[Opensim-users] List of banned viewers for config files?

[Justin Clark-Casey]

I think serving assets directly from the service would be very interesting rather than having to route through the 
simulators.  I will note that

1.  It would place more load on the service since simulators wouldn't act as asset caches.  I suspect this isn't a huge 
issue bearing in mind the ability of webservers to cope with massive loads.  And potentially some other service/process 
separate from the asset service could actually deal with GetTexture/GetMesh, though this is getting more complicated.

2.  Security of asset fetching will be different.  Fetches are 'secure' because the capability contains a random UUID 
component only given to a particular session.  This in turn comes from the seed cap generated by the login service and 
passed along to the simulator, that the viewer uses to fetch specific capabilities (e.g. GetTexture, GetMesh).

If the asset service (for instance) is dealing with GetTexture or GetMesh, then to be secure, it has to be passed the 
valid GetTexture/GetMesh capability URLs which the viewer will later fetch from the SEED Capability URL, or enough data 
to generate them correctly.

On 18/08/12 16:07, Akira Sonoda wrote:
> Right now I am thinking of factoring the whole HTTP stuff out of the OpenSim into a separate Process, in order to have
> OpenSim doing what it can best, acting as a Region Server calculating physics and executing scripts and serving legacy
> UDP Packets to the Viewers. I hope to be able to start a Proof of Concept rather soon. In parallel I will do further
> testing with the different viwers and the different combination in order to get further insights.


-- 
Justin Clark-Casey (justincc)
http://justincc.org/blog
http://twitter.com/justincc