Authentication Flow
Revision as of 18:30, 4 December 2007 by Rob Linden (talk | contribs) (Request to merge with Current login protocols)
It has been proposed that this page or section be merged with Current login protocol. (Discuss) |
Protocol Step-by-step
Step 1
Viewer(client)--------->User Server
- Secure Message checksum request - Protocol Level Supported? Yes/No.
- Port 12036
Step 2
Viewer -----------> Login Server
- XML-RPC Func call - over HTTPS. to login. (Blocking) [[1][Login Info from libsecondlife]
- Mostly a web server (Apache) that talks to a SQL DB. Gets user info from DB (home. etc.) gets the info about which sim to connect to (IP address etc.) and drops the connection.
- First name, last name, MD5(password), viewer version, requested location
Step 3
Login Server ------> Database
Checks actual database for authentication credentials
Step 4
Login Server------> SIM in the Grid
- Login server decides which SIM to send the viewer to. talks to Grid
- Requests session start
Grid (of Simulators):
- inbound UDP port (for comm. with Viewer) 12035, 13000-13050
Step 5
SIM ----> Login server (response)
- Verification that user is allowed on the SIM
Step 6
Login server ------> Viewer (response)
- Information returned: agent id, session id, secure session id, sim ip, sim port, global location, some inventory info.
- Most IDs are UUIDs (agent id, session id, and secure session id, for example)
- Agent ID == User ID Unique and Persistent.
Step 7
Viewer -------> Simulator (on Grid) Handshake
- Viewer sends user id and session id
Step 8
Viewer -------> User server User server handshake
- Sent for presence information so Group IM works
- Confers group rights to user
- User server verifies the SIM session info via DB Presence-Agent table.(initially committed by the Login Server at the time of Sim-LoginSERVER negotiation) Step p3