Advanced Simulator Authority
Last updated
Was this helpful?
SDK 1.7 Preview
Last updated
Was this helpful?
Some games require enhanced security against cheating or player griefing. This is done by giving different authoritative privileges only to .
In the Project Settings section of the under Advanced Authority Config, you can select which Host Authority features are enabled for rooms and worlds separately, under Rooms Host Authority and Worlds Host Authority.
In the coherence , under Local Replication Server, you can select which Host Authority features are enabled for locally run Replication Server world. Or in case you are manually launching the Replication Server from the CLI then the --host-authority-features parameter should be passed into the command where each features' value is added to the passed in value.
Eg:
replication-server worlds --host-authority-features=7
Where the values of the features are:
Create Entities = 1
Validate Connections = 2
To select which Host Authority features are enabled for locally run room, you need to set SelfHostedRoomCreationOptions.HostAuthority at room creation time.
The HostAuthority.CreateEntities feature is used to only allow simulators to create entities. Once created, these entities can have their state authority transferred and the lifetime managed by non-simulators, but no client is allowed to create entities when this restriction is active.
The HostAuthority.ValidateConnection feature is used to restrict who can connect to the world or a room. Enabling this feature, on every connection attempt from a client, the connected simulator will receive a validation request, and only if the simulator responds with the accepted validation response will the connection be allowed.
To handle the connection validation requests, the simulator has to subscribe to the CoherenceBridge.onValidateConnectionRequest event and invoke the given respond delegate with the validation result:
If the simulator rejects the connection, the client will receive a connection denied error with the ConnectionCloseReason.ConnectionRejectedByHost.
Before initiating the connection, the user can set an optional custom user payload which will be sent to the simulator for validation. The payload is of type byte[], and contain a token, any other content or can even be null. To send the payload for validation, you must set it before initiating the connection:
A simulator can forcefully disconnect other clients by kicking them. When kicking the client, the simulator can also send an optional user payload of type byte[] which will be sent to the kicked client, together with the ConnectionCloseReason.KickedByHost.
By default, all CoherenceSyncs have set to Steal. This means that malicious players could steal the authority of any entity and break the game.
Instead of manually changing the AuthorityTransferType on every new CoherenceSync, you can change the default value of it in the coherence .
By default, when are active, the will automatically create a global query entity on behalf of the client. If the client is not authorized to create entities then this results in an error on the Replication Server indicating that an entity creation was rejected. To avoid these error logs, the auto creation of the global query can be disabled in the Coherence Bridge configuration:
A global query can be created manually as part of a prefab by using the component. This prefab can then be transferred to other clients from the simulator to give those clients access to the global client connections.
