[BACK]Return to loncacc.pm CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom / auth
File:  [LON-CAPA] / loncom / auth / loncacc.pm
Revision 1.8: download - view: text, annotated - select for diffs
Fri Sep 15 15:04:17 2000 UTC (23 years, 7 months ago) by www
Branches: MAIN
CVS tags: HEAD
Flush content length after reading POST parms

# The LearningOnline Network
# Cookie Based Access Handler for Construction Area
# (lonacc: 5/21/99,5/22,5/29,5/31 Gerd Kortemeyer)
# 6/15,16/11,22/11,
# 01/06,01/11,6/1 Gerd Kortemeyer

package Apache::loncacc;

use strict;
use Apache::Constants qw(:common :http :methods);
use Apache::File;
use CGI::Cookie();

sub handler {
    my $r = shift;
    my $requrl=$r->uri;
    my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
    my $lonid=$cookies{'lonID'};
    my $cookie;
    if ($lonid) {
	my $handle=$lonid->value;
        $handle=~s/\W//g;
        my $lonidsdir=$r->dir_config('lonIDsDir');
        if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
            my $ownername=$requrl;
            $ownername=~s/\/\~(\w+).*/\1/;
            my $ownerdomain=$r->dir_config('lonDefDomain');
            my @handleparts=split(/\_/,$handle);
            my $username=$handleparts[0];
            my $domain=$handleparts[2];
            if (($username ne $ownername) || ($domain ne $ownerdomain)) {
                $r->log_reason
                   ("$username at $domain not authorized", $r->filename); 
	        return HTTP_NOT_ACCEPTABLE;
            }
            my @profile;
	    {
             my $idf=Apache::File->new("$lonidsdir/$handle.id");
             @profile=<$idf>;
	    }
            my $envi;
            for ($envi=0;$envi<=$#profile;$envi++) {
		chomp($profile[$envi]);
		my ($envname,$envvalue)=split(/=/,$profile[$envi]);
                $r->subprocess_env("$envname" => "$envvalue");
            }
            $r->subprocess_env("user.environment" => "$lonidsdir/$handle.id",
                               "request.state"    => "construct",
                               "request.filename" => $r->filename);
            my $buffer;

            $r->read($buffer,$r->header_in('Content-length'));
            my @pairs=split(/&/,$buffer);
            my $pair; my $name; my $value;
            foreach $pair (@pairs) {
               ($name,$value) = split(/=/,$pair);
               $value =~ tr/+/ /;
               $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
               $r->subprocess_env("form.$name" => $value);
            } 

            $r->method_number(M_GET);
	    $r->method('GET');
            $r->headers_in->unset('Content-length');

            return OK; 
        } else { 
            $r->log_reason("Cookie $handle not valid", $r->filename) 
        };
    }

# ----------------------------------------------- Store where they wanted to go

    $ENV{'request.firsturl'}=$requrl;
    return FORBIDDEN;
}

1;
__END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>