[Question]Interaction between servers

[matheus2984]

how the authentication server communicates with the game server in conquer?

[pro4never]

You mean the official server or pserver a? There are tons of ways you could do it including a shared database, networked messaging system between machines or local system communication such as named pipes

I would assume it's just validating in database and then the game server checks the db for connection validity when you connect to it. Fairly simple to secure something like that

[KraHen]

Experience tells me to use network messages instead of pipes, you think you want them always on the same machine but you really don't.

As far as databases go, there are plenty of ways to manage a distributed system, try to think of the lowest common denominator and make that your master cluster (or just opt for the loadbalancer, but it's really not needed for CO), and make that communicate with the rest of the slaves.

[matheus2984]

the question is how the game server knows that a client is the X user?

[pro4never]

Quote:

Originally Posted by matheus2984

the question is how the game server knows that a client is the X user?

I'm sorry but this is all really, really basic stuff that should be pretty easy to understand by reading through any basic source (even if those sources don't use cross-server authentication).


When you connect to the authentication server, your client sends servername, username and password for your login request.

The authentication server validates this info and if you are able to log into the given server. It then sends one or two authentication keys to the client depending on the version and the ip/port to connect to for the game server.

At this point the authenticaiton server can pass that info to the game server through the database (EG: Player with ID 123 is validated using the token 321 and the IP of 127.0.0.1 for the next 30 seconds on server ID 1), through network communication, through inter-process communication or any other option desired by the person writing the server (honestly DB seems like the easiest to implement and secure off the top of my head and scales well)

When the client connects to the game server, ti sends the token the auth server gave it saying "hey, here's my token, I'm supposed to be able to log in) and the game server validates that token, completes the login process and logs them into their character.



It's true that most pservers simply reply using the account ID but a key value can easily be done and the same is true for IP validation to prevent possible authentication hijacking (if you use a static key for each account, I could sniff your account ID and then spam authenticaiton requests with your ID and steal your login... VERY bad practice). by using a randomized key per login attempt you remove the possibility to intentionally hijack a specific connection attempt and by using a public/private key setup, an IP value or through careful login attempt tracking you can further secure the process (EG: after 3-5 failed game server authentication attempts it could filter the IP entirely). it goes without saying but your inter-server database connections should also be strongly secured using IP white listing, strong passwords, no public facing connections, very limited permissions, etc. There's no reason for an external connection (even a trusted one) to be messing with character/account data, that should all be done locally on the same machine. Design your database with that in mind.

[matheus2984]

Thank Pro4ever. In fact I already had a good grasp of the operation, which really wanted was the topic addressed on hijack, ty