--- loncom/auth/lonacc.pm	1999/10/13 17:48:52	1.1
+++ loncom/auth/lonacc.pm	2000/06/05 20:28:17	1.6
@@ -1,11 +1,14 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
-# 5/21/99,5/22,5/29,5/31,6/15 Gerd Kortemeyer
+# 5/21/99,5/22,5/29,5/31,6/15,16/11,22/11,
+# 01/06,01/13,05/31,06/01 Gerd Kortemeyer
 
 package Apache::lonacc;
 
 use strict;
-use Apache::Constants qw(:common);
+use Apache::Constants qw(:common :http);
+use Apache::File;
+use Apache::lonnet;
 use CGI::Cookie();
 
 sub handler {
@@ -19,25 +22,59 @@ sub handler {
         $handle=~s/\W//g;
         my $lonidsdir=$r->dir_config('lonIDsDir');
         if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
-           return OK; 
+
+# ------------------------------------------- Transfer profile into environment
+
+            my @profile;
+	    {
+             my $idf=Apache::File->new("$lonidsdir/$handle.id");
+             @profile=<$idf>;
+	    }
+            my $envi;
+            for ($envi=0;$envi<=$#profile;$envi++) {
+		chomp($profile[$envi]);
+		my ($envname,$envvalue)=split(/=/,$profile[$envi]);
+                $r->subprocess_env("$envname" => "$envvalue");
+                $ENV{$envname}=$envvalue;
+            }
+            $r->subprocess_env("user.environment" => "$lonidsdir/$handle.id",
+                               "request.state"    => "published",
+                               "request.filename" => $r->filename);
+
+# -------------------------------------------------------- Load POST parameters
+
+            my $buffer;
+
+            $r->read($buffer,$r->header_in('Content-length'));
+            my @pairs=split(/&/,$buffer);
+            my $pair;
+            foreach $pair (@pairs) {
+               my ($name,$value) = split(/=/,$pair);
+               $value =~ tr/+/ /;
+               $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
+               $r->subprocess_env("form.$name" => $value);
+            }
+
+
+# ---------------------------------------------------------------- Check access
+
+            if ($requrl!~/^\/adm\//) {
+               if (&Apache::lonnet::allowed('bre',$requrl) eq '') {
+		  $ENV{'user.error.msg'}="$requrl:bre:1:1:Access denied";
+                  return HTTP_NOT_ACCEPTABLE; 
+               }
+            } 
+            return OK; 
         } else { 
-           $r->log_reason("Cookie $handle not valid", $r->filename) 
+            $r->log_reason("Cookie $handle not valid", $r->filename) 
         };
     }
-    $cookie=CGI::Cookie->new(-name  => 'lonURL',
-                             -value => $requrl, 
-                             -path  => '/');
-    $r->err_headers_out->add('Set-Cookie' => $cookie);
+
+# ----------------------------------------------- Store where they wanted to go
+
+    $ENV{'request.firsturl'}=$requrl;
     return FORBIDDEN;
 }
 
 1;
 __END__
-
-
-
-
-
-
-
-