loncom/auth/lonacc.pm - diff

Return to lonacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonacc.pm between versions 1.95 and 1.110

version 1.95, 2006/08/30 21:48:51	version 1.110, 2007/04/27 22:03:02
Line 36 use Apache::lonnet;	Line 36 use Apache::lonnet;
use Apache::loncommon();	use Apache::loncommon();
use Apache::lonlocal;	use Apache::lonlocal;
use Apache::restrictedaccess();	use Apache::restrictedaccess();
	use Apache::blockedaccess();
use CGI::Cookie();	use CGI::Cookie();
use Fcntl qw(:flock);	use Fcntl qw(:flock);
use LONCAPA;	use LONCAPA;
Line 44 sub cleanup {	Line 45 sub cleanup {
my ($r)=@_;	my ($r)=@_;
if (! $r->is_initial_req()) { return DECLINED; }	if (! $r->is_initial_req()) { return DECLINED; }
&Apache::lonnet::save_cache();	&Apache::lonnet::save_cache();
	&Apache::lontexconvert::jsMath_reset();
return OK;	return OK;
}	}

Line 153 sub sso_login {	Line 155 sub sso_login {
return undef;	return undef;
}	}

	my ($user) = ($r->user =~ m/([a-zA-Z0-9_\-@.]*)/);

my $domain = $r->dir_config('lonDefDomain');	my $domain = $r->dir_config('lonDefDomain');
my $home=&Apache::lonnet::homeserver($r->user,$domain);	my $home=&Apache::lonnet::homeserver($user,$domain);
if ($home !~ /(con_lost\|no_host\|no_such_host)/) {	if ($home !~ /(con_lost\|no_host\|no_such_host)/) {
	&Apache::lonnet::logthis(" SSO authorized user $user ");
if ($r->dir_config("lonBalancer") eq 'yes') {	if ($r->dir_config("lonBalancer") eq 'yes') {
# login but immeaditly go to switch server to find us a new	# login but immeaditly go to switch server to find us a new
# machine	# machine
&Apache::lonauth::success($r,$r->user,$domain,$home,'noredirect');	&Apache::lonauth::success($r,$user,$domain,$home,'noredirect');
	$env{'request.sso.login'} = 1;
	if (defined($r->dir_config("lonSSOReloginServer"))) {
	$env{'request.sso.reloginserver'} =
	$r->dir_config('lonSSOReloginServer');
	}
$r->internal_redirect('/adm/switchserver');	$r->internal_redirect('/adm/switchserver');
	$r->set_handlers('PerlHandler'=> undef);
} else {	} else {
# need to login them in, so generate the need data that	# need to login them in, so generate the need data that
# migrate expects to do login	# migrate expects to do login
my %info=('ip' => $r->connection->remote_ip(),	my %info=('ip' => $r->connection->remote_ip(),
'domain' => $domain,	'domain' => $domain,
'username' => $r->user,	'username' => $user,
'server' => $r->dir_config('lonHostID'),	'server' => $r->dir_config('lonHostID'),
'sso.login' => 1	'sso.login' => 1
);	);
	if (defined($r->dir_config("lonSSOReloginServer"))) {
	$info{'sso.reloginserver'} =
	$r->dir_config('lonSSOReloginServer');
	}
my $token =	my $token =
&Apache::lonnet::tmpput(\%info,	&Apache::lonnet::tmpput(\%info,
$r->dir_config('lonHostID'));	$r->dir_config('lonHostID'));
$env{'form.token'} = $token;	$env{'form.token'} = $token;
$r->internal_redirect('/adm/migrateuser');	$r->internal_redirect('/adm/migrateuser');
	$r->set_handlers('PerlHandler'=> undef);
}	}
return OK;	return OK;
} elsif (defined($r->dir_config('lonSSOUserUnkownRedirect'))) {	} elsif (defined($r->dir_config('lonSSOUserUnknownRedirect'))) {
$r->internal_redirect($r->dir_config('lonSSOUserUnkownRedirect'));	&Apache::lonnet::logthis(" SSO authorized unknown user $user ");
	$r->subprocess_env->set('SSOUserUnknown' => $user);
	$r->subprocess_env->set('SSOUserDomain' => $domain);
	$r->internal_redirect($r->dir_config('lonSSOUserUnknownRedirect'));
	$r->set_handlers('PerlHandler'=> undef);
return OK;	return OK;
}	}
return undef;	return undef;
Line 187 sub sso_login {	Line 207 sub sso_login {
sub handler {	sub handler {
my $r = shift;	my $r = shift;
my $requrl=$r->uri;	my $requrl=$r->uri;
	if (&Apache::lonnet::is_domainimage($requrl)) {
	return OK;
	}
my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));	my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
my $lonid=$cookies{'lonID'};	my $lonid=$cookies{'lonID'};
my $cookie;	my $cookie;
Line 194 sub handler {	Line 217 sub handler {

my $handle;	my $handle;
if ($lonid) {	if ($lonid) {
$handle=$lonid->value;	$handle=&LONCAPA::clean_handle($lonid->value);
$handle=~s/\W//g;
}	}

if (my $result = &sso_login($r,$lonid,$handle)) {	my $result = &sso_login($r,$lonid,$handle);
	if (defined($result)) {
return $result	return $result
}	}

Line 250 sub handler {	Line 273 sub handler {
&Apache::restrictedaccess::setup_handler($r);	&Apache::restrictedaccess::setup_handler($r);
return OK;	return OK;
}	}
	if ($access eq 'B') {
	&Apache::blockedaccess::setup_handler($r);
	return OK;
	}
if (($access ne '2') && ($access ne 'F')) {	if (($access ne '2') && ($access ne 'F')) {
$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";	$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
return HTTP_NOT_ACCEPTABLE;	return HTTP_NOT_ACCEPTABLE;
Line 260 sub handler {	Line 287 sub handler {
$env{'user.domain'};	$env{'user.domain'};
if ($requrl !~ /^\Q$start\E/) {	if ($requrl !~ /^\Q$start\E/) {
$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";	$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
	return HTTP_NOT_ACCEPTABLE;
	}
	}
	if ($requrl =~ m\|^/zipspool/\|) {
	my $start='/zipspool/zipout/'.$env{'user.name'}.":".
	$env{'user.domain'};
	if ($requrl !~ /^\Q$start\E/) {
	$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
return HTTP_NOT_ACCEPTABLE;	return HTTP_NOT_ACCEPTABLE;
}	}
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.95
changed lines
	Added in v.1.110