Annotation of loncom/auth/lonracc.pm, revision 1.24
1.1 albertel 1: # The LearningOnline Network
2: # Access Handler for File Transfers
1.3 www 3: #
1.24 ! raeburn 4: # $Id: lonracc.pm,v 1.23 2008/11/12 20:01:09 jms Exp $
1.3 www 5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
1.1 albertel 28:
1.23 jms 29: =pod
30:
31: =head1 NAME
32:
33: Apache::lonracc - Access Handler for File Transfers
34:
35: =head1 SYNOPSIS
36:
37: Invoked by /etc/httpd/conf/loncapa.conf:
38:
39: <LocationMatch "^/raw.*">
40: PerlAccessHandler Apache::lonracc
41: </LocationMatch>
42:
43: =head1 INTRODUCTION
44:
45: This module enables authentication for file transfers and works
46: against the /res tree.
47:
48: Only lond invokes the /raw namespace through its subscribe function.
49:
50: This is part of the LearningOnline Network with CAPA project
51: described at http://www.lon-capa.org.
52:
53: =head1 HANDLER SUBROUTINE
54:
55: This routine is called by Apache and mod_perl.
56:
57: =over 4
58:
59: =item *
60:
61: Determine requesting host
62:
63: =item *
64:
65: See whether or not the requesting host is subscribed.
66:
67: =item *
68:
69: Respond with status of request and make log entry in case of unallowed
70: access.
71:
72: =back
73:
74: =cut
75:
1.1 albertel 76: package Apache::lonracc;
77:
78: use strict;
79: use Apache::Constants qw(:common :remotehost);
1.17 albertel 80: use Apache::lonnet;
1.1 albertel 81: use Apache::File();
1.14 albertel 82: use IO::Socket;
1.1 albertel 83:
1.5 albertel 84: sub subscribed {
85: my ($filename,$id) = @_;
1.18 albertel 86:
1.20 albertel 87: return 0 if (!-e "$filename.subscription");
1.18 albertel 88:
1.21 albertel 89: my $hostname=&Apache::lonnet::hostname($id);
1.14 albertel 90: my (undef,undef,undef,undef,$ip) = gethostbyname($hostname);
1.18 albertel 91:
92: return 0 if (length($ip) != 4);
93:
1.14 albertel 94: $ip=inet_ntoa($ip);
1.18 albertel 95:
96: my $expr='^'.quotemeta($id).':'.quotemeta($ip).':';
97:
98: my $found=0;
99: if (my $sh=Apache::File->new("$filename.subscription")) {
1.5 albertel 100: while (my $subline=<$sh>) { if ($subline =~ /$expr/) { $found=1; } }
101: $sh->close();
102: }
103: return $found;
104: }
105:
1.1 albertel 106: sub handler {
107: my $r = shift;
1.19 albertel 108:
109: my $filename=$r->filename;
110: if (!-e $filename) {
111: return NOT_FOUND;
112: }
113:
1.24 ! raeburn 114: my $reqhost = &Apache::lonnet::get_requestor_ip($r,REMOTE_NOLOOKUP,1);
1.22 albertel 115: my @hostids= &Apache::lonnet::get_hosts_from_ip($reqhost);
116: if (!@hostids && $reqhost ne '127.0.0.1' ) {
1.16 albertel 117: $r->log_reason("Unable to find a host for ".
118: $r->get_remote_host(REMOTE_NOLOOKUP));
1.15 albertel 119: return FORBIDDEN;
1.12 www 120: }
1.16 albertel 121: if ($reqhost eq '127.0.0.1') {
1.14 albertel 122: return OK;
1.1 albertel 123: }
1.13 www 124: my $return;
1.18 albertel 125: my @ids;
1.16 albertel 126:
1.22 albertel 127: foreach my $id (@hostids) {
1.16 albertel 128: my $uri =$r->uri;
1.18 albertel 129: if (($filename=~/\.meta$/) ||
130: ($uri=~m|^/raw/uploaded|) ||
131: (-e "$filename.$id") ||
132: &subscribed($filename,$id) ) {
1.16 albertel 133: return OK;
134: } else {
135: $return=FORBIDDEN;
136: push(@ids,$id);
1.13 www 137: }
138: }
139: if ($return == FORBIDDEN) {
140: $r->log_reason(join(':',@ids)." not subscribed", $r->filename);
141: return FORBIDDEN;
1.1 albertel 142: }
143: $r->log_reason("Invalid request for file transfer from $reqhost",
144: $r->filename);
145: return FORBIDDEN;
146: }
147:
148: 1;
149: __END__
150:
1.4 harris41 151:
1.1 albertel 152:
153:
154:
155:
156:
157:
158:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to lonracc.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / auth