Revision: 442 http://skycastle.svn.sourceforge.net/skycastle/?rev=442&view=rev Author: zzorn Date: 2008-04-05 13:01:46 -0700 (Sat, 05 Apr 2008) Log Message: ----------- Implemented checking of modification messages, they should always be specified as sent from the client account object. The server core starts to be complete, the next step for it is to implement the account game object in more detail. Modified Paths: -------------- trunk/skycastle/modules/server/src/main/java/org/skycastle/server/SkycastleClientSessionHandler.java Modified: trunk/skycastle/modules/server/src/main/java/org/skycastle/server/SkycastleClientSessionHandler.java =================================================================== --- trunk/skycastle/modules/server/src/main/java/org/skycastle/server/SkycastleClientSessionHandler.java 2008-04-05 19:04:43 UTC (rev 441) +++ trunk/skycastle/modules/server/src/main/java/org/skycastle/server/SkycastleClientSessionHandler.java 2008-04-05 20:01:46 UTC (rev 442) @@ -42,6 +42,7 @@ @SuppressWarnings( { "NonSerializableFieldInSerializableClass" } ) private GameObjectReference myClientAccountReference; + private GameObjectId myClientAccountId; //====================================================================== // Private Constants @@ -149,7 +150,12 @@ // Decode incoming message final Message message = myProtocolNegotiator.getProtocol().decode( byteMessage ); - // TODO: Set the messages sender and such so that the client is not claiming to be someone else... + // Check the message sender id so that the client is not claiming to be someone else. + if ( !myClientAccountId.equals( message.getSenderId() ) ) + { + throw new ProtocolException( "The client claimed to have the ID '" + message.getSenderId() + + "', while in reality the ID of the client account was '" + myClientAccountId + "'." ); + } if ( message instanceof ModificationMessage ) @@ -239,6 +245,8 @@ // Store created account for future access dataManager.setBinding( bindingName, clientAccount ); + + myClientAccountId = clientAccount.getId(); } return clientAccount; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.