Authentication error - OperationResponse 230: Return code: -2

Hi everyone,

I am new to self hosted server and I encountered this error when I tried to host a server on my local machine. If I set the port number in the PhotonServerSettings into 5058, it returns this error. If I set the port number in the PhotonServerSettings into 5055, it's connected but the PhotonNetwork.LocalPlayer.UserId is empty even I already set it in the authentication values before connecting. What did I do wrong? Please help me!

Best,

Best Answer

  • JohnTube
    JohnTube ✭✭✭✭✭
    edited November 2021 Answer ✓

    Hi @mixedrealm,

    No you do not need to configure custom authentication (this is also equivalent of anonymous auth w/o any auth provider configured).

    You can simply set the UserId before connecting from the client (as I think you already do).

    Currently in PhotonServerSettings I have UserNameServer unchecked and port 5055.

    In this case, you are connecting directly to the MasterServer and skipping NameServer altogther, I suspect this is what's causing the UserId to remain null as not returned by server (you could try joining a room and leaving it, then check UserId again). So please connect to NameServer first (5058; UseNameServer) that's what we recommend.

    Besides:

    OperationResponse 230: ReturnCode: -2 (Missing value 210 (AuthenticateRequest.Region)). Parameters: {} Server: MasterServer Address: 127.0.0.1:5055

    Please add SupportLogger and post logs. We want to understand how to reproduce this exact error.

    Please post your exact client code and try to reproduce with default server SDK (unmodified).

Answers

  • JohnTube
    JohnTube ✭✭✭✭✭

    Hi @mixedrealm,

    Thank you for choosing Photon!

    Which Photon Server SDK version are you using? v5 RC1?

    What is the full error message?

    How did you configure custom authentication? in which file / for which server NameServer (5058) or MasterServer (5055)?

    Are you setting a FixedRegion in PhotonServerSettings?

  • mixedrealm
    edited November 2021

    Hi,

    I'm using Photon Server v5.0.12.24499 and I'm not setting a fixed region in PhotonServerSettings. Here is the full error message:

    OperationResponse 230: ReturnCode: -2 (Missing value 210 (AuthenticateRequest.Region)). Parameters: {} Server: MasterServer Address: 127.0.0.1:5055

    It looks like I must use the port number of MasterServer (not the NameServer) configured in the PhotonServer.config file right? But even it's connected using port 5055, I still get an empty PhotonNetwork.LocalPlayer.UserId no matter how I set it before. After that, if I join a room then leave, I will receive a connected message and this time the PhotonNetwork.LocalPlayer.UserId is set. Could you explain me why is this happening? Thank you.

  • JohnTube
    JohnTube ✭✭✭✭✭

    Hi @mixedrealm,

    Please follow our recommended steps as shown in docs:

    - connect PUN2 to v5 server

    - configure custom auth on NameServer

    Not sure how you set AuthValues in PUN2 before you call ConnectUsingSettings.

  • Hi @JohnTube,

    Before calling ConnectUsingSettings, I set the AuthType to None for anonymous login, and set the UserId to my unique deviceId. Is there anything wrong that I did?

  • JohnTube
    JohnTube ✭✭✭✭✭
    edited November 2021

    Hi @mixedrealm,

    Before calling ConnectUsingSettings, I set the AuthType to None for anonymous login, and set the UserId to my unique deviceId. Is there anything wrong that I did?

    No it's fine.

    ---

    Please make sure that if you do configure custom authentication do it in "deploy\NameServer\bin\NameServer.xml.config".

    Also make sure in PhotonServerSettings you have UseNameServer checked and port 5058.

    Also make sure you have at least one region in "deploy\Nameserver.json".

    ---

    Otherwise please share with us minimal repro steps.

    Client code + server config.

    Can you repro with default SDK setup?

  • Hi @JohnTube,

    Do I need to configure custom authentication for anonymous login? If yes, could you explain how do I do it?

    I edited the ip address in deploy\Nameserver.json to my remote server instance ip address. I also replaced the default ip addresses in deploy\LoadBalancing\GameServer\bin\GameServer.xml.config by my own one.

    Currently in PhotonServerSettings I have UserNameServer unchecked and port 5055. I'm so sorry for this inconvenience because my Internet connection is very bad now and I cannot upload anything.

  • JohnTube
    JohnTube ✭✭✭✭✭
    edited November 2021 Answer ✓

    Hi @mixedrealm,

    No you do not need to configure custom authentication (this is also equivalent of anonymous auth w/o any auth provider configured).

    You can simply set the UserId before connecting from the client (as I think you already do).

    Currently in PhotonServerSettings I have UserNameServer unchecked and port 5055.

    In this case, you are connecting directly to the MasterServer and skipping NameServer altogther, I suspect this is what's causing the UserId to remain null as not returned by server (you could try joining a room and leaving it, then check UserId again). So please connect to NameServer first (5058; UseNameServer) that's what we recommend.

    Besides:

    OperationResponse 230: ReturnCode: -2 (Missing value 210 (AuthenticateRequest.Region)). Parameters: {} Server: MasterServer Address: 127.0.0.1:5055

    Please add SupportLogger and post logs. We want to understand how to reproduce this exact error.

    Please post your exact client code and try to reproduce with default server SDK (unmodified).

  • Hi @JohnTube,

    Thank you very much! I did connect to the NameServer first as you recommended and it solved my problem. For the error of the OperationResonse 230, I found that I configured Photon Server incorrectly, I fixed it and it works now.

    Thanks for your support.

    Best,

  • JohnTube
    JohnTube ✭✭✭✭✭

    Hi @mixedrealm,

    So you left region name string empty or node without name? Is that it ?

  • Hi @JohnTube,

    Yeah I'm keeping the default value of the region name. But I configured a wrong IP address. Btw, can I replace the region name string by any value that I want?

  • JohnTube
    JohnTube ✭✭✭✭✭

    yes of course you can replace with a custom string. You define the nodes / regions there.

  • yeah thank you for your support. It does help me a lot!

  • FlorianKern
    edited November 2021

    I am also working on the same problem and found out that you can skip the NameServer authentication by directly using the IP address and port 5055. This should not be possible. Does anyone know how to reject a direct connection to the GameServer if you are not authenticated? 

  • JohnTube
    JohnTube ✭✭✭✭✭

    Hi @FlorianKern,

    Thank you for choosing Photon!

    First of all you can't connect to GameServer without authentication.

    Any server requires authentication.

    The first server to connect to can accept the initial authentication based on (optional) credentials the client sends, then the server returns an authentication token that will be used and exchanged with other servers automatically. This token can be refreshed when joined to rooms or when exchanging servers.

    5055 is for MasterServer, 5058 for NameServer and 5056 for GameServer. (UDP, by default)

    MasterServer can accept initial authentication like in v4, almost same basic features as NameServer.

    In v5 NameServer has more built-in authentication providers (Facebook, Stream, Oculus and VIVE)

    So yes NameServer is optional but you can't disable direct initial authentication on MasterServer and force clients to always use NameServer and not bypass it. This feature is still Cloud only and not possible in the server SDK.

  • FlorianKern
    edited November 2021


    Hi @JohnTube, thank you for your quick reply! How can I add this authentication feature to the MasterServer to authenticate the clients with username and password? At the moment I am able to connect to the MasterServer (port 5055) without any authentication. We use Photon Server SDK v5.

  • hi, @FlorianKern

    we are recommending to use NameServer. Once it is used you get token on client and use this token for authentication on Master. Once you created or joined game you get another token to authenticate on GS. GS makes sure that token that client has is updated during long game sessions.

    in order to allow only token auth on Master you have have to check MasterClientPeer.HandleAuthenticate method. Around line 286 it has check:

    if (authenticateRequest.IsTokenAuthUsed)
    

    this code works in case of token auth. everything else should return error response to client. Similar on GS

    best,

    ilay

  • JohnTube
    JohnTube ✭✭✭✭✭
    edited November 2021

    Hi @FlorianKern,

    I also wanted to add that you could configure (custom) authentication similarly in both places:

    • NameServer: "deploy\bin\NameServer\NameServer.xml.config"
    • MasterServer: "deploy\bin\LoadBalancing\Master\Master.xml.config"

    This way users who try to connect to MasterServer directly need to authenticate as well.

    Or you can do as my colleague @chvetsov recommended: make it impossible for clients to connect directly to MasterServer initially without receiving an authentication token from NameServer first. This mean that you need to modify, build and deploy server code.

  • Great advice, thank you very much. For now, we would prefer a solution without compiling the server code.

  • Thank you also for this advice, we will try this right away. This is the behavior we are looking for.