[Opensim-dev] Authentication and oAuth
Diva Canto
diva at metaverseink.com
Mon Mar 2 17:55:32 UTC 2009
Forgot to clarify this point.
Tommi Laukkanen wrote:
> As conclusion CAPS URLs we talk here seem to be a kind of caching
> mechanism where we do authentication and authorisation on client login
> and store the authorisation information to CAPS URLs which client can
> access directly and we do not need to authenticate&authorize anymore.
CAPs URLs are generated everytime the client moves into a new region.
Look at Scene.AddNewUser, which is run everytime an agent comes on the
way of the region, and then CloseConnection, which is run everytime the
client goes away.
You are right in implying that right now, we use CAPs only because the
Linden viewer forces us to. Yes, that is correct. And we use them in a
completely security-defying manner, even for the Linden client that we
are already supporting -- as I described a few emails ago.
> As such CAPS URL is not a competitor to either OpenId nor oAuth.
> OpenId is authentication mechanism and oAuth is authorization
> mechanism for consuming services from remote interfaces.
They are competitors for the security scheme that doesn't exist yet
concerning the authentication & authorization between user agents and
regions. Right now, that is totally unprotected, security doesn't exist,
the process relies on mutual trust - that's what I'm going to change,
because it needs to be made safe for decentralized VWs like the Hypergrid.
A bit of OpenSim history here. Sometime ago, someone tried to add an
authorization step into inventory access, checking the session id (again
this would have been extremely weak security, but it would have been
better than nothing; at least it would secure the inventory server from
web clients and from regions after the client had logged out). The
authorization step, however, involved an extra call to the User server
to verify the session id. Some people found that the performance penalty
was way too high to be worth the trouble, so the effort was abandoned.
(Right now, the inventory access code is a big mess, impossible to explain.)
Any authentication & authorization mechanism that avoids separating
these two things into separate messages is a major plus.
Crista
More information about the Opensim-dev
mailing list