--- loncom/auth/lonacc.pm	2005/07/05 21:30:14	1.66
+++ loncom/auth/lonacc.pm	2005/11/29 21:12:03	1.70
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
 #
-# $Id: lonacc.pm,v 1.66 2005/07/05 21:30:14 albertel Exp $
+# $Id: lonacc.pm,v 1.70 2005/11/29 21:12:03 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -44,10 +44,31 @@ sub handler {
     my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
     my $lonid=$cookies{'lonID'};
     my $cookie;
+    my $lonidsdir=$r->dir_config('lonIDsDir');
+
+    my $handle;
     if ($lonid) {
-	my $handle=$lonid->value;
+	$handle=$lonid->value;
         $handle=~s/\W//g;
-        my $lonidsdir=$r->dir_config('lonIDsDir');
+    }
+      
+    if ($r->user 
+	&& (!$lonid || !-e "$lonidsdir/$handle.id" || $handle eq '') ) {
+	my $domain = $r->dir_config('lonDefDomain');
+	my $home=&Apache::lonnet::homeserver($r->user,$domain);
+	if ($home !~ /(con_lost|no_such_host)/) {
+	    $handle=&Apache::lonauth::success($r,$r->user,$domain,
+					     $home,'noredirect');
+	    $r->header_out('Set-cookie',"lonID=$handle; path=/");
+	}
+    }
+
+    if ($r->dir_config("lonBalancer") eq 'yes') {
+	$r->set_handlers('PerlResponseHandler'=>
+			 [\&Apache::switchserver::handler]);
+    }
+
+    if ($handle ne '') {
         if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
 
 # ------------------------------------------------------ Initialize Environment
@@ -92,6 +113,14 @@ sub handler {
 		    return HTTP_NOT_ACCEPTABLE;
 		}
 	    }
+	    if ($env{'user.name'} eq 'public' && 
+		$env{'user.domain'} eq 'public' &&
+		$requrl !~ m{^/+(res|public)/} &&
+		$requrl !~ m{^/+adm/(help|logout|randomlabel\.png)}) {
+		$env{'request.querystring'}=$r->args;
+		$env{'request.firsturl'}=$requrl;
+		return FORBIDDEN;
+	    }
 # ------------------------------------------------------------- This is allowed
           if ($env{'request.course.id'}) {
 	    &Apache::lonnet::countacc($requrl);
@@ -171,6 +200,9 @@ sub handler {
 	$r->header_out('Set-cookie',"lonID=$cookie; path=/");
         return OK;
     }
+    if ($requrl=~m|^/+adm/+help/+|) {
+	return OK;
+    }
 # -------------------------------------------------------------- Not authorized
     $requrl=~/\.(\w+)$/;
 #    if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') ||