--- loncom/auth/lonauth.pm	2019/08/03 22:45:30	1.121.2.18
+++ loncom/auth/lonauth.pm	2020/05/02 15:29:40	1.121.2.19
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # User Authentication Module
 #
-# $Id: lonauth.pm,v 1.121.2.18 2019/08/03 22:45:30 raeburn Exp $
+# $Id: lonauth.pm,v 1.121.2.19 2020/05/02 15:29:40 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -45,7 +45,7 @@ use Digest::MD5;
 # ------------------------------------------------------------ Successful login
 sub success {
     my ($r, $username, $domain, $authhost, $lowerurl, $extra_env,
-	$form) = @_;
+	$form,$cid) = @_;
 
 # ------------------------------------------------------------ Get cookie ready
     my $cookie =
@@ -117,16 +117,26 @@ sub success {
     }
     if (defined($form->{symb})) {
         my $destsymb = $form->{symb};
+        my $encrypted;
+        if ($destsymb =~ m{^/enc/}) {
+            $encrypted = 1;
+            if ($cid) {
+                $destsymb = &Apache::lonenc::unencrypted($destsymb,$cid);
+            }
+        }
         $destination  .= ($destination =~ /\?/) ? '&' : '?';
         if ($destsymb =~ /___/) {
-            # FIXME Need to deal with encrypted symbs and urls as needed.
             my ($map,$resid,$desturl)=split(/___/,$destsymb);
             $desturl = &Apache::lonnet::clutter($desturl);
+            if ($encrypted) {
+                $desturl = &Apache::lonenc::encrypted($desturl,1,$cid);
+                $destsymb = $form->{symb};
+            }
             $desturl = &HTML::Entities::encode($desturl,'"<>&');
             $destsymb = &HTML::Entities::encode($destsymb,'"<>&');
             $destination .= 'destinationurl='.$desturl.
                             '&destsymb='.$destsymb;
-        } else {
+        } elsif (!$encrypted) {
             $destsymb = &HTML::Entities::encode($destsymb,'"<>&');
             $destination .= 'destinationurl='.$destsymb;
         }