Difference between revisions of "Viewer Authentication"

From Second Life Wiki
Jump to navigation Jump to search
m (SLURL -> SLurl)
 
(25 intermediate revisions by 8 users not shown)
Line 1: Line 1:
= Website Viewer Authentication (WVA) =
{{Alert Box|
<b>Note:</b> If you would like to discuss the changes stated in this page, please use the discussion tab at the top.  We are reading it and answering your questions there and will update the wiki as needed.  Thank you!


In the past, the Second Life viewer and Second Life website have both required you to type in your name and password in order to access the grid and your account information.  With Website Viewer Authentication, Linden Lab seeks to bring these two together such that you will only need to type in your name and password at one place in order to access this content.  Now you'll be able to launch Second Life, securely, from the SL website.
<b>Note:</b> This page primarily describes Linden employees' view on the issue that some open source developers have expressed concerns against.  If you want to know the open source developers' view or related backgrounds, you are advised to read not just this page but also the [[Talk:Viewer Authentication|associated discussion page]] and [[Viewer Authentication Critique]] page.


== It's your choice! ==
<b>Note:</b> The first note above was written by a Linden, and the word "we" refers "Linden employees"The second note (as well as this note) was added by a resident {{User|Alissa Sabre}} for clarification.
When logging in, you do not have to change your daily routine.  The login screen you are given when starting the Second Life viewer will be a website version of the current interface.  However, it's suggested that if you want to take the most secure route to logging in, you do it via the Second Life websiteOnce you've logged in to the website, you'll see a Go Inworld! button which will automatically launch the SL viewer for you.  By logging in this way, you will know that you're typing your password into a safe environment, whether you use the official LL viewer or (eventually) a third-party viewer.
}}
= Viewer Authentication =


<b>Note to Linux users:</b> Linden Lab is working to allow a secure website authentication for as many Linux users as possibleHowever, due to the nature of Linux distribution, a website login is not guaranteed to work as it may fail for reasons Linden lab is unable to predictIn these cases, it is suggested you log in via the viewer's login page.
Fairly soon, Linden Lab is going to introduce new form of logging in.  The current process requires an xml-rpc call from your viewer to our servers that runs along an inflexible code-path that is difficult to maintainThis process will change to a web-based path that is easier to maintain and will allow us easier access to tools for making logins smarter and furthering our anti-fraud efforts.
 
== What Changes For You? ==
 
You will see one change when this is releasedThe viewer's login page will be web-based.  It actually won't look that different from the current interface and allows all the same functionality.
 
(Note: The optional "Go Inworld!" page mentioned here before will be a part of a separate release as it requires more work.)
 
Keep in mind that if you are developing a third-party application to access Second Life, we will be keeping our old login methods intact until you catch up with the new process - at which point we will shut down the old pathways.


== Frequently Asked Questions ==
== Frequently Asked Questions ==
==="I'm always logged in on the SL website.  How does this affect me?"===
If you're logged in on the website, you're simply one step away from being in Second Life.  A "Go Inworld!" link will be on the website for you to click which will launch your Second Life viewer and log you in automatically.
Keep in mind that if you use multiple Second Life accounts, you will need to log out via the website before logging in with another account.  However, if multiple people use your computer, you may take advantage of your operating system's "User Switching" capabilities so that your cookies are not shared and logging out from the website is not a requirement.
==="On the viewer's login screen, I'm giving the choice of where I want to log into.  Will I still have that option?"===
Yes!  The Go Inworld! page will contain the same options the SL viewer's login has.  You can login at your last location, your home, or a destination you specify.


==="I have separate accounts that I useHow does this affect me?"===
==="On the viewer's login screen, I'm given the choice of where I want to log intoWill I still have that option?"===
Yes.  If you wish to use a separate Second Life account, you must log out of your current account on the website and then log in with your separate account.
Yes.  This functionality will be the same both in the viewer's login and on the website's login.


==="I use Second Life from a computer that is not mine.  How does this affect me?"===
==="I use Second Life from a computer that is not mine.  How does this affect me?"===
So long as you are logged into the website on someone's else computer, they will be able to gain access to your account, just as they would if you stayed logged in on a blog, in a video game, or on a social networking website.  If you simply log out of your account on the website when you are done using the computer, then your account's information will not be accessible.  As usual, common sense is your best friend when using a computer that is not your own.
Everything works the same as before.
 
==="Are you telling me the client is not secure?"===
The official Second Life client released by Linden Lab on our SL website is secure.  However, due to our viewer's open-source nature, third-party versions may be hosted elsewhere and can be made to trick you into entering your password where it may be stolen.  Please read the [[#Security|Security]] section below for more details.


==="Why aren't you fixing bugs?  I don't care about login!"===
==="Why aren't you fixing bugs?  I don't care about login!"===
Linden Lab has a team of developers who are constantly fixing bugs in Second Life.  However, we also have developers who work on the website, the servers, and specific issues such as security, billing, and fraud prevention.  WVA is being developed as a security measure in order to ensure your Second Life identity cannot by stolen or phished by malicious entitiesBy making your experience secure, we can save you time and money if something ever should go wrong, and allows us to devote more resources toward the ongoing development of Second Life.
Linden Lab has a team of developers who are constantly fixing bugs in Second Life.  However, we also have developers who work on the website, the servers, and specific issues such as security, billing, and fraud prevention.  Viewer Authentication is being developed in order to extend the ability of our logins such that they can take advantage of new fraud prevention measures, future account security measures, and be placed in a more flexible and easier to access code-pathFixes to the website's login can be instantly ported to the viewer's login and vice versa.


==="What happens when I want to use the First Look client or some other third-party application?"===
==="What happens when I want to use the First Look client or some other third-party application?"===
Currently, these options still use the old method of logging in.  WVA only applies to the main grid at this timeWe will have a complete transfer over to WVA very soon and will announce when it's ready and what changes you can expect.
Until they are brought up to speed with the new login process, these extra applications will still be able to use our old login procedure.
 
== Technical Overview ==
===In order to maintain backward compatibility, there will initially be several ways to log in:===
 
* Login from legacy viewer using current XUI and name/password.
** Until they are brought up to speed with the new login process, other clients will still be able to use our old login procedure.  This transition is expected to complete by beginning of February, at which point a mandatory update will be required.
* Login from a new viewer from login screen
** Login form removed from screen XUI
** Web login modules added to login screen splash page
** Splash screen saves and passes web login key in a [[SLurl]] to viewer using a redirect
** Viewer logs in with name/web_login_key
** May be deprecated eventually, but because of pushback from sldev, we decided not to
* Login from InWorld page on Second Life website (https://secondlife.com/inworld/index.php)
** Go Inworld generates and persists web_login_key, returns it coded into secondlife:// url.
** OS launches viewer associated with secondlife:// (last used viewer, or last installed viewer).
** Viewer parses url, logs in with name/sid
 
 
===The common web mechanism is as follows:===
* Website confirms (cookie) that resident is logged in by filling in user name fields if they are
* Website also takes many query parameters to automatically fill in fields in the form
* The known query parameters are the following;
** '''firstname or username'''Both get mapped to the first name of the avatar.
** '''lastname''' - avatar's last name
** '''location''' -
** '''region''' - Typed region name of the simulator the avatar desires to go once logged in
** '''grid''' - the Grid that the agent is logging into.  some valid options are Agni, Aditi, Other
** '''channel''' - The client type that you're using(SecondLife WindLight or Release Client) 
** '''version''' - The version of the client you're using
** '''lang''' - The language set that you're using on the client.
** '''save_password''' - Exists when the save password checkbox is checked.
* Upon receiving POST, website generates a temporary, single use web_login_key and persists it to web_login_key web store on central backbone
* Website redirects to the continuation url provided, and appending web_login_key as a query argument at the end
** For login via website, continuation url: secondlife://viewer/login?firstname=;lastname=;session_id=;location=?'
** For login via viewer, continuation url: about:blank?redirect-http-hack=($URLENCODE(secondlife://viewer/login?firstname=;lastname=;session_id=;location=?'))
* Viewer catches or launches and uses user name and web_login_key to send to login.cgi using [[Current_login_protocols]](in the future LLSD)
* login.cgi checks session id and allows the user in


== Why we're making this change. ==


===Security===
===Additional Note:===
With Website Viewer Authentication, Linden Lab will be able to centralize its login code to our website.  By doing so, we will be able to centralize our fraud prevention efforts such that we can make larger and faster changes when necessary.  Since you will only have to enter your login information in one place, there should never be a need to enter your name and password into any other interface.  This inherently increases your security.
* The public login forms on secondlife send a [[SLurl]] like, secondlife:///app/login?first_name='''firstname'''&last_name='''lastname'''&location='''location'''&grid='''Agni'''&web_login_key='''LLUUID'''
* the viewer sends the same address but encapsulates it in an about:blank page parameter - about:blank?redirect-http-hack=secondlife:///app/login?first_name='''firstname'''&last_name='''lastname'''&location='''location'''&grid='''Agni'''&web_login_key='''LLUUID'''


*Note: Due to the open source nature of the Second Life viewer, it is possible to create a clone of the Second Life viewer with the intent to add code which will steal your password and send it to a malicious entity.  A person doing this can then host the viewer on their website saying that it is the official version, thus tricking you into downloading something that looks real but is in fact not.  By logging in via the Second Life website, this kind of attack will not work against you.


===Flexibility===
===Additional info:===
By centralizing logins, Linden Lab will eventually be able to verify your identity for third-party applications.  For example: if you wish to use an open source version of the Second Life viewer, you should not have to worry about typing in your name and password as the viewer will be able to authenticate you via our servers.  This flexibility will give your Second Life presence a greater reach than just the Second Life Grid.
* Logging into a custom/internal grid appears to require two secondlife.exe parameters;
** -loginpage <URL>, the login page displayed to the client
** -loginuri <URI>, the address that the client should look for the login.cgi


===Persistence===
== See also ==
When you login through the Second Life website, you will be taken to a page which will launch Second Life for you.  So long as your cookie's session for the page's login is held and you launch through this page, you won't ever have to type in your name and password again until that cookie's session expires.  So you can log in and out of Second Life as much as you like without having to re-type your information over and over again.  Your identity will be persistent.


== The Future! ==
[[Login Protocol]] - general summary of login protocols


===Integration===
[[Viewer_Authentication_Form_Example]] - Example Login form geared for the Viewer
Eventually, Linden Lab would like to allow Second Life identities to integrate with OpenID.  The WVA changes will make this route an easier one to handle.  With OpenID, your Second Life identity will be able to transfer to any other applications (eg: blogs, forums, social networking services) that wish to host OpenID capabilities in their services.  It would open the possibility of logging into separate virtual worlds with your Second Life name.

Latest revision as of 05:00, 13 August 2009

Note: If you would like to discuss the changes stated in this page, please use the discussion tab at the top. We are reading it and answering your questions there and will update the wiki as needed. Thank you!

Note: This page primarily describes Linden employees' view on the issue that some open source developers have expressed concerns against. If you want to know the open source developers' view or related backgrounds, you are advised to read not just this page but also the associated discussion page and Viewer Authentication Critique page.

Note: The first note above was written by a Linden, and the word "we" refers "Linden employees". The second note (as well as this note) was added by a resident Alissa Sabre for clarification.

Viewer Authentication

Fairly soon, Linden Lab is going to introduce new form of logging in. The current process requires an xml-rpc call from your viewer to our servers that runs along an inflexible code-path that is difficult to maintain. This process will change to a web-based path that is easier to maintain and will allow us easier access to tools for making logins smarter and furthering our anti-fraud efforts.

What Changes For You?

You will see one change when this is released. The viewer's login page will be web-based. It actually won't look that different from the current interface and allows all the same functionality.

(Note: The optional "Go Inworld!" page mentioned here before will be a part of a separate release as it requires more work.)

Keep in mind that if you are developing a third-party application to access Second Life, we will be keeping our old login methods intact until you catch up with the new process - at which point we will shut down the old pathways.

Frequently Asked Questions

"On the viewer's login screen, I'm given the choice of where I want to log into. Will I still have that option?"

Yes. This functionality will be the same both in the viewer's login and on the website's login.

"I use Second Life from a computer that is not mine. How does this affect me?"

Everything works the same as before.

"Why aren't you fixing bugs? I don't care about login!"

Linden Lab has a team of developers who are constantly fixing bugs in Second Life. However, we also have developers who work on the website, the servers, and specific issues such as security, billing, and fraud prevention. Viewer Authentication is being developed in order to extend the ability of our logins such that they can take advantage of new fraud prevention measures, future account security measures, and be placed in a more flexible and easier to access code-path. Fixes to the website's login can be instantly ported to the viewer's login and vice versa.

"What happens when I want to use the First Look client or some other third-party application?"

Until they are brought up to speed with the new login process, these extra applications will still be able to use our old login procedure.

Technical Overview

In order to maintain backward compatibility, there will initially be several ways to log in:

  • Login from legacy viewer using current XUI and name/password.
    • Until they are brought up to speed with the new login process, other clients will still be able to use our old login procedure. This transition is expected to complete by beginning of February, at which point a mandatory update will be required.
  • Login from a new viewer from login screen
    • Login form removed from screen XUI
    • Web login modules added to login screen splash page
    • Splash screen saves and passes web login key in a SLurl to viewer using a redirect
    • Viewer logs in with name/web_login_key
    • May be deprecated eventually, but because of pushback from sldev, we decided not to
  • Login from InWorld page on Second Life website (https://secondlife.com/inworld/index.php)
    • Go Inworld generates and persists web_login_key, returns it coded into secondlife:// url.
    • OS launches viewer associated with secondlife:// (last used viewer, or last installed viewer).
    • Viewer parses url, logs in with name/sid


The common web mechanism is as follows:

  • Website confirms (cookie) that resident is logged in by filling in user name fields if they are
  • Website also takes many query parameters to automatically fill in fields in the form
  • The known query parameters are the following;
    • firstname or username. Both get mapped to the first name of the avatar.
    • lastname - avatar's last name
    • location -
    • region - Typed region name of the simulator the avatar desires to go once logged in
    • grid - the Grid that the agent is logging into. some valid options are Agni, Aditi, Other
    • channel - The client type that you're using. (SecondLife WindLight or Release Client)
    • version - The version of the client you're using
    • lang - The language set that you're using on the client.
    • save_password - Exists when the save password checkbox is checked.
  • Upon receiving POST, website generates a temporary, single use web_login_key and persists it to web_login_key web store on central backbone
  • Website redirects to the continuation url provided, and appending web_login_key as a query argument at the end
  • Viewer catches or launches and uses user name and web_login_key to send to login.cgi using Current_login_protocols(in the future LLSD)
  • login.cgi checks session id and allows the user in


Additional Note:

  • The public login forms on secondlife send a SLurl like, secondlife:///app/login?first_name=firstname&last_name=lastname&location=location&grid=Agni&web_login_key=LLUUID
  • the viewer sends the same address but encapsulates it in an about:blank page parameter - about:blank?redirect-http-hack=secondlife:///app/login?first_name=firstname&last_name=lastname&location=location&grid=Agni&web_login_key=LLUUID


Additional info:

  • Logging into a custom/internal grid appears to require two secondlife.exe parameters;
    • -loginpage <URL>, the login page displayed to the client
    • -loginuri <URI>, the address that the client should look for the login.cgi

See also

Login Protocol - general summary of login protocols

Viewer_Authentication_Form_Example - Example Login form geared for the Viewer