
-        bool VerifySession(UUID userID, UUID sessionID);
+        // Get a user key from an authentication token. This must be
+        // done before the session allocated above is considered valid.
+        // Repeated calls to this method with the same auth token will
+        // create different keys and invalidate the previous ne.
+        //
+        string GetUserKey(UUID userID, string authToken);
+
+        // Verify that a user key is valid
+        //
+        bool VerifyUserKey(UUID userID, string key);
+
+        // Verify that a user session ID is valid. A session ID is
+        // considered valid when a user has successfully authenticated
+        // at least one time inside that session.
+        //
+        bool VerifyUserSession(UUID userID, UUID session);
+
+        // Remove a user session identifier and deauthenticate the user
+        //
+        void DestroyUserSession(UUID userID);
     }
 }