Limiting access through Hypergrid

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Limiting access through Hypergrid

Per Mint
Hello,
 
I would like to limit access to my educational grid using HyperGrid. I'd like my students and professors only be able to visit specific outside worlds and regions while forbidding any external user from accessing my grid.
 
From what I understand so far, I would need to :
  • authorize access to user, inventory, assets and the like services to external computers (for our students to go in specific outside worlds)
  • and make the gatekeeper unavailable to external computers (to avoid external access of foreign users)
Thanks a lot for your help,
PMint.

_______________________________________________
Opensim-users mailing list
[hidden email]
https://lists.berlios.de/mailman/listinfo/opensim-users
Reply | Threaded
Open this post in threaded view
|

Re: Limiting access through Hypergrid

Per Mint
I just see that there is a AllowTeleportsToAnyRegion parameter in the [GatekeeperService] section of Robust.HG.ini, but it says that if we put that to false, it will redirect incoming links to the default region specified in [GridService] section. Also, will HypergridLinker parameter do the job in the [GridService] section ?

Is there a way to avoid linking to the default region, and more generally, to avoid linking to any region of the world ?

Thanks a lot !
PMint


_______________________________________________
Opensim-users mailing list
[hidden email]
https://lists.berlios.de/mailman/listinfo/opensim-users
Reply | Threaded
Open this post in threaded view
|

Re: Limiting access through Hypergrid

Diva Canto
In reply to this post by Per Mint
[This is more appropriate for the -dev list]

WRT your first point: No. Leave your existing grid services alone and protected.
The Hypergrid is made of a number of *additional* services to those that a grid has. It's those services that you need to focus on.
For the most part, they exist in the DLL OpenSim.Services.Hypergrid.dll, so that's what you want to look at. In the standard configurations, they are installed in the port outside the firewall.  Note that these are different services from the internal ones, different names, different implementations, with a lot more security.

WRT your second point: Again, no. If you don't have a Gatekeeper, your users who go out won't be able to come home.

If you want to do those restrictions right now, you'll need to change the code yourself.
If you can wait a couple of months, we are working on supporting those kinds of requirements in a generic manner.
In the master dev code, there are already some provisions for filtering who can go out (and come back) using the UserLevel field of user accounts. But a lot more is coming.

On 4/2/2012 8:51 AM, Per Mint wrote:
Hello,
 
I would like to limit access to my educational grid using HyperGrid. I'd like my students and professors only be able to visit specific outside worlds and regions while forbidding any external user from accessing my grid.
 
From what I understand so far, I would need to :
  • authorize access to user, inventory, assets and the like services to external computers (for our students to go in specific outside worlds)
  • and make the gatekeeper unavailable to external computers (to avoid external access of foreign users)
Thanks a lot for your help,
PMint.


_______________________________________________
Opensim-users mailing list
[hidden email]
https://lists.berlios.de/mailman/listinfo/opensim-users


_______________________________________________
Opensim-users mailing list
[hidden email]
https://lists.berlios.de/mailman/listinfo/opensim-users
Reply | Threaded
Open this post in threaded view
|

Re: Limiting access through Hypergrid

Per Mint
Hi Diva,
 
thanks for your answer, and sorry for posting here.
 
So if I understand, I cannot implement what I described until it comes out in about 2 months right ?
I will have a look on the code. Is that a lot of changes to make in an 0.7.2 or 0.7.3 version ?
 
Thanks a lot !
PMint.

_______________________________________________
Opensim-users mailing list
[hidden email]
https://lists.berlios.de/mailman/listinfo/opensim-users
Reply | Threaded
Open this post in threaded view
|

Re: Limiting access through Hypergrid

Karen Palen
In reply to this post by Per Mint
Just a though, but have you looked at setting up a firewall to do that?

There are some very sophisticated firewalls available both incoming and outgoing.

Each region has a specific port number and if that port number and/or URL is blocked then no hypergrid connection is possible.


Karen

On 04/02/2012 08:51 AM, Per Mint wrote:
Hello,
 
I would like to limit access to my educational grid using HyperGrid. I'd like my students and professors only be able to visit specific outside worlds and regions while forbidding any external user from accessing my grid.
 
From what I understand so far, I would need to :
  • authorize access to user, inventory, assets and the like services to external computers (for our students to go in specific outside worlds)
  • and make the gatekeeper unavailable to external computers (to avoid external access of foreign users)
Thanks a lot for your help,
PMint.
_______________________________________________ Opensim-users mailing list [hidden email] https://lists.berlios.de/mailman/listinfo/opensim-users

_______________________________________________
Opensim-users mailing list
[hidden email]
https://lists.berlios.de/mailman/listinfo/opensim-users
Reply | Threaded
Open this post in threaded view
|

Re: Limiting access through Hypergrid

Diva Canto
In reply to this post by Per Mint
I wrote a blog post explaining what's in the works:
http://metaverseink.com/blog/?p=299

On 4/2/2012 9:48 AM, Per Mint wrote:
Hi Diva,
 
thanks for your answer, and sorry for posting here.
 
So if I understand, I cannot implement what I described until it comes out in about 2 months right ?
I will have a look on the code. Is that a lot of changes to make in an 0.7.2 or 0.7.3 version ?
 
Thanks a lot !
PMint.


_______________________________________________
Opensim-users mailing list
[hidden email]
https://lists.berlios.de/mailman/listinfo/opensim-users


_______________________________________________
Opensim-users mailing list
[hidden email]
https://lists.berlios.de/mailman/listinfo/opensim-users
Reply | Threaded
Open this post in threaded view
|

Re: Limiting access through Hypergrid

Per Mint
@Karen, yes I tried forbidding access to region UDP ports but it may be a problem to get back home, although this is not really secure I think.
 
@Diva, thanks a lot ! I'm looking forward to this !
 
Best,
PMint.

_______________________________________________
Opensim-users mailing list
[hidden email]
https://lists.berlios.de/mailman/listinfo/opensim-users