--- loncom/auth/lonauth.pm	2019/08/01 00:42:34	1.121.2.17
+++ loncom/auth/lonauth.pm	2019/08/03 22:45:30	1.121.2.18
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # User Authentication Module
 #
-# $Id: lonauth.pm,v 1.121.2.17 2019/08/01 00:42:34 raeburn Exp $
+# $Id: lonauth.pm,v 1.121.2.18 2019/08/03 22:45:30 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -40,6 +40,7 @@ use Fcntl qw(:flock);
 use Apache::lonlocal;
 use Apache::File();
 use HTML::Entities;
+use Digest::MD5;
  
 # ------------------------------------------------------------ Successful login
 sub success {
@@ -70,8 +71,27 @@ sub success {
         }
     }
 
-# ------------------------------------------------------------ Get cookie ready
-    $cookie="lonID=$cookie; path=/; HttpOnly";
+# ------------------------------------------------------------ Get cookies ready
+    my ($securecookie,$defaultcookie);
+    my $ssl = $r->subprocess_env('https');
+    if ($ssl) {
+        $securecookie="lonSID=$cookie; path=/; HttpOnly; secure";
+        my $lonidsdir=$r->dir_config('lonIDsDir');
+        if (($lonidsdir) && (-e "$lonidsdir/$cookie.id")) {
+            my $linkname=substr(Digest::MD5::md5_hex(Digest::MD5::md5_hex(time(). {}. rand(). $$)), 0, 32).'_linked';
+            if (-e "$lonidsdir/$linkname.id") {
+                unlink("$lonidsdir/$linkname.id");
+            }
+            my $made_symlink = eval { symlink("$lonidsdir/$cookie.id",
+                                              "$lonidsdir/$linkname.id"); 1 };
+            if ($made_symlink) {
+                $defaultcookie = "lonLinkID=$linkname; path=/; HttpOnly;";
+                &Apache::lonnet::appenv({'user.linkedenv' => $linkname});
+            }
+        }
+    } else {
+        $defaultcookie = "lonID=$cookie; path=/; HttpOnly;";
+    }
 # -------------------------------------------------------- Menu script and info
     my $destination = $lowerurl;
 
@@ -136,7 +156,12 @@ sub success {
 # ------------------------------------------------- Output for successful login
 
     &Apache::loncommon::content_type($r,'text/html');
-    $r->header_out('Set-cookie' => $cookie);
+    if ($securecookie) {
+        $r->headers_out->add('Set-cookie' => $securecookie);
+    }
+    if ($defaultcookie) {
+        $r->headers_out->add('Set-cookie' => $defaultcookie);
+    }
     $r->send_http_header;
 
     my %lt=&Apache::lonlocal::texthash(