[sldev] Viewer Auth Update

sabin at lindenlab.com sabin at lindenlab.com
Thu Oct 11 16:31:05 PDT 2007


Hello again, SLDev!  Here's a quick update on Viewer Authentication.

We're putting the finishing touches on the viewer's login page and pushing
through QA, this way logging in through the website will be optional.

As a response to your concerns about cookies, we've made sure that cookies
alone will not log you into Second Life.  If a cookie keeps you logged in
on the website, you will still need to re-authenticate in order to log
into SL.  Assuming you want to log in via the website: If you are not
already logged in on the website, you can still launch SL from a specific
launch page.  If you are logged in on the website, you will still have to
type your password to log in.  This breaks the idea of "persistence" that
was stated in the original Viewer Auth wiki page, but that wasn't a major
reason for Viewer Authentication anyway.

Another concern we heard was that introducing HTML forms into the login
process would disrupt the bot login process.  In the near term, the old
xml-rpc username and password login process will continue to work.  This
will mean we will have three different methods of authenticating, but
eventually it would be nice to deprecate some of these and come up with a
more sensible API.  Perhaps this is something the Architecture Working
Group could do.

On that note, Zero's office hours (which the AWG regularly attends) will
be held at Grasmere (163, 111, 27) on Tuesday the 16th at 1pm at which
point we will be answering any questions you have left about Viewer
Authentication.  Thanks!



More information about the SLDev mailing list