loncom/auth/lonacc.pm - diff

Return to lonacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonacc.pm between versions 1.105 and 1.111

version 1.105, 2007/01/12 15:06:18	version 1.111, 2007/10/02 01:09:59
Line 37 use Apache::loncommon();	Line 37 use Apache::loncommon();
use Apache::lonlocal;	use Apache::lonlocal;
use Apache::restrictedaccess();	use Apache::restrictedaccess();
use Apache::blockedaccess();	use Apache::blockedaccess();
use CGI::Cookie();
use Fcntl qw(:flock);	use Fcntl qw(:flock);
use LONCAPA;	use LONCAPA;

Line 145 sub get_posted_cgi {	Line 144 sub get_posted_cgi {
# returns OK if it was a SSO and user was handled	# returns OK if it was a SSO and user was handled
# undef if not SSO or no means to hanle the user	# undef if not SSO or no means to hanle the user
sub sso_login {	sub sso_login {
my ($r,$lonid,$handle) = @_;	my ($r,$handle) = @_;

my $lonidsdir=$r->dir_config('lonIDsDir');	my $lonidsdir=$r->dir_config('lonIDsDir');
if (!($r->user	if (!($r->user
&& (!defined($env{'user.name'}) && !defined($env{'user.domain'}))	&& (!defined($env{'user.name'}) && !defined($env{'user.domain'}))
&& (!$lonid \|\| !-e "$lonidsdir/$handle.id" \|\| $handle eq ''))) {	&& ($handle eq ''))) {
# not an SSO case or already logged in	# not an SSO case or already logged in
return undef;	return undef;
}	}
Line 160 sub sso_login {	Line 159 sub sso_login {
my $domain = $r->dir_config('lonDefDomain');	my $domain = $r->dir_config('lonDefDomain');
my $home=&Apache::lonnet::homeserver($user,$domain);	my $home=&Apache::lonnet::homeserver($user,$domain);
if ($home !~ /(con_lost\|no_host\|no_such_host)/) {	if ($home !~ /(con_lost\|no_host\|no_such_host)/) {
	&Apache::lonnet::logthis(" SSO authorized user $user ");
if ($r->dir_config("lonBalancer") eq 'yes') {	if ($r->dir_config("lonBalancer") eq 'yes') {
# login but immeaditly go to switch server to find us a new	# login but immeaditly go to switch server to find us a new
# machine	# machine
&Apache::lonauth::success($r,$user,$domain,$home,'noredirect');	&Apache::lonauth::success($r,$user,$domain,$home,'noredirect');
$env{'request.sso.login'} = 1;	$env{'request.sso.login'} = 1;
	if (defined($r->dir_config("lonSSOReloginServer"))) {
	$env{'request.sso.reloginserver'} =
	$r->dir_config('lonSSOReloginServer');
	}
$r->internal_redirect('/adm/switchserver');	$r->internal_redirect('/adm/switchserver');
$r->set_handlers('PerlHandler'=> undef);	$r->set_handlers('PerlHandler'=> undef);
} else {	} else {
Line 176 sub sso_login {	Line 180 sub sso_login {
'server' => $r->dir_config('lonHostID'),	'server' => $r->dir_config('lonHostID'),
'sso.login' => 1	'sso.login' => 1
);	);
	if (defined($r->dir_config("lonSSOReloginServer"))) {
	$info{'sso.reloginserver'} =
	$r->dir_config('lonSSOReloginServer');
	}
my $token =	my $token =
&Apache::lonnet::tmpput(\%info,	&Apache::lonnet::tmpput(\%info,
$r->dir_config('lonHostID'));	$r->dir_config('lonHostID'));
Line 185 sub sso_login {	Line 193 sub sso_login {
}	}
return OK;	return OK;
} elsif (defined($r->dir_config('lonSSOUserUnknownRedirect'))) {	} elsif (defined($r->dir_config('lonSSOUserUnknownRedirect'))) {
	&Apache::lonnet::logthis(" SSO authorized unknown user $user ");
$r->subprocess_env->set('SSOUserUnknown' => $user);	$r->subprocess_env->set('SSOUserUnknown' => $user);
$r->subprocess_env->set('SSOUserDomain' => $domain);	$r->subprocess_env->set('SSOUserDomain' => $domain);
$r->internal_redirect($r->dir_config('lonSSOUserUnknownRedirect'));	$r->internal_redirect($r->dir_config('lonSSOUserUnknownRedirect'));
Line 197 sub sso_login {	Line 206 sub sso_login {
sub handler {	sub handler {
my $r = shift;	my $r = shift;
my $requrl=$r->uri;	my $requrl=$r->uri;
my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));	if (&Apache::lonnet::is_domainimage($requrl)) {
my $lonid=$cookies{'lonID'};	return OK;
my $cookie;
my $lonidsdir=$r->dir_config('lonIDsDir');

my $handle;
if ($lonid) {
$handle=&LONCAPA::clean_handle($lonid->value);
}	}

my $result = &sso_login($r,$lonid,$handle);
	my $handle = &Apache::lonnet::check_for_valid_session($r);

	my $result = &sso_login($r,$handle);
if (defined($result)) {	if (defined($result)) {
return $result	return $result
}	}
Line 220 sub handler {	Line 226 sub handler {

if ($handle eq '') {	if ($handle eq '') {
$r->log_reason("Cookie $handle not valid", $r->filename);	$r->log_reason("Cookie $handle not valid", $r->filename);
} elsif ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {	} elsif ($handle ne '') {

# ------------------------------------------------------ Initialize Environment	# ------------------------------------------------------ Initialize Environment
	my $lonidsdir=$r->dir_config('lonIDsDir');
&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);	&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);

# --------------------------------------------------------- Initialize Language	# --------------------------------------------------------- Initialize Language
Line 274 sub handler {	Line 280 sub handler {
$env{'user.domain'};	$env{'user.domain'};
if ($requrl !~ /^\Q$start\E/) {	if ($requrl !~ /^\Q$start\E/) {
$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";	$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
	return HTTP_NOT_ACCEPTABLE;
	}
	}
	if ($requrl =~ m\|^/zipspool/\|) {
	my $start='/zipspool/zipout/'.$env{'user.name'}.":".
	$env{'user.domain'};
	if ($requrl !~ /^\Q$start\E/) {
	$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
return HTTP_NOT_ACCEPTABLE;	return HTTP_NOT_ACCEPTABLE;
}	}
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.105
changed lines
	Added in v.1.111