--- loncom/auth/lonauth.pm 2013/08/13 13:29:09 1.121.2.4
+++ loncom/auth/lonauth.pm 2014/01/05 11:38:43 1.121.2.8
@@ -1,7 +1,7 @@
# The LearningOnline Network
# User Authentication Module
#
-# $Id: lonauth.pm,v 1.121.2.4 2013/08/13 13:29:09 raeburn Exp $
+# $Id: lonauth.pm,v 1.121.2.8 2014/01/05 11:38:43 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -108,11 +108,11 @@ sub success {
}
$desturl = &HTML::Entities::encode($desturl,'"<>&');
$destsymb = &HTML::Entities::encode($destsymb,'"<>&');
- $destination .= '&destinationurl='.$desturl.
+ $destination .= 'destinationurl='.$desturl.
'&destsymb='.$destsymb;
} else {
$destsymb = &HTML::Entities::encode($destsymb,'"<>&');
- $destination .= '&destinationurl='.$destsymb;
+ $destination .= 'destinationurl='.$destsymb;
}
}
if ($destination =~ m{^/adm/roles}) {
@@ -171,19 +171,42 @@ ENDSUCCESS
sub failed {
my ($r,$message,$form) = @_;
- my $start_page = &Apache::loncommon::start_page('Unsuccessful Login',undef);
- my $retry = '/adm/login?username='.$form->{'uname'}.
- '&domain='.$form->{'udom'};
+ (undef,undef,undef,my $clientmathml,my $clientunicode) =
+ &Apache::loncommon::decode_user_agent();
+ my $args = {};
+ if ($clientunicode && !$clientmathml) {
+ $args = {'browser.unicode' => 1};
+ }
+
+ my $start_page = &Apache::loncommon::start_page('Unsuccessful Login',undef,$args);
+ my $uname = &Apache::loncommon::cleanup_html($form->{'uname'});
+ my $udom = &Apache::loncommon::cleanup_html($form->{'udom'});
+ if (&Apache::lonnet::domain($udom,'description') eq '') {
+ undef($udom);
+ }
+ my $retry = '/adm/login';
+ if ($uname eq $form->{'uname'}) {
+ $retry .= '?username='.$uname;
+ }
+ if ($udom) {
+ $retry .= (($retry=~/\?/)?'&':'?').'domain='.$udom;
+ }
if (exists($form->{role})) {
- $retry .= '&role='.$form->{role};
+ my $role = &Apache::loncommon::cleanup_html($form->{role});
+ if ($role ne '') {
+ $retry .= (($retry=~/\?/)?'&':'?').'role='.$role;
+ }
}
if (exists($form->{symb})) {
- $retry .= '&symb='.$form->{symb};
+ my $symb = &Apache::loncommon::cleanup_html($form->{symb});
+ if ($symb ne '') {
+ $retry .= (($retry=~/\?/)?'&':'?').'symb='.$symb;
+ }
}
- my $end_page = &Apache::loncommon::end_page();
+ my $end_page = &Apache::loncommon::end_page();
&Apache::loncommon::content_type($r,'text/html');
$r->send_http_header;
- my $loginhelp = &loginhelpdisplay($form->{'udom'});
+ my $loginhelp = &loginhelpdisplay($udom);
if ($loginhelp) {
$loginhelp = ''.&mt('Login problems?').'
';
}
@@ -205,9 +228,9 @@ sub reroute {
my ($r) = @_;
&Apache::loncommon::content_type($r,'text/html');
$r->send_http_header;
- my $msg=''.&mt('Sorry ...').'
'
+ my $msg=''.&mt('Sorry ...').'
'
.&mt('Please [_1]log in again[_2].');
- &Apache::loncommon::simple_error_page($r,'Rerouting',$msg);
+ &Apache::loncommon::simple_error_page($r,'Rerouting',$msg,{'no_auto_mt_msg' => 1});
}
# ---------------------------------------------------------------- Main handler
@@ -269,7 +292,7 @@ sub handler {
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
$form{$name}=$value;
- }
+ }
if ((!$form{'uname'}) || (!$form{'upass0'}) || (!$form{'udom'})) {
&failed($r,'Username, password and domain need to be specified.',
@@ -294,6 +317,12 @@ sub handler {
my $tmpinfo=Apache::lonnet::reply('tmpget:'.$form{'logtoken'},
$form{'serverid'});
+ my %sessiondata;
+ if ($form{'iptoken'}) {
+ %sessiondata = &Apache::lonnet::tmpget($form{'iptoken'});
+ my $delete = &Apache::lonnet::tmpdel($form{'token'});
+ }
+
if (($tmpinfo=~/^error/) || ($tmpinfo eq 'con_lost') ||
($tmpinfo eq 'no_such_host')) {
&failed($r,'Information needed to verify your login information is missing, inaccessible or expired.',\%form);
@@ -407,6 +436,15 @@ sub handler {
($firsturl=~/^\/adm\/(logout|remote)/)) {
$firsturl='/adm/roles';
}
+
+ my $hosthere;
+ if ($form{'iptoken'}) {
+ if (($sessiondata{'domain'} eq $form{'udom'}) &&
+ ($sessiondata{'username'} eq $form{'uname'})) {
+ $hosthere = 1;
+ }
+ }
+
# --------------------------------- Are we attempting to login as somebody else?
if ($form{'suname'}) {
# ------------ see if the original user has enough privileges to pull this stunt
@@ -430,8 +468,12 @@ sub handler {
}
}
- my ($is_balancer,$otherserver) =
- &Apache::lonnet::check_loadbalancing($form{'uname'},$form{'udom'});
+ my ($is_balancer,$otherserver);
+
+ unless ($hosthere) {
+ ($is_balancer,$otherserver) =
+ &Apache::lonnet::check_loadbalancing($form{'uname'},$form{'udom'});
+ }
if ($is_balancer) {
if (!$otherserver) {
@@ -440,7 +482,17 @@ sub handler {
if ($otherserver) {
&success($r,$form{'uname'},$form{'udom'},$authhost,'noredirect',undef,
\%form);
- $r->internal_redirect('/adm/switchserver?otherserver='.$otherserver.'&origurl='.$firsturl);
+ my $switchto = '/adm/switchserver?otherserver='.$otherserver;
+ if (($firsturl) && ($firsturl ne '/adm/switchserver') && ($firsturl ne '/adm/roles')) {
+ $switchto .= '&origurl='.$firsturl;
+ }
+ if ($form{'role'}) {
+ $switchto .= '&role='.$form{'role'};
+ }
+ if ($form{'symb'}) {
+ $switchto .= '&symb='.$form{'symb'};
+ }
+ $r->internal_redirect($switchto);
} else {
$r->print(&noswitch());
}
@@ -451,7 +503,17 @@ sub handler {
if ($otherserver) {
&success($r,$form{'uname'},$form{'udom'},$authhost,'noredirect',undef,
\%form);
- $r->internal_redirect('/adm/switchserver?otherserver='.$otherserver.'&origurl='.$firsturl);
+ my $switchto = '/adm/switchserver?otherserver='.$otherserver;
+ if (($firsturl) && ($firsturl ne '/adm/switchserver') && ($firsturl ne '/adm/roles')) {
+ $switchto .= '&origurl='.$firsturl;
+ }
+ if ($form{'role'}) {
+ $switchto .= '&role='.$form{'role'};
+ }
+ if ($form{'symb'}) {
+ $switchto .= '&symb='.$form{'symb'};
+ }
+ $r->internal_redirect($switchto);
} else {
$r->print(&noswitch());
}