--- loncom/auth/lonacc.pm	2006/08/29 20:04:41	1.93
+++ loncom/auth/lonacc.pm	2006/08/30 16:50:23	1.94
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
 #
-# $Id: lonacc.pm,v 1.93 2006/08/29 20:04:41 albertel Exp $
+# $Id: lonacc.pm,v 1.94 2006/08/30 16:50:23 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -137,6 +137,53 @@ sub get_posted_cgi {
     $r->headers_in->unset('Content-length');
 }
 
+# handle the case of the single sign on user, at this point $r->user 
+# will be set and valid now need to find the loncapa user info and possibly
+# balance them
+# returns OK if it was a SSO and user was handled
+#         undef if not SSO or no means to hanle the user
+sub sso_login {
+    my ($r,$lonid,$handle) = @_;
+
+    my $lonidsdir=$r->dir_config('lonIDsDir');
+    if (!($r->user 
+	  && (!defined($env{'user.name'}) && !defined($env{'user.domain'}))
+	  && (!$lonid || !-e "$lonidsdir/$handle.id" || $handle eq ''))) {
+	# not an SSO case or already logged in
+	return undef;
+    }
+
+    my $domain = $r->dir_config('lonDefDomain');
+    my $home=&Apache::lonnet::homeserver($r->user,$domain);
+    if ($home !~ /(con_lost|no_host|no_such_host)/) {
+	if ($r->dir_config("lonBalancer") eq 'yes') {
+	    # login but immeaditly go to switch server to find us a new 
+	    # machine
+	    &Apache::lonauth::success($r,$r->user,$domain,$home,'noredirect');
+	    $r->internal_redirect('/adm/switchserver');
+	} else {
+	    # need to login them in, so generate the need data that
+	    # migrate expects to do login
+	    my %info=('ip'        => $r->connection->remote_ip(),
+		      'domain'    => $domain,
+		      'username'  => $r->user,
+		      'server'    => $r->dir_config('lonHostID'),
+		      'sso.login' => 1
+		      );
+	    my $token = 
+		&Apache::lonnet::tmpput(\%info,
+					$r->dir_config('lonHostID'));
+	    $env{'form.token'} = $token;
+	    $r->internal_redirect('/adm/migrateuser');
+	}
+	return OK;
+    } elsif (defined($r->dir_config('lonSSOUserUnkownRedirect'))) {
+	$r->internal_redirect($r->dir_config('lonSSOUserUnkownRedirect'));
+	return OK;
+    }
+    return undef;
+}
+
 sub handler {
     my $r = shift;
     my $requrl=$r->uri;
@@ -151,32 +198,11 @@ sub handler {
         $handle=~s/\W//g;
     }
 
-    my ($sso_login);
-    if ($r->user 
-	#&& $r->user ne 'lonadm'
-	&& (!$lonid || !-e "$lonidsdir/$handle.id" || $handle eq '') ) {
-	&Apache::lonnet::logthis("$handle and -e ".(-e "$lonidsdir/$handle.id"));
-
-	my $domain = $r->dir_config('lonDefDomain');
-	my $home=&Apache::lonnet::homeserver($r->user,$domain);
-	if ($home !~ /(con_lost|no_host|no_such_host)/) {
-	    my %info=('ip'        => $r->connection->remote_ip(),
-		      'domain'    => $domain,
-		      'username'  => $r->user,
-		      'server'    => $r->dir_config('lonHostID'),
-		      'sso.login' => 1
-		      );
-	    my $token = &Apache::lonnet::tmpput(\%info,
-						$r->dir_config('lonHostID'));
-	    $env{'form.token'} = $token;
-	    $r->internal_redirect('/adm/migrateuser');
-	    return OK;
-	} elsif (defined($r->dir_config('lonSSOUserUnkownRedirect'))) {
-	    $r->internal_redirect($r->dir_config('lonSSOUserUnkownRedirect'));
-	    return OK;
-	}
+    if (my $result = &sso_login($r,$lonid,$handle)) {
+	return $result
     }
 
+
     if ($r->dir_config("lonBalancer") eq 'yes') {
 	$r->set_handlers('PerlResponseHandler'=>
 			 [\&Apache::switchserver::handler]);