--- loncom/auth/switchserver.pm	2013/09/29 00:49:24	1.32
+++ loncom/auth/switchserver.pm	2016/12/16 15:31:11	1.35
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Switch Servers Handler
 #
-# $Id: switchserver.pm,v 1.32 2013/09/29 00:49:24 raeburn Exp $
+# $Id: switchserver.pm,v 1.35 2016/12/16 15:31:11 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -96,21 +96,28 @@ sub handler {
 
     if (!defined($switch_to)) { return FORBIDDEN; }
 
+    my $protocol = 'http';
+    if ($env{'form.otherserver'}) {
+        if ($Apache::lonnet::protocol{$env{'form.otherserver'}} eq 'https') {
+            $protocol = $Apache::lonnet::protocol{$env{'form.otherserver'}};
+        }
+    } 
+
     if ($env{'user.name'} eq 'public'
 	&& $env{'user.domain'} eq 'public') {
-	my $url = 'http://'.$switch_to.$r->uri;
+	my $url = $protocol.'://'.$switch_to.$r->uri;
 	return &do_redirect($r,$url,1)
     }
 
     my $skip_canhost_check = '';
     if ($env{'form.role'}) {
         if (!exists($env{'user.role.'.$env{'form.role'}})) {
-            return FORBIDDEN;
+            delete($env{'form.role'});
         } else {
             my $now = time;
             my ($start,$end) = split(/\./,$env{'user.role.'.$env{'form.role'}});
             if (($start && $start > $now) || ($end && $end < $now)) {
-                return FORBIDDEN;
+                delete($env{'form.role'});
             } elsif ($env{'form.role'} eq 'au./'.$env{'user.domain'}.'/') {
                 if (&Apache::lonnet::homeserver($env{'user.name'},$env{'user.domain'}) eq $env{'form.otherserver'}) {
                     $skip_canhost_check = 1;
@@ -153,9 +160,15 @@ sub handler {
     my %temp=('switchserver' => time.':'.$env{'form.otherserver'},
 	      $env{'form.role'});
     &Apache::lonnet::put('email_status',\%temp);
+    my $logmsg = "Switch Server to $env{'form.otherserver'}";
+    if ($env{'form.role'}) {
+        $logmsg .= " with role: $env{'form.role'}";
+    } else {
+        $logmsg .= " (no role)";
+    }
+    $logmsg .= ' '.$ENV{'REMOTE_ADDR'};
     &Apache::lonnet::log($env{'user.domain'},$env{'user.name'},
-			 $env{'user.home'},
-			 "Switch Server to $env{'form.otherserver'} with role $env{'form.role'} $ENV{'REMOTE_ADDR'}");
+			 $env{'user.home'},$logmsg);
 
     &Apache::loncommon::content_type($r,'text/html');
 
@@ -193,7 +206,7 @@ sub handler {
         $info{'sso.reloginserver'} = $env{'request.sso.reloginserver'};
     }
     my $token = &Apache::lonnet::tmpput(\%info,$env{'form.otherserver'});
-    my $url ='http://'.$switch_to.'/adm/login?'.
+    my $url =$protocol.'://'.$switch_to.'/adm/login?'.
 	'domain='.$env{'user.domain'}.
 	'&amp;username='.$env{'user.name'}.
 	'&amp;token='.$token;