--- loncom/auth/lonwebdavauth.pm 2015/05/29 18:42:01 1.3 +++ loncom/auth/lonwebdavauth.pm 2015/05/29 20:00:49 1.4 @@ -1,7 +1,7 @@ # The LearningOnline Network # Authentication Handler for webDAV access to Authoring Space. # -# $Id: lonwebdavauth.pm,v 1.3 2015/05/29 18:42:01 raeburn Exp $ +# $Id: lonwebdavauth.pm,v 1.4 2015/05/29 20:00:49 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -57,11 +57,10 @@ The perlvar "lonDAVsessDir" in /etc/http provides the directory location: /home/httpd/webdav/sessionIDs. If the session is stale, or the cookie is missing or invalid, -the user is re-challenged for login information. If the perlvar -lonOtherAuthen has been set, Single Sign On will be used, otherwise -an Apache Basic Auth request will be sent to the client. +the user is re-challenged for login information, by sending +an Apache Basic Auth request to the client. -If Apache Basic Auth is used, successful authentication will +If Apache Basic Auth is successful authentication will result in creation of a webDAV session file containing a minimal set of information about the user which will also be loaded into the user's environment. The environment persists @@ -87,13 +86,8 @@ Check for valid webDAV session =item * -No session? - if SSO enabled: return DECLINED - -=item * - -No session? - if SSO not enabled: return AUTH_REQUIRED -which will prompt webDAV client to authenticate user -(via Apache Basic Auth). +No session? return AUTH_REQUIRED which will prompt +webDAV client to authenticate user (via Apache Basic Auth). =item * @@ -179,13 +173,6 @@ sub handler { } } - if ($r->dir_config('lonOtherAuthen') eq 'yes') { - if (defined($r->dir_config('lonOtherAuthenType'))) { - $r->auth_type($r->dir_config('lonOtherAuthenType')); - } - return DECLINED; - } - my ($status,$upass) = $r->get_basic_auth_pw; return $status unless ($status == 0 || $status == OK); @@ -198,7 +185,7 @@ sub handler { } else { $uname = $r->user; ($udom) = ($r->uri =~ m{^/webdav/($match_domain)/}); - unless (($udom ne '' ) && ($uname =~ /^$match_username$/)) { + unless (($udom ne '' ) && ($uname =~ /^$match_username$/) && ($upass ne '')) { $r->note_basic_auth_failure; return AUTH_REQUIRED; }