[Opensim-dev] secure_inventory_server ??
Michael Wright
michaelwri22 at yahoo.co.uk
Fri Jul 25 11:05:25 UTC 2008
Yeah I guess, one problem with changes like this is anyone who has custom Login service (like us) has to rewrite it to use the new methods. Which is going to take time. But I guess that is how things go.
To be honest, even not taking that into account I would still like to see a way to turn things off. While you can argue that we should avoid too many options. At the same time I think you can argue that we should make things as customisable as possible (which is what I prefer).
I guess I need to look at the changes in inventory server more closely before I can really give a proper opinion though.
Justin Clark-Casey <jjustincc at googlemail.com> wrote: Michael Wright wrote:
> We might also want to add a temporary config setting to the inventory
> server to turn the security off. For people who want to update the
> server, but could have old regions on the grid.
To be honest, I think that it would be nice to avoid option proliferation. Already, the 'secure' option is really just
a bridge - the original mode should be removed (and secure become the 'default') when we're happy that they aren't major
difficulties. Adding another option for inventory server potentially exposes another point of failure and something
that will have to be deprecated/removed later on.
I think that traditionally we've been happy to have breaking grid changes that have required region updates. Can we do
the same thing here?
>
> */liu xiaolu /* wrote:
>
> OK, I can understand that,
>
> you can change the OpenSim.ini.example like,
> add the following line inside [Network] section (just under
> inventory_server_url):
> ;secure_inventory_server = true
> you should keep the line commented, because by default its value is
> "true"
>
> We(Johan, Mikem, lulurun) discussed about this,
> "secure_inventory_server" is just a "bridge"
> for the people who are running latest regionserver, but using old
> revisions of UGAI.
>
> as the revision number grows, we want to delete this option in the
> short future.
>
> \\\\
> 2008/7/25 Charles Krinke >:
>
> Thanks, Lulurun. That helps some.
>
> I believe the concern I have is the support of our users on the
> #opensim IRC channel. If there are settings to OpenSim that are
> *not* in OpenSim.ini.example and someone sets them, then support
> gets more difficult.
>
> At this point, I am merely trying to suggest that any config
> settings that anyone might use be entered in
> OpenSim.ini.example. Additionally a couple of comments that
> describe when one might want to use these settings would help
> our users move forward.
>
> Charles
>
>
> ----- Original Message ----
> From: liu xiaolu >
> To: opensim-dev at lists.berlios.de
>
> Sent: Thursday, July 24, 2008 8:04:24 PM
> Subject: Re: [Opensim-dev] secure_inventory_server ??
>
> That option is avaliable from 5592, it is just a temporary thing.
>
> To explain the situation simply:
> 1. old inventory server accepts any request without check the
> use identity, this causes a problem that everyone's inventory
> information can be easily modified by other people who even do
> not know your password.
> 2. secure_inventory_server accepts request by checking a valid
> session_id, so every inventory request needs to be attached a
> session_id.
> 3. then both of the regionserver and the inventoryserver have to
> be changed:
> 3.1 regionserver adds user's "session_id" to inventory CRUD
> requests
> 3.2 secureinventoryserver expects the request data contains a
> "session_id"
> 4. so the latest regionserver do not work with non-secure
> inventoryserver any more.
>
> the option enables people who are using the latest regionserver,
> but want to connect to a non-secure inventoryserver - they can
> set "use_secure_invnetory" to false in OpenSim.ini
>
>
> 2008/7/25 Charles Krinke >:
>
> I am hearing about a new OpenSim.ini setting called
> secure_inventory_server and am told it is not in
> OpenSim.ini.example. I believe all settings for OpenSim
> should be in OpenSim.ini and have a default, which in this
> case could be either true, or false, I would think.
>
> Can someone please help us understand what this setting is,
> what it does when set to false, what it does when set to
> true and perhaps consider adding at least a default for this
> setting in OpenSim.ini.example?
>
> Charles
>
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
>
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>
>
>
>
> --
> Lulurun
>
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>
>
>
>
> --
> Lulurun
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>
>
> ------------------------------------------------------------------------
> Not happy with your email address?
> Get the one you really want -
> millions of new email addresses available now at Yahoo!
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
--
justincc
Justin Clark-Casey
http://justincc.wordpress.com
_______________________________________________
Opensim-dev mailing list
Opensim-dev at lists.berlios.de
https://lists.berlios.de/mailman/listinfo/opensim-dev
---------------------------------
Not happy with your email address?
Get the one you really want - millions of new email addresses available now at Yahoo!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-dev/attachments/20080725/cf5046ef/attachment-0001.html>
More information about the Opensim-dev
mailing list