1 files changed, 55 insertions, 7 deletions
diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
index 17619ff..cf7496f 100644
--- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -51,6 +51,12 @@ namespace OpenSim.Services.AuthenticationService
                LogManager.GetLogger(
                MethodBase.GetCurrentMethod().DeclaringType);
 
+        public PasswordAuthenticationService(IConfigSource config, IUserAccountService userService) :
+                base(config, userService)
+        {
+            m_log.Debug("[AUTH SERVICE]: Started with User Account access");
+        }
        public PasswordAuthenticationService(IConfigSource config) :
                base(config)
        {
@@ -58,28 +64,70 @@ namespace OpenSim.Services.AuthenticationService
        public string Authenticate(UUID principalID, string password, int lifetime)
        {
+            m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}, user account service present: {1}", principalID, m_UserAccountService != null);
            AuthenticationData data = m_Database.Get(principalID);
+            UserAccount user = null;
+            if (m_UserAccountService != null)
+                user = m_UserAccountService.GetUserAccount(UUID.Zero, principalID);
+            if (data == null || data.Data == null)
+            {
+                m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);
+                return String.Empty;
+            }
+            if (!data.Data.ContainsKey("passwordHash") ||
+                !data.Data.ContainsKey("passwordSalt"))
+            {
+                return String.Empty;
+            }
+            string hashed = Util.Md5Hash(password + ":" +
+                    data.Data["passwordSalt"].ToString());
+            m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
-            if (data != null && data.Data != null)
+            if (data.Data["passwordHash"].ToString() == hashed)
            {
-                if (!data.Data.ContainsKey("passwordHash") ||
+                return GetToken(principalID, lifetime);
+            }
+            if (user == null)
+            {
+                m_log.DebugFormat("[PASS AUTH]: No user record for {0}", principalID);
+                return String.Empty;
+            }
+            int impersonateFlag = 1 << 6;
+            if ((user.UserFlags & impersonateFlag) == 0)
+                return String.Empty;
+            List<UserAccount> accounts = m_UserAccountService.GetUserAccountsWhere(UUID.Zero, "UserLevel >= 200");
+            if (accounts == null || accounts.Count == 0)
+                return String.Empty;
+            foreach (UserAccount a in accounts)
+            {
+                data = m_Database.Get(a.PrincipalID);
+                if (data == null || data.Data == null ||
+                    !data.Data.ContainsKey("passwordHash") ||
                    !data.Data.ContainsKey("passwordSalt"))
                {
-                    return String.Empty;
+                    continue;
                }
-                string hashed = Util.Md5Hash(password + ":" +
+                hashed = Util.Md5Hash(password + ":" +
                        data.Data["passwordSalt"].ToString());
-                m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
                if (data.Data["passwordHash"].ToString() == hashed)
                {
+                    m_log.DebugFormat("[PASS AUTH]: {0} {1} impersonating {2}, proceeding with login", a.FirstName, a.LastName, principalID);
                    return GetToken(principalID, lifetime);
                }
            }
-            m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);
+            m_log.DebugFormat("[PASS AUTH]: Impersonation of {0} failed", principalID);
            return String.Empty;
        }
    }

diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs index 17619ff..cf7496f 100644 --- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs +++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -51,6 +51,12 @@ namespace OpenSim.Services.AuthenticationService
51	LogManager.GetLogger(	51	LogManager.GetLogger(
52	MethodBase.GetCurrentMethod().DeclaringType);	52	MethodBase.GetCurrentMethod().DeclaringType);
53		53
		54	public PasswordAuthenticationService(IConfigSource config, IUserAccountService userService) :
		55	base(config, userService)
		56	{
		57	m_log.Debug("[AUTH SERVICE]: Started with User Account access");
		58	}
		59
54	public PasswordAuthenticationService(IConfigSource config) :	60	public PasswordAuthenticationService(IConfigSource config) :
55	base(config)	61	base(config)
56	{	62	{
@@ -58,28 +64,70 @@ namespace OpenSim.Services.AuthenticationService
58		64
59	public string Authenticate(UUID principalID, string password, int lifetime)	65	public string Authenticate(UUID principalID, string password, int lifetime)
60	{	66	{
		67	m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}, user account service present: {1}", principalID, m_UserAccountService != null);
61	AuthenticationData data = m_Database.Get(principalID);	68	AuthenticationData data = m_Database.Get(principalID);
		69	UserAccount user = null;
		70	if (m_UserAccountService != null)
		71	user = m_UserAccountService.GetUserAccount(UUID.Zero, principalID);
		72
		73	if (data == null \|\| data.Data == null)
		74	{
		75	m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);
		76	return String.Empty;
		77	}
		78
		79	if (!data.Data.ContainsKey("passwordHash") \|\|
		80	!data.Data.ContainsKey("passwordSalt"))
		81	{
		82	return String.Empty;
		83	}
		84
		85	string hashed = Util.Md5Hash(password + ":" +
		86	data.Data["passwordSalt"].ToString());
		87
		88	m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
62		89
63	if (data != null && data.Data != null)	90	if (data.Data["passwordHash"].ToString() == hashed)
64	{	91	{
65	if (!data.Data.ContainsKey("passwordHash") \|\|	92	return GetToken(principalID, lifetime);
		93	}
		94
		95	if (user == null)
		96	{
		97	m_log.DebugFormat("[PASS AUTH]: No user record for {0}", principalID);
		98	return String.Empty;
		99	}
		100
		101	int impersonateFlag = 1 << 6;
		102
		103	if ((user.UserFlags & impersonateFlag) == 0)
		104	return String.Empty;
		105
		106	List<UserAccount> accounts = m_UserAccountService.GetUserAccountsWhere(UUID.Zero, "UserLevel >= 200");
		107	if (accounts == null \|\| accounts.Count == 0)
		108	return String.Empty;
		109
		110	foreach (UserAccount a in accounts)
		111	{
		112	data = m_Database.Get(a.PrincipalID);
		113	if (data == null \|\| data.Data == null \|\|
		114	!data.Data.ContainsKey("passwordHash") \|\|
66	!data.Data.ContainsKey("passwordSalt"))	115	!data.Data.ContainsKey("passwordSalt"))
67	{	116	{
68	return String.Empty;	117	continue;
69	}	118	}
70		119
71	string hashed = Util.Md5Hash(password + ":" +	120	hashed = Util.Md5Hash(password + ":" +
72	data.Data["passwordSalt"].ToString());	121	data.Data["passwordSalt"].ToString());
73		122
74	m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
75
76	if (data.Data["passwordHash"].ToString() == hashed)	123	if (data.Data["passwordHash"].ToString() == hashed)
77	{	124	{
		125	m_log.DebugFormat("[PASS AUTH]: {0} {1} impersonating {2}, proceeding with login", a.FirstName, a.LastName, principalID);
78	return GetToken(principalID, lifetime);	126	return GetToken(principalID, lifetime);
79	}	127	}
80	}	128	}
81		129
82	m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);	130	m_log.DebugFormat("[PASS AUTH]: Impersonation of {0} failed", principalID);
83	return String.Empty;	131	return String.Empty;
84	}	132	}
85	}	133	}