CD-Key

#1 You need to code your own "authentication server". Either as stand alone, or extend the master server

Basically (and simplified explaination) you need to create a secure/encrypted tcp connection to the auth server from the game client, verify/register the cd-key, and store some info on username, password, cdkey etc in a database for later verification.

In your client you then got to have some "blocking" mechanism if the key is invalid. Also code this into the game servers, so clients cannot cheat/hack their own code.

The latter might be best done by creating a "session" for users who recently verified their cdkey (when logging in). Simply register their "unique id" as "valid". Game servers can then verify that a user has a valid session.

So you will need to code:

(On the auth server)
add/edit/modify user info
register cdkey
verify cdkey
create session
automated cleanup of "old sessions"

(On the game client)
a few gui screens for registering cdkey+changing own info
mechanism to verify cdkey
mechanism to block if invalid cdkey
secure tcp connections

(On game servers)
Check session for users trying to login to a game


Something like the above would give you the needed functionality. Do I have to say that its very improtant to protect your asses all the way regarding CD keys?

There are also commercial authentication services that handle everything for you on the auth server side.

#2 Remember GarageGames have their ignition system that serves a similar purpose if you're aiming to publish here.

#3 What I would suggest doing with the PBMS, is extending it to send a packet on demand containing the ports/addresses of the authentication servers (and whatever other servers you want). Then your game talks to the master server to get the authentification server information, and gets whatever tokens, etc. it needs from that.

Of course, ignition does something similar, and for a fee, so will I. ;)

(ps - I got your mail about using vc6, and I'll reply ASAP)