Annotation of loncom/auth/lonshibacc.pm, revision 1.1
1.1 ! raeburn 1: # The LearningOnline Network
! 2: # Authorization handler for Shibboleth authenticated users
! 3: #
! 4: # $Id: lonshibacc.pm $
! 5: #
! 6: # Copyright Michigan State University Board of Trustees
! 7: #
! 8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
! 9: #
! 10: # LON-CAPA is free software; you can redistribute it and/or modify
! 11: # it under the terms of the GNU General Public License as published by
! 12: # the Free Software Foundation; either version 2 of the License, or
! 13: # (at your option) any later version.
! 14: #
! 15: # LON-CAPA is distributed in the hope that it will be useful,
! 16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
! 17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
! 18: # GNU General Public License for more details.
! 19: #
! 20: # You should have received a copy of the GNU General Public License
! 21: # along with LON-CAPA; if not, write to the Free Software
! 22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
! 23: #
! 24: # /home/httpd/html/adm/gpl.txt
! 25: #
! 26: # http://www.lon-capa.org/
! 27: #
! 28:
! 29: =head1 NAME
! 30:
! 31: Apache::lonshibacc - Authorization handler if Shibboleth-authenticated
! 32:
! 33: =head1 SYNOPSIS
! 34:
! 35: Invoked for /adm/sso by
! 36: /etc/httpd/conf/loncapa_apache.conf:
! 37:
! 38: PerlAuthzHandler Apache::lonshibacc
! 39:
! 40: =head1 INTRODUCTION
! 41:
! 42: Authorization handler used to remove trailing @internet dom
! 43: from Shibboleth authenticated username (e.g., @mit.edu).
! 44:
! 45: After making change to $r->user, will return DECLINE so
! 46: lonacc.pm can be invoked as the next authorization handler.
! 47:
! 48: PerlAuthzHandler Apache::lonacc
! 49:
! 50: =head1 HANDLER SUBROUTINE
! 51:
! 52: This routine is called by Apache and mod_perl.
! 53:
! 54: =cut
! 55:
! 56: package Apache::lonshibacc;
! 57:
! 58: use strict;
! 59: use lib '/home/httpd/lib/perl/';
! 60: use Apache::lonnet;
! 61: use Apache::Constants qw(:common);
! 62: use LONCAPA qw(:DEFAULT);
! 63:
! 64: sub handler {
! 65: my $r = shift;
! 66: my $user = $r->user;
! 67: if ($user ne '') {
! 68: my $udom = $r->dir_config('lonSSOUserDomain');
! 69: if ($udom eq '') {
! 70: $udom = $r->dir_config('lonDefDomain');
! 71: }
! 72: if ($udom ne '') {
! 73: my $uprimary_id = &Apache::lonnet::domain($udom,'primary');
! 74: my $uint_dom = &Apache::lonnet::internet_dom($uprimary_id);
! 75: if ($user =~ /^(\w+)\@\Q$uint_dom\E$/i) {
! 76: my $username = $1;
! 77: $user = $r->user($username);
! 78: }
! 79: }
! 80: }
! 81: return DECLINED;
! 82: }
! 83:
! 84: 1;
! 85: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to lonshibacc.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / auth