--- loncom/auth/lonauth.pm 2012/02/06 03:27:59 1.101.8.9.2.1
+++ loncom/auth/lonauth.pm 2011/05/13 01:33:02 1.112
@@ -1,7 +1,7 @@
# The LearningOnline Network
# User Authentication Module
#
-# $Id: lonauth.pm,v 1.101.8.9.2.1 2012/02/06 03:27:59 raeburn Exp $
+# $Id: lonauth.pm,v 1.112 2011/05/13 01:33:02 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -40,7 +40,7 @@ use Apache::lonmenu();
use Apache::createaccount;
use Fcntl qw(:flock);
use Apache::lonlocal;
-use Apache::File();
+use Apache::File ();
use HTML::Entities;
# ------------------------------------------------------------ Successful login
@@ -82,9 +82,13 @@ sub success {
my $now=time;
my $then=$env{'user.login.time'};
my $refresh=$env{'user.refresh.time'};
+ my $update=$env{'user.update.time'};
+ if (!$update) {
+ $update = $then;
+ }
if (exists($env{$envkey})) {
my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus);
- &Apache::lonnet::role_status($envkey,$then,$refresh,$now,\$role,\$where,
+ &Apache::lonnet::role_status($envkey,$update,$refresh,$now,\$role,\$where,
\$trolecode,\$tstatus,\$tstart,\$tend);
if ($tstatus eq 'is') {
$destination .= ($destination =~ /\?/) ? '&' : '?';
@@ -111,24 +115,21 @@ sub success {
$destination .= '&destinationurl='.$destsymb;
}
}
+ if ($destination =~ m{^/adm/roles}) {
+ $destination .= ($destination =~ /\?/) ? '&' : '?';
+ $destination .= 'source=login';
+ }
- my $windowinfo=&Apache::lonmenu::open($env{'browser.os'});
- my $startupremote=&Apache::lonmenu::startupremote($destination);
- my $remoteinfo=&Apache::lonmenu::load_remote_msg($lowerurl);
- my $setflags=&Apache::lonmenu::setflags();
- my $maincall=&Apache::lonmenu::maincall();
+ my $windowinfo = Apache::lonhtmlcommon::scripttag('self.name="loncapaclient";');
+ my $header = '';
my $brcrum = [{'href' => '',
'text' => 'Successful Login'},];
my $start_page=&Apache::loncommon::start_page('Successful Login',
- $startupremote,
- {'no_inline_link' => 1,
- 'bread_crumbs' => $brcrum,});
+ $header,
+ {'bread_crumbs' => $brcrum,});
my $end_page =&Apache::loncommon::end_page();
- my $continuelink;
- if ($env{'environment.remote'} eq 'off') {
- $continuelink=''.&mt('Continue').'';
- }
+ my $continuelink=''.&mt('Continue').'';
# ------------------------------------------------- Output for successful login
&Apache::loncommon::content_type($r,'text/html');
@@ -140,16 +141,13 @@ sub success {
'pro' => 'Login problems?',
'log' => 'loginproblems.html',
);
- my $welcome = &mt('Welcome to the Learning[_1]Online[_2] Network with CAPA. Please wait while your session is being set up.','','');
+ my $welcome = &mt('Welcome to the Learning[_1]Online[_2] Network with CAPA. Please wait while your session is being set up.','','');
$r->print(<$lt{'wel'}
$welcome
$lt{'pro'}
-$remoteinfo
-$maincall
$continuelink
$end_page
ENDSUCCESS
@@ -159,8 +157,7 @@ ENDSUCCESS
sub failed {
my ($r,$message,$form) = @_;
- my $start_page = &Apache::loncommon::start_page('Unsuccessful Login',undef,
- {'no_inline_link' => 1,});
+ my $start_page = &Apache::loncommon::start_page('Unsuccessful Login',undef);
my $retry = '/adm/login?username='.$form->{'uname'}.
'&domain='.$form->{'udom'};
if (exists($form->{role})) {
@@ -217,12 +214,12 @@ sub handler {
} else {
# Indeed, a valid token is found
&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
- &Apache::loncommon::content_type($r,'text/html');
- $r->send_http_header;
- my $start_page =
- &Apache::loncommon::start_page('Already logged in');
- my $end_page =
- &Apache::loncommon::end_page();
+ &Apache::loncommon::content_type($r,'text/html');
+ $r->send_http_header;
+ my $start_page =
+ &Apache::loncommon::start_page('Already logged in');
+ my $end_page =
+ &Apache::loncommon::end_page();
my $dest = '/adm/roles';
if ($env{'form.firsturl'} ne '') {
$dest = $env{'form.firsturl'};
@@ -277,8 +274,7 @@ sub handler {
my $tmpinfo=Apache::lonnet::reply('tmpget:'.$form{'logtoken'},
$form{'serverid'});
- if (($tmpinfo=~/^error/) || ($tmpinfo eq 'con_lost') ||
- ($tmpinfo eq 'no_such_host')) {
+ if (($tmpinfo=~/^error/) || ($tmpinfo eq 'con_lost')) {
&failed($r,'Information needed to verify your login information is missing, inaccessible or expired.',\%form);
return OK;
} else {
@@ -332,47 +328,63 @@ sub handler {
}
# ---------------------------------------------------------------- Authenticate
-
+ my @cancreate;
my %domconfig = &Apache::lonnet::get_dom('configuration',['usercreation'],$form{'udom'});
- my ($cancreate,$statustocreate) =
- &Apache::createaccount::get_creation_controls($form{'udom'},$domconfig{'usercreation'});
- my $defaultauth;
- if (ref($cancreate) eq 'ARRAY') {
- if (grep(/^login$/,@{$cancreate})) {
- $defaultauth = 1;
+ if (ref($domconfig{'usercreation'}) eq 'HASH') {
+ if (ref($domconfig{'usercreation'}{'cancreate'}) eq 'HASH') {
+ if (ref($domconfig{'usercreation'}{'cancreate'}{'selfcreate'}) eq 'ARRAY') {
+ @cancreate = @{$domconfig{'usercreation'}{'cancreate'}{'selfcreate'}};
+ } elsif (($domconfig{'usercreation'}{'cancreate'}{'selfcreate'} ne 'none') &&
+ ($domconfig{'usercreation'}{'cancreate'}{'selfcreate'} ne '')) {
+ @cancreate = ($domconfig{'usercreation'}{'cancreate'}{'selfcreate'});
+ }
}
}
+ my $defaultauth;
+ if (grep(/^login$/,@cancreate)) {
+ $defaultauth = 1;
+ }
my $clientcancheckhost = 1;
- my $uname = $form{'uname'};
- my $authhost=Apache::lonnet::authenticate($uname,$upass,
+ my $authhost=Apache::lonnet::authenticate($form{'uname'},$upass,
$form{'udom'},$defaultauth,
$clientcancheckhost);
# --------------------------------------------------------------------- Failed?
if ($authhost eq 'no_host') {
- my $lc_uname = lc($uname);
- if ($uname eq $lc_uname) {
- &failed($r,'Username and/or password could not be authenticated.',
- \%form);
- return OK;
- } else {
- $authhost=Apache::lonnet::authenticate($lc_uname,$upass,
- $form{'udom'},$defaultauth);
- if ($authhost eq 'no_host') {
- &failed($r,'Username (in lower case) and/or password could not be authenticated.',
- \%form);
- return OK;
- } elsif ($authhost eq 'no_account_on_host') {
- &create_account($r,\%form,\@cancreate,$lc_uname,$contact_name);
+ &failed($r,'Username and/or password could not be authenticated.',
+ \%form);
+ return OK;
+ } elsif ($authhost eq 'no_account_on_host') {
+ my %domconfig =
+ &Apache::lonnet::get_dom('configuration',['usercreation'],$form{'udom'});
+ if (grep(/^login$/,@cancreate)) {
+ my $domdesc = &Apache::lonnet::domain($form{'udom'},'description');
+ unless (&check_can_host($r,\%form,'no_account_on_host',$domdesc)) {
return OK;
- } else {
- $form{'uname'} = $lc_uname;
}
+ my $start_page =
+ &Apache::loncommon::start_page('Create a user account in LON-CAPA');
+ my $lonhost = $r->dir_config('lonHostID');
+ my $origmail = $Apache::lonnet::perlvar{'lonSupportEMail'};
+ my $contacts =
+ &Apache::loncommon::build_recipient_list(undef,'helpdeskmail',
+ $form{'udom'},$origmail);
+ my ($contact_email) = split(',',$contacts);
+ my $output = &Apache::createaccount::username_check($form{'uname'},
+ $form{'udom'},$domdesc,'',
+ $lonhost,$contact_email,$contact_name);
+ &Apache::loncommon::content_type($r,'text/html');
+ $r->send_http_header;
+ &Apache::createaccount::print_header($r,$start_page);
+ $r->print(''.&mt('Account creation').'
'.
+ &mt('Although your username and password were authenticated, you do not currently have a LON-CAPA account at this institution.').'
'.
+ $output.&Apache::loncommon::end_page());
+ return OK;
+ } else {
+ &failed($r,'Although your username and password were authenticated, you do not currently have a LON-CAPA account in this domain, and you are not permitted to create one.',\%form);
+ return OK;
}
- } elsif ($authhost eq 'no_account_on_host') {
- &create_account($r,\%form,\@cancreate,$uname,$contact_name);
- return OK;
}
if (($firsturl eq '') ||
@@ -402,31 +414,17 @@ sub handler {
}
}
+ unless (&check_can_host($r,\%form,$authhost)) {
+ return OK;
+ }
+
if ($r->dir_config("lonBalancer") eq 'yes') {
- my $otherserver = &Apache::lonnet::spareserver(30000,undef,1,$form{'udom'});
- if (!$otherserver) {
- ($otherserver) = &Apache::lonnet::choose_server($form{'udom'});
- }
- if ($otherserver) {
- &success($r,$form{'uname'},$form{'udom'},$authhost,'noredirect',undef,
- \%form);
- $r->internal_redirect('/adm/switchserver?otherserver='.$otherserver.'&origurl='.$firsturl);
- } else {
- $r->print(&noswitch());
- }
+ &success($r,$form{'uname'},$form{'udom'},$authhost,'noredirect',undef,
+ \%form);
+ my ($otherserver) = &Apache::lonnet::choose_server($form{'udom'});
+ $r->internal_redirect('/adm/switchserver?otherserver='.$otherserver.'&origurl='.$firsturl);
return OK;
} else {
- if (!&check_can_host($r,\%form,$authhost)) {
- my ($otherserver) = &Apache::lonnet::choose_server($form{'udom'});
- if ($otherserver) {
- &success($r,$form{'uname'},$form{'udom'},$authhost,'noredirect',undef,
- \%form);
- $r->internal_redirect('/adm/switchserver?otherserver='.$otherserver.'&origurl='.$firsturl);
- } else {
- $r->print(&noswitch());
- }
- return OK;
- }
# ------------------------------------------------------- Do the load balancing
# ---------------------------------------------------------- Determine own load
@@ -443,9 +441,6 @@ sub handler {
# ---------------------------------------------------------- Are we overloaded?
if ((($userloadpercent>100.0)||($loadpercent>100.0))) {
my $unloaded=Apache::lonnet::spareserver($loadpercent,$userloadpercent,1,$form{'udom'});
- if (!$unloaded) {
- ($unloaded) = &Apache::lonnet::choose_server($form{'udom'});
- }
if ($unloaded) {
&success($r,$form{'uname'},$form{'udom'},$authhost,'noredirect',
undef,\%form);
@@ -491,9 +486,7 @@ sub check_can_host {
}
unless ($canhost) {
if ($authhost eq 'no_account_on_host') {
- my $checkloginvia = 1;
- my ($login_host,$hostname) =
- &Apache::lonnet::choose_server($udom,$checkloginvia);
+ my ($login_host,$hostname) = &Apache::lonnet::choose_server($udom);
&Apache::loncommon::content_type($r,'text/html');
$r->send_http_header;
if ($login_host ne '') {
@@ -523,47 +516,6 @@ sub check_can_host {
return $canhost;
}
-sub noswitch {
- my $result = &Apache::loncommon::start_page('Access to LON-CAPA unavailable').
- ''.&mt('Session unavailable').'
'.
- &mt('This LON-CAPA server is unable to host your session.').'
'.
- ''.&mt('Currently no other LON-CAPA server is available to host your session either.').'
'.
- &Apache::loncommon::end_page();
- return $result;
-}
-
-sub create_account {
- my ($r,$form,$cancreate,$uname,$contact_name) = @_;
- return unless((ref($form) eq 'HASH') && (ref($cancreate) eq 'ARRAY'));
- my %domconfig =
- &Apache::lonnet::get_dom('configuration',['usercreation'],$form->{'udom'});
- if (&check_can_host($r,\%form,'no_account_on_host',$domdesc)) {
- my $start_page =
- &Apache::loncommon::start_page('Create a user account in LON-CAPA',
- '',{'no_inline_link' => 1,});
- my $domdesc = &Apache::lonnet::domain($form->{'udom'},'description');
- my $lonhost = $r->dir_config('lonHostID');
- my $origmail = $Apache::lonnet::perlvar{'lonSupportEMail'};
- my $contacts =
- &Apache::loncommon::build_recipient_list(undef,'helpdeskmail',
- $form->{'udom'},$origmail);
- my ($contact_email) = split(',',$contacts);
- my $output =
- &Apache::createaccount::username_check($uname,$form->{'udom'},
- $domdesc,'',$lonhost,
- $contact_email,$contact_name);
- &Apache::loncommon::content_type($r,'text/html');
- $r->send_http_header;
- &Apache::createaccount::print_header($r,$start_page);
- $r->print(''.&mt('Account creation').'
'.
- &mt('Although your username and password were authenticated, you do not currently have a LON-CAPA account at this institution.').'
'.
- $output.&Apache::loncommon::end_page());
- } else {
- &failed($r,'Although your username and password were authenticated, you do not currently have a LON-CAPA account in this domain, and you are not permitted to create one.',$form);
- }
- return;
-}
-
1;
__END__