[Opensim-dev] Mantis#2816 patch and openid
Hurliman, John
john.hurliman at intel.com
Mon Dec 15 18:15:58 UTC 2008
> -----Original Message-----
> From: opensim-dev-bounces at lists.berlios.de [mailto:opensim-dev-
> bounces at lists.berlios.de] On Behalf Of Sean Dague
> Sent: Monday, December 15, 2008 5:03 AM
> To: opensim-dev at lists.berlios.de
> Subject: Re: [Opensim-dev] Mantis#2816 patch and openid
>
> Hurliman, John wrote:
>>
>> A clarification on the patch, this adds OpenID provider support to
> user server. It does not turn the user server into an OpenID consumer.
> I think OpenID grid login is a very interesting discussion that should
> take place on the mailing list, but what this does is allow you to
> prove ownership of an avatar on a grid. You could leave a comment on a
> blog using your avatar identity, for example. The main reason for the
> patch is to pave the way to building a secure hypergrid. Now that
> OpenSim is evolving into a federated grid model it's critical to be
> able to carry identity around the metaverse. I also have a patch for
> the distributed asset service that authenticates all inventory and
> asset transactions against the user server and allows
> whitelisting/blacklisting of foreign grids (will be committed very
> soon after some cleanup).
>
> Could you explain that authentication flow with the existing client?
> While this patch doesn't hurt anything, I'd really like to understand
> where this is going before we commit something like this.
>
> -Sean
>
This doesn't change any existing authentication flow. It adds a new feature, which is that you can go to http://www.jhurliman.org/ and leave a comment on my blog as http://www.osgrid.org:8002/users/Some_Avatar, or write a PHP script that lets you directly upload assets to a distributed asset store without having to login (directly) through a user server and establish an unnecessary agent presence.
John
More information about the Opensim-dev
mailing list