[Opensim-dev] Proposal for using OpenID in OpenSim

liu xiaolu lulurun at gmail.com
Fri Mar 28 14:23:24 UTC 2008 

> Where do you think .ini files for individual modules should go?
First, seperate OpenSim's src and bin.
opensim/bin/OpenSim.exe
                  /OpenSim.Grid.GridServer.exe ...
opensim/lib/Nini.dll
                 /libsecondlife.dll ...
            /conf/OpenSim.ini
                   /mysql_connection.ini ...
                   /Regions/default.xml
            /module/openid.dll
                        /loadbalancer.dll

in OpenSim.ini
...
Load "module/appearance_persist.dll"
;Load "module/openid_authentication.dll"
Load "module/load_balancer.dll"
Load "module/region_proxy.dll"
...
If you do not want to use a module, you just simply ;(comment) it

2008/3/28, Justin Clark-Casey <jjustincc at googlemail.com>:
>
> Where do you think .ini files for individual modules should go?  Just
> putting them in /bin seems a little messy - perhaps they should have
> their own subdirectory (putting them with modules directly may make them
> hard to find, though perhaps that it also an additional option).
>
> --
> justincc
>
>
>
> Michael Wright wrote:
> > Authentication is already quite modular , but in time hopefully it
> > will be even more so. Its quite easy to write new login services that
> > use the login and authentication method of your choice. We
> > (TribalMedia) do this all the time for various different applications.
> >
> > And yes opensim should always support walled 3d appplications. Its not
> > about trying to create one single metaverse that all use the same
> > databases/methods/whatever. It is about creating a platform that can
> > be used for lots of different things. The idea of a single shared
> > metaverse is one application, but separate 3d applications are just as
> > important (and my main focus).
> >
> > So yes OpenID should be a option, but to me it should be that...a
> > option and the only authentication system.
> >
> > There is never going to (or at least should never)  be one
> > "distribution" of opensim that mights all needs. We have tried to make
> > opensim modular, so we should use that. And not try to add thousands
> > of flags to the ini file, but instead have the core and then the
> > modules. With a ini file (or whatever) defining what modules are to be
> > used. Different distributions of opensim could come with different
> > modules and a default ini file that loads those modules. So we could
> > have a OpenID based distribution that includes the relevant modules.
> >
> > */Ryan McDougall <ryan at 3di.jp>/* wrote:
> >
> >
> >     On Thu, 2008-03-27 at 23:01 -0400, The Burnman wrote:
> >     > My concern, much like what Melanie stated, is that I do not want
> >     to be
> >     > forced to use a 3rd party service to use OpenSim. If OpenID is
> >     not an
> >     > optional module, I will drop OpenSim from my toolset and move on
> to
> >     > something else.
> >
> >     Well, this is open source, so in a very strict manner of speaking,
> >     _all_
> >     modules are optional, so it kinda like asking if you can have your
> >     hamburger without a side of ice water.
> >
> >     As for being _easily_ configurable to run without OpenID, I'm sure
> >     that
> >     just a matter of:
> >
> >     // in OpenSim.ini
> >     flag = false
> >
> >     // in UserServer.cs
> >     if (flag)
> >     do_fancy_open_id_junk();
> >     else
> >     ask_for_a_ridiculously_simple_name_and_password();
> >
> >     So I don't think its remotely clear that anyone would be _forced_
> >     to use
> >     3rd party stuff.
> >
> >     > Aside from the idea of being forced to use 3rd party services, two
> >     > concerns I have about using OpenID are:
> >     >
> >     > 1) Data security and integrity - With no control over
> authentication
> >     > or storage of related data, what's to say data won't be stolen or
> >     > corrupted, thus causing my clients/users distress and thus
> >     causing me
> >     > a nightmare?
> >
> >     Many issues here:
> >
> >     1. OpenID is a method of authentication, and optionally passing
> >     identity
> >     preferences. It can enable portability, but in no stretch of the
> >     imagination _requires_ it.
> >
> >     2. Anyone who can read your data can copy or modify it. There is
> >     no such
> >     thing as "data security" (ie DRM) in practice. If you don't want
> >     anyone
> >     to read your assets, don't put them on a publicly accessible server.
> >     Simple as that.
> >
> >     3. If your concern is integrity or authorization There are things
> such
> >     things as trust networks, digital signing, and whatnot, but thats
> not
> >     what OpenID is about and is a related but separate discussion.
> >
> >     > 2) Service perpetuality (I might have made that word up) - What
> >     > guarantees OpenID will remain in business in a year, considering
> how
> >     > volatile the Internet business world is? How much downtime do I
> have
> >     > to deal with because of maintenance or hardware failure?
> >
> >     What guarantees _any_ website will remain up in a year?
> >
> >     OpenID isn't a business, its a protocol with some implementations.
> >     OpenID disappearing is about as likely as HTTP or Apache
> disappearing.
> >
> >     > In fact, I don't know why people think OpenID is a good idea at
> all.
> >     > The whole concept is based on trusting a 3rd party to remain up
> 100%
> >     > of the time, completely secure, and functioning efficiently. Using
> >     > OpenID takes any control of those variables out of my hands, and
> if
> >     > they have an issue, my service is offline.
> >
> >     If you don't trust a 3rd party, you're able to run your own OpenID
> >     server with your own rules. That one will only ever go down if you
> die
> >     or the internet quits working. That's the Open part.
> >
> >     > Sure, it allows some level of interoperability, but I don't
> consider
> >     > it worth the risk for my projects. Just do a Google search for
> >     > "OpenID security" (or similar search parameters) and read about
> the
> >     > concerns a lot of people have about OpenID.
> >
> >     I'm sure OpenID isn't a panacea, but as has been said repeatedly,
> >     no one
> >     is suggesting it be required for all people using OpenSim.
> >
> >     Cheers,
> >
> >     > On Thu, Mar 27, 2008 at 9:33 PM, Ryan McDougall wrote:
> >     > My understanding is that, like OpenID is currently used on the
> >     > web,
> >     > which is you could use OpenID if you have one, or the
> >     > old-fashion type
> >     > if you don't.
> >     >
> >     > However, with OpenID > 1.0, it is possible to add attributes,
> >     > so OpenID
> >     > in OpenSim is a means of avatar portability, since one of the
> >     > attributes
> >     > would be a URL to where your avatar can be found.
> >     >
> >     > That can't be done the old fashioned way.
> >     >
> >     > What specifically is your concern about OpenID?
> >     >
> >     > Cheers,
> >     >
> >     > On Wed, 2008-03-26 at 23:57 -0400, The Burnman wrote:
> >     > > And I take it we are still on the "optional module" page in
> >     > reference
> >     > > to OpenID, yes?
> >     >
> >     > > _______________________________________________
> >     > > Opensim-dev mailing list
> >     > > Opensim-dev at lists.berlios.de
> >     > > https://lists.berlios.de/mailman/listinfo/opensim-dev
> >     > --
> >     > Software Engineer
> >     > http://www.3di.jp
> >     >
> >     > The opinions expressed herein represent those of the
> >     > individual, and do
> >     > not constitute company policy unless expressly stated.
> >     >
> >     > _______________________________________________
> >     > Opensim-dev mailing list
> >     > Opensim-dev at lists.berlios.de
> >     > https://lists.berlios.de/mailman/listinfo/opensim-dev
> >     >
> >     > _______________________________________________
> >     > Opensim-dev mailing list
> >     > Opensim-dev at lists.berlios.de
> >     > https://lists.berlios.de/mailman/listinfo/opensim-dev
> >     --
> >     Software Engineer
> >     http://www.3di.jp
> >
> >     The opinions expressed herein represent those of the individual,
> >     and do
> >     not constitute company policy unless expressly stated.
> >
> >     _______________________________________________
> >     Opensim-dev mailing list
> >     Opensim-dev at lists.berlios.de
> >     https://lists.berlios.de/mailman/listinfo/opensim-dev
> >
> >
> > ------------------------------------------------------------------------
> > Sent from Yahoo! Mail
>
> > <
> http://us.rd.yahoo.com/mailuk/taglines/isp/control/*http://us.rd.yahoo.com/evt=52418/*http://uk.docs.yahoo.com/nowyoucan.html
> >.
> >
> > A Smarter Inbox.
> > ------------------------------------------------------------------------
>
> >
> > _______________________________________________
> > Opensim-dev mailing list
> > Opensim-dev at lists.berlios.de
> > https://lists.berlios.de/mailman/listinfo/opensim-dev
> >
>
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>



-- 
Liu Xiaolu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-dev/attachments/20080328/89984d93/attachment-0001.html>

More information about the Opensim-dev mailing list