[Opensim-dev] User Authentication
Mike Mazur
mmazur at gmail.com
Wed Feb 25 04:33:07 UTC 2009
Hi,
On Tue, 24 Feb 2009 19:54:16 -0800
Diva Canto <diva at metaverseink.com> wrote:
> * Within a few days: write a simple [optional]
> UserAuthenticationModule along the lines of option a) that does the
> following: upon a NewUserConnection, regions will check with the
> incoming user's User server that the declared user exists and is
> logged into the system.
In a grid a region can be told (via a configuration option) which user
server to check. What about HG regions? How does an HG region know
which user server to ping? Is this information supplied by the
connecting client? If so, what's to prevent a malicious client from
supplying a user server that will always reply favorably?
> Furthermore, upon AddNewClient (which happens
> shortly after), regions will challenge the incoming client with 3 UDP
> Ping messages having random seq numbers, to which the incoming client
> must respond correctly
How does the client know the correct response?
Thanks,
Mike
More information about the Opensim-dev
mailing list