--- loncom/auth/lontokacc.pm	2002/07/27 18:48:19	1.1
+++ loncom/auth/lontokacc.pm	2002/08/01 22:36:11	1.4
@@ -1,8 +1,7 @@
 # The LearningOnline Network
-# Low security Access Handler for Token-based access 
-# (clearance given by other loncapa host)
+# Access Handler for User File Transfers
 #
-# $Id: lontokacc.pm,v 1.1 2002/07/27 18:48:19 www Exp $
+# $Id: lontokacc.pm,v 1.4 2002/08/01 22:36:11 www Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -32,21 +31,31 @@ package Apache::lontokacc;
 use strict;
 use Apache::Constants qw(:common :remotehost);
 use Apache::lonnet();
-use Apache::loncommon();
+use Apache::File();
 
 sub handler {
     my $r = shift;
-    &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},
-    ['token','server']);
-    if (($ENV{'form.token'}) || ($ENV{'form.server'})) {
-        my $tmpinfo=Apache::lonnet::reply('tmpget:'.$ENV{'form.token'},
-                                                    $ENV{'form.server'});
-
-        if ($tmpinfo eq $r->uri) {
-	   return OK;
-        }
+    my $reqhost;
+    unless ($reqhost=$r->get_remote_host(REMOTE_DOUBLE_REV)) {
+       $r->log_reason("Spoof request");
+       return FORBIDDEN;
     }
-    $r->log_reason("Invalid token-based access",$r->filename); 
+    my $readline;
+    my $lontabdir=$r->dir_config('lonTabDir');
+    {
+       my $fh;
+       unless ($fh=Apache::File->new("$lontabdir/hosts.tab")) {
+          $r->log_reason("Could not find host tab file");
+          return FORBIDDEN;
+       }
+       while ($readline=<$fh>) {
+          my ($id,$domain,$role,$name,$ip)=split(/:/,$readline);
+          if ($name =~ /$reqhost/i) { return OK; }
+       }
+
+    }
+    $r->log_reason("Invalid request for user file transfer from $reqhost", 
+                   $r->filename); 
     return FORBIDDEN;
 }
 
@@ -54,3 +63,8 @@ sub handler {
 __END__
 
 
+
+
+
+
+