Force Plugin for All Rooms

Options
JPGOrdon
JPGOrdon
edited October 2020 in Photon Server
My goal is to circumvent Photon-authentication by having my custom plugin authenticate players independently. Because I need the game server to authenticate all connected players, it seems like a breach of security to require players to specify my specific plugin for authentication to work. In other words: is there a way I can guarantee that my plugins instance will be created, even when the player does not specify my plugin for their room?

Comments

  • JPGOrdon
    JPGOrdon
    Options
    I have a part-answer. According to the docs, the plugin factory decides what plugin to load. The docs also state that the class is expected to be built with the plugins assembly.

    If each plugin is expected to have a plugin factory, in a multiple-plugin setup, which factory determines the creation of the plugin? Even if the factory forwards the construction of each plugin to its designated plugin factory, I don't understand which factory would be used.

    I believe I am not understanding something correctly.
  • JohnTube
    JohnTube ✭✭✭✭✭
    Options
    Hi @JPGOrdon,

    I have moved this discussion to the Photon Server category as it's more appropriate.

    User authentication happens on a different server: it happens on the Name Server (and could also happen on the Master Server).
    On the Game Server, "where plugins live", connected users are already authenticated and use the authentication token generated by the authentication server (Name Server or Master Server).

    So not sure what is wrong with Photon authentication to make you want to circumvent it?
    And why do you need to add extra authentication on the Game Server level?
    And I don't see the "breach of security" you refer to?
    Do you mean that client can specify the authentication provider they want to use?
    Well after all they can use only those you configure server side.
    And you can disable "anonymous authentication".
    And for each provider you need some credentials.

    Now regarding plugins:

    Per application you can have a single plugin assembly configured at a time.
    So when you change configuration and the updates are propagated and applied all new clients will use the newly configured plugin. The old configured plugin assembly will be unloaded once all rooms using it will be disposed of.

    The plugin factory is called once per plugin assembly, when the latter is loaded.
    Inside the plugin factory you decide which plugin(s) (or plugin class(es)) are allowed, either one or more.
    So you have total control: you can always force the plugin no matter what the client requests in create room operation or check what the client sends and if it's unexpected you can detect that.

    So I understand that the confusion could be happening from naming or from "plugins assembly" vs." plugin class"...So you have one DLL (assembly) and one factory but multiple plugin classes (you can still have a single plugin inside assembly).
  • JPGOrdon
    JPGOrdon
    edited October 2020
    Options
    @JohnTube Thank you for explaining that only a single plugin assembly is loaded at a time, I was expecting a different approach.

    I was having issues with the client-side authentication response and I decided to forego it entirely for a Plugin that does the same thing when a player joins. When I was testing custom authentication, the client would only be authenticated once connected to the game server. Perhaps I wrongly setup the authentication provider settings, and got this abnormal behavior where the game server authenticates?

Cookies,
anyone?

We use cookies and related technologies to enhance your experience, show you personalised content and analyze performance and traffic on our website. By clicking on the „Accept All“ button you consent to the use of non-functional cookies and the subsequent processing of personal data to optimize our website and services as described in more detail in our Privacy and Cookie Policy.

By clicking on the „Customize or Deny all“ button you can decide otherwise. Clicking on the „Customize“ button will take you to a page where you can configure the usage of non-functional cookies (and related technologies) or deny all of them. You can access these settings at any time and also subsequently deselect cookies at any time in the footer area of our website.

ACCEPT ALL

Cookie Overview

We use the following categories of cookies and related technologies to enhance your experience, show you personalized content, and analyze performance and traffic on our website. We respect your right to privacy and accordingly you can chose to not allow some types of cookies (and related technologies). Click on the different category sliders and change our default settings to manage your cookie settings.

For more information on the specific cookies/related technologies we use and on how we use these, please see section 15 E. of our Privacy and Cookie Policy.

ABSOLUTELY NECESSARY

Authentication cookies we use are required to run our services … Cookies are required: Link

FUNCTIONAL AND MARKETING COOKIES

These cookies collect anonymous data and allow us to optimize our website and user experience. These cookies are listed here:

ANALYTICS

Help us to understand how visitors interact with our services, enables us to analyze and improve our services (also through third party analytics).