--- loncom/auth/checkauthen.pm	2006/08/30 21:35:08	1.6
+++ loncom/auth/checkauthen.pm	2007/04/11 21:36:58	1.11
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # checks for a cokkie to authenticate a user
 #
-# $Id: checkauthen.pm,v 1.6 2006/08/30 21:35:08 albertel Exp $
+# $Id: checkauthen.pm,v 1.11 2007/04/11 21:36:58 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -36,7 +36,11 @@ use Apache::lonnet;
 sub handler {
     my ($r) = @_;
 
-    if ($r->auth_type() eq 'Basic') {
+    if (&Apache::lonnet::is_domainimage($r->uri)) {
+        return OK;
+    }
+
+    if ($r->auth_type() ne 'LONCAPA') {
 	return DECLINED;
     }
     my $fail = FORBIDDEN; 
@@ -59,15 +63,18 @@ sub handler {
 
     my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
     my $lonid=$cookies{'lonID'};
-    my $cookie;
+    my $handle;
     if ($lonid) {
-	my $handle=$lonid->value;
-        $handle=~s/\W//g;
-        my $lonidsdir=$r->dir_config('lonIDsDir');
-        if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {    
-	    return OK;
-	}
+      	$handle=&LONCAPA::clean_handle($lonid->value);
+        $handle = $r->dir_config('lonIDsDir')."/$handle.id";
+    } else {
+        $handle = $env{'user.environment'};
     }
+
+    if (($handle ne '') && (-e $handle)) {
+        return OK;
+    }
+
     return $fail;
 }