Annotation of loncom/auth/lonracc.pm, revision 1.23
1.1 albertel 1: # The LearningOnline Network
2: # Access Handler for File Transfers
1.3 www 3: #
1.23 ! jms 4: # $Id: lonracc.pm,v 1.22 2007/03/02 23:43:29 albertel Exp $
1.3 www 5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
1.1 albertel 28:
1.23 ! jms 29: =pod
! 30:
! 31: =head1 NAME
! 32:
! 33: Apache::lonracc - Access Handler for File Transfers
! 34:
! 35: =head1 SYNOPSIS
! 36:
! 37: Invoked by /etc/httpd/conf/loncapa.conf:
! 38:
! 39: <LocationMatch "^/raw.*">
! 40: PerlAccessHandler Apache::lonracc
! 41: </LocationMatch>
! 42:
! 43: =head1 INTRODUCTION
! 44:
! 45: This module enables authentication for file transfers and works
! 46: against the /res tree.
! 47:
! 48: Only lond invokes the /raw namespace through its subscribe function.
! 49:
! 50: This is part of the LearningOnline Network with CAPA project
! 51: described at http://www.lon-capa.org.
! 52:
! 53: =head1 HANDLER SUBROUTINE
! 54:
! 55: This routine is called by Apache and mod_perl.
! 56:
! 57: =over 4
! 58:
! 59: =item *
! 60:
! 61: Determine requesting host
! 62:
! 63: =item *
! 64:
! 65: See whether or not the requesting host is subscribed.
! 66:
! 67: =item *
! 68:
! 69: Respond with status of request and make log entry in case of unallowed
! 70: access.
! 71:
! 72: =back
! 73:
! 74: =cut
! 75:
1.1 albertel 76: package Apache::lonracc;
77:
78: use strict;
79: use Apache::Constants qw(:common :remotehost);
1.17 albertel 80: use Apache::lonnet;
1.1 albertel 81: use Apache::File();
1.14 albertel 82: use IO::Socket;
1.1 albertel 83:
1.5 albertel 84: sub subscribed {
85: my ($filename,$id) = @_;
1.18 albertel 86:
1.20 albertel 87: return 0 if (!-e "$filename.subscription");
1.18 albertel 88:
1.21 albertel 89: my $hostname=&Apache::lonnet::hostname($id);
1.14 albertel 90: my (undef,undef,undef,undef,$ip) = gethostbyname($hostname);
1.18 albertel 91:
92: return 0 if (length($ip) != 4);
93:
1.14 albertel 94: $ip=inet_ntoa($ip);
1.18 albertel 95:
96: my $expr='^'.quotemeta($id).':'.quotemeta($ip).':';
97:
98: my $found=0;
99: if (my $sh=Apache::File->new("$filename.subscription")) {
1.5 albertel 100: while (my $subline=<$sh>) { if ($subline =~ /$expr/) { $found=1; } }
101: $sh->close();
102: }
103: return $found;
104: }
105:
1.1 albertel 106: sub handler {
107: my $r = shift;
1.19 albertel 108:
109: my $filename=$r->filename;
110: if (!-e $filename) {
111: return NOT_FOUND;
112: }
113:
1.15 albertel 114: my $reqhost = $r->get_remote_host(REMOTE_NOLOOKUP);
1.22 albertel 115: my @hostids= &Apache::lonnet::get_hosts_from_ip($reqhost);
116: if (!@hostids && $reqhost ne '127.0.0.1' ) {
1.16 albertel 117: $r->log_reason("Unable to find a host for ".
118: $r->get_remote_host(REMOTE_NOLOOKUP));
1.15 albertel 119: return FORBIDDEN;
1.12 www 120: }
1.16 albertel 121: if ($reqhost eq '127.0.0.1') {
1.14 albertel 122: return OK;
1.1 albertel 123: }
1.13 www 124: my $return;
1.18 albertel 125: my @ids;
1.16 albertel 126:
1.22 albertel 127: foreach my $id (@hostids) {
1.16 albertel 128: my $uri =$r->uri;
1.18 albertel 129: if (($filename=~/\.meta$/) ||
130: ($uri=~m|^/raw/uploaded|) ||
131: (-e "$filename.$id") ||
132: &subscribed($filename,$id) ) {
1.16 albertel 133: return OK;
134: } else {
135: $return=FORBIDDEN;
136: push(@ids,$id);
1.13 www 137: }
138: }
139: if ($return == FORBIDDEN) {
140: $r->log_reason(join(':',@ids)." not subscribed", $r->filename);
141: return FORBIDDEN;
1.1 albertel 142: }
143: $r->log_reason("Invalid request for file transfer from $reqhost",
144: $r->filename);
145: return FORBIDDEN;
146: }
147:
148: 1;
149: __END__
150:
1.4 harris41 151:
1.1 albertel 152:
153:
154:
155:
156:
157:
158:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to lonracc.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / auth