--- loncom/auth/lonauth.pm	2009/07/22 21:51:03	1.101
+++ loncom/auth/lonauth.pm	2010/08/18 19:39:42	1.101.8.3
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # User Authentication Module
 #
-# $Id: lonauth.pm,v 1.101 2009/07/22 21:51:03 raeburn Exp $
+# $Id: lonauth.pm,v 1.101.8.3 2010/08/18 19:39:42 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -209,23 +209,33 @@ sub handler {
 # -------------------------------- Prevent users from attempting to login twice
     my $handle = &Apache::lonnet::check_for_valid_session($r);
     if ($handle ne '') {
+        my $lonidsdir=$r->dir_config('lonIDsDir');
+        if ($handle=~/^publicuser\_/) {
+# For "public user" - remove it, we apparently really want to login
+            unlink($r->dir_config('lonIDsDir')."/$handle.id");
+        } else {
 # Indeed, a valid token is found
-	&Apache::loncommon::content_type($r,'text/html');
-	$r->send_http_header;
-	my $start_page = 
-	    &Apache::loncommon::start_page('Already logged in');
-	my $end_page = 
-	    &Apache::loncommon::end_page();
-        $r->print(
-           $start_page
-          .'<h1>'.&mt('You are already logged in!').'</h1>'
-          .'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].'
-                    ,'<a href="/adm/roles">','</a>','<a href="/adm/logout">','</a>')
-          .'</p>'
-          .'<p><a href="/adm/loginproblems.html">'.&mt('Login problems?').'</a></p>'
-          .$end_page
-        );
-        return OK;
+            &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
+            &Apache::loncommon::content_type($r,'text/html');
+            $r->send_http_header;
+            my $start_page =
+                &Apache::loncommon::start_page('Already logged in');
+            my $end_page =
+                &Apache::loncommon::end_page();
+            my $dest = '/adm/roles';
+            if ($env{'form.firsturl'} ne '') {
+                $dest = $env{'form.firsturl'};
+            }
+            $r->print(
+               $start_page
+              .'<h1>'.&mt('You are already logged in!').'</h1>'
+              .'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].'
+                    ,'<a href="'.$dest.'">','</a>','<a href="/adm/logout">','</a>')
+              .'</p>'
+              .$end_page
+            );
+            return OK;
+        }
     }
 
 # ---------------------------------------------------- No valid token, continue
@@ -336,8 +346,10 @@ sub handler {
     if (grep(/^login$/,@cancreate)) {
         $defaultauth = 1;
     }
+    my $clientcancheckhost = 1;
     my $authhost=Apache::lonnet::authenticate($form{'uname'},$upass,
-                                              $form{'udom'},$defaultauth);
+                                              $form{'udom'},$defaultauth,
+                                              $clientcancheckhost);
     
 # --------------------------------------------------------------------- Failed?
 
@@ -349,10 +361,11 @@ sub handler {
         my %domconfig = 
             &Apache::lonnet::get_dom('configuration',['usercreation'],$form{'udom'});
         if (grep(/^login$/,@cancreate)) {
+            my $domdesc = &Apache::lonnet::domain($form{'udom'},'description');
+            &check_can_host($r,\%form,'no_account_on_host',$domdesc);
             my $start_page = 
                 &Apache::loncommon::start_page('Create a user account in LON-CAPA',
                                                '',{'no_inline_link'   => 1,});
-            my $domdesc = &Apache::lonnet::domain($form{'udom'},'description');
             my $lonhost = $r->dir_config('lonHostID');
             my $origmail = $Apache::lonnet::perlvar{'lonSupportEMail'};
             my $contacts = 
@@ -402,10 +415,13 @@ sub handler {
 	}
     }
 
+    &check_can_host($r,\%form,$authhost);
+
     if ($r->dir_config("lonBalancer") eq 'yes') {
 	&success($r,$form{'uname'},$form{'udom'},$authhost,'noredirect',undef,
 		 \%form);
-	$r->internal_redirect('/adm/switchserver');
+        my ($otherserver) = &Apache::lonnet::choose_server($form{'udom'});
+	$r->internal_redirect('/adm/switchserver?otherserver='.$otherserver);
     } else {
 	&success($r,$form{'uname'},$form{'udom'},$authhost,$firsturl,undef,
 		 \%form);
@@ -413,6 +429,68 @@ sub handler {
     return OK;
 }
 
+sub check_can_host {
+    my ($r,$form,$authhost,$domdesc) = @_;
+    return unless (ref($form) eq 'HASH');
+    my $canhost = 1;
+    my $lonhost = $r->dir_config('lonHostID');
+    my $udom = $form->{'udom'};
+    my @intdoms;
+    my $internet_names = &Apache::lonnet::get_internet_names($lonhost);
+    if (ref($internet_names) eq 'ARRAY') {
+        @intdoms = @{$internet_names};
+    }
+    my $uprimary_id = &Apache::lonnet::domain($udom,'primary');
+    my $uint_dom = &Apache::lonnet::internet_dom($uprimary_id);
+    unless ($uint_dom ne '' && grep(/^\Q$uint_dom\E$/,@intdoms)) {
+        my $machine_dom = &Apache::lonnet::host_domain($lonhost);
+        my $hostname = &Apache::lonnet::hostname($lonhost);
+        my $serverhomeID = &Apache::lonnet::get_server_homeID($hostname);
+        my $serverhomedom = &Apache::lonnet::host_domain($serverhomeID);
+        my %defdomdefaults = &Apache::lonnet::get_domain_defaults($serverhomedom);
+        my %udomdefaults = &Apache::lonnet::get_domain_defaults($udom);
+        my $loncaparev;
+        if ($authhost eq 'no_account_on_host') {
+            $loncaparev = &Apache::lonnet::get_server_loncaparev($machine_dom);
+        } else {
+            $loncaparev = &Apache::lonnet::get_server_loncaparev($machine_dom,$lonhost);
+        }
+        $canhost = &Apache::lonnet::can_host_session($udom,$lonhost,$loncaparev,
+                                                     $udomdefaults{'remotesessions'},
+                                                     $defdomdefaults{'hostedsessions'});
+    }
+    unless ($canhost) {
+        if ($authhost eq 'no_account_on_host') {
+            my ($login_host,$hostname) = &Apache::lonnet::choose_server($udom);
+            &Apache::loncommon::content_type($r,'text/html');
+            $r->send_http_header;
+            if ($login_host ne '') {
+                my $protocol = $Apache::lonnet::protocol{$login_host};
+                $protocol = 'http' if ($protocol ne 'https');
+                my $newurl = $protocol.'://'.$hostname.'/adm/createaccount';
+                $r->print(&Apache::loncommon::start_page('Create a user account in LON-CAPA').
+                          '<h3>'.&mt('Account creation').'</h3>'.
+                          &mt('You do not currently have a LON-CAPA account at this institution.').'<br />'.
+                          '<p>'.&mt('You will be able to create one by logging into a LON-CAPA server within the [_1] domain.',$domdesc).'</p>'.
+                          '<p>'.&mt('[_1]Log in[_2]','<a href="'.$newurl.'">','</a>').
+                          &Apache::loncommon::end_page());
+            } else {
+                $r->print(&Apache::loncommon::start_page('Access to LON-CAPA unavailable').
+                          '<h3>'.&mt('Account creation unavailable').'</h3>'.
+                          &mt('You do not currently have a LON-CAPA account at this institution.').'<br />'.
+                          '<p>'.&mt('Currently a LON-CAPA server is not available within the [_1] domain for you to log-in to, to create an account.',$domdesc).'</p>'.
+                          &Apache::loncommon::end_page());
+            }
+            return OK;
+        } else {
+            &success($r,$form->{'uname'},$udom,$authhost,'noredirect',undef,
+                     $form);
+            my ($otherserver) = &Apache::lonnet::choose_server($udom);
+            $r->internal_redirect('/adm/switchserver?otherserver='.$otherserver);
+        }
+    }
+}
+
 1;
 __END__