Difference between revisions of "Authentication Flow"

Protocol Step-by-step

Step 1

Viewer(client)--------->User Server

• Secure Message checksum request - Protocol Level Supported? Yes/No.
• Port 12036

Step 2

Viewer -----------> Login Server

• XML-RPC Func call - over HTTPS. to login. (Blocking) [[1][Login Info from libsecondlife]
• Mostly a web server (Apache) that talks to a SQL DB. Gets user info from DB (home. etc.) gets the info about which sim to connect to (IP address etc.) and drops the connection.
• First name, last name, MD5(password), viewer version, requested location

Step 3

Login Server ------> Database

Checks actual database for authentication credentials

Step 4

Login Server------> SIM in the Grid

• Login server decides which SIM to send the viewer to. talks to Grid
• Requests session start

Grid (of Simulators):

• inbound UDP port (for comm. with Viewer) 12035, 13000-13050

Step 5

SIM ----> Login server (response)

• Verification that user is allowed on the SIM

Step 6

Login server ------> Viewer (response)

• Information returned: agent id, session id, secure session id, sim ip, sim port, global location, some inventory info.
• Most IDs are UUIDs (agent id, session id, and secure session id, for example)
• Agent ID == User ID Unique and Persistent.

Step 7

Viewer -------> Simulator (on Grid) Handshake

• Viewer sends user id and session id

Step 8

Viewer -------> User server User server handshake

• Sent for presence information so Group IM works
• Confers group rights to user
• User server verifies the SIM session info via DB Presence-Agent table.(initially committed by the Login Server at the time of Sim-LoginSERVER negotiation) Step p3