Diva Canto wrote:
[...]
Seriously, the right way of writing the viewer would be for it to accept
capabilities for all of its functions, and default to UDP to the region
if no CAP URL is set. Those 400+ messages of the Client-Server protocol
should simply be handles for capability-like
: [Opensim-dev] Authentication, take 2: Capabilities
It sounds complex, and also sounds like something that would
overcomplicate scenarios where there _is_ trust. It would be great
for a untrusted grid scenario, but how would a trusted grid
scenario (e.g. walled garden) be built to be more
Sigh. I thought I'd poke at the release candidate of the viewer to see
what's coming wrt CAPs. Either they changed the names of the messages,
or they removed the FetchInventoryDescendents CAP altogether. Now I'm mad.
___
Opensim-dev mailing list
[Warning: long and heavy-duty stuff here]
So, I just had an insight this morning as I woke up. We've scratched our
heads about this fuzzy black-box component called the viewer, and how
horrible it is for open systems because it assumes the regions proxy all
the security-critical data etc etc.
Justin Clark-Casey wrote:
Another critical example: inventory. The CAP URL for this should be
pointing directly to the Inventory server, not to the regions. I
understand that inventory over CAPs had some issues in the past. I just
fiddled with it this morning, and it's working -- I'm sure
Here's the thing: the CAPs giver can define whatever it wants as CAPs
providers. So I think what we have currently is a subset of what I'm
saying below. Specifically, the CAPs giver can delegate CAPs to trusted
regions.
But obviously, we need to think more about this. My main goal here is to
Melanie wrote:
Linden turned it off because it's broken in the client. So, we can
try to use it but will hit the same wall, since the client was never
fixed.
Melanie: are you 100% sure about this? This, of course, is critical. The
whole point of my thinking was to access inventory over
That is what was said. Linden reverted the inventory protocol to UDP
on their servers because of an issue in the viewer that was so
fundamental that it was decided to not be worth fixing.
Whether this is true, I don't know. but it was said.
Melanie
Diva Canto wrote:
Melanie wrote:
Linden
: Donnerstag, 26. Februar 2009 22:10
An: opensim-dev@lists.berlios.de
Betreff: Re: [Opensim-dev] Authentication, take 2: Capabilities
That is what was said. Linden reverted the inventory protocol to UDP
on their servers because of an issue in the viewer that was so
fundamental
Betreff: Re: [Opensim-dev] Authentication, take 2: Capabilities
I don't subscribe to that mailing list. Can someone please do that?
I've been searching on Google, and I found a meeting with Mark where he clearly
says that inventory access has swicthed to caps:
http://wiki.secondlife.com/wiki
...@lists.berlios.de
[mailto:opensim-dev-boun...@lists.berlios.de] *Im Auftrag von *Diva Canto
*Gesendet:* Donnerstag, 26. Februar 2009 22:24
*An:* opensim-dev@lists.berlios.de
*Betreff:* Re: [Opensim-dev] Authentication, take 2: Capabilities
I don't subscribe to that mailing list. Can someone
Done.
Von: opensim-dev-boun...@lists.berlios.de
[mailto:opensim-dev-boun...@lists.berlios.de] Im Auftrag von Diva Canto
Gesendet: Donnerstag, 26. Februar 2009 22:32
An: opensim-dev@lists.berlios.de
Betreff: Re: [Opensim-dev] Authentication, take 2: Capabilities
Yes, something like
After more poking at the viewer, here's what I found.
FetchInventoryDescendents seems to be working consistently over CAPs, in
fact better than over UDP. When the agent logs in, the client always
invokes that CAP, unlike the message over UDP which only seems to come
after a clear cache. That
Well, if FetchInventoryDescendents works better over CAPS, then we
can try using that. Now, that would serve another purpose beyond
your intended trust issue:
Currently, inventory is fetched by the region en-bloc, rather than
being fetched only on demand. There isn't even a function to fetch a
14 matches
Mail list logo
