--- loncom/loncapa_apache.conf	2020/09/11 19:37:39	1.272
+++ loncom/loncapa_apache.conf	2023/08/28 18:58:45	1.282
@@ -2,7 +2,7 @@
 ## loncapa_apache.conf -- Apache HTTP LON-CAPA configuration file
 ##
 
-# $Id: loncapa_apache.conf,v 1.272 2020/09/11 19:37:39 raeburn Exp $
+# $Id: loncapa_apache.conf,v 1.282 2023/08/28 18:58:45 raeburn Exp $
 
 #
 # LON-CAPA Section (extensions to httpd.conf daemon configuration)
@@ -150,7 +150,7 @@ ErrorDocument     406 /adm/roles
 ErrorDocument	  500 /adm/errorhandler
 </LocationMatch>
 
-<LocationMatch "^/+uploaded/.+/.+/(portfolio|feedback|docs|groups)/.+">
+<LocationMatch "^/+uploaded/.+/.+/(portfolio|feedback|docs|groups|supplemental)/.+">
    Options +FollowSymLinks -Includes
 </LocationMatch>
 
@@ -280,6 +280,7 @@ AuthType LONCAPA
 Require valid-user
 PerlAuthzHandler        Apache::lonacc
 SetHandler              perl-script
+PerlHandler             Apache::lonslotcheck
 PerlHandler             Apache::londatecheck
 PerlHandler             Apache::lonipcheck
 PerlHandler             Apache::lonexttool
@@ -508,7 +509,7 @@ Require valid-user
 PerlAuthzHandler       Apache::lonacc
 ErrorDocument     403 /adm/login
 ErrorDocument     404 /adm/notfound.html
-ErrorDocument     406 /adm/unauthorized
+ErrorDocument     406 /adm/roles
 ErrorDocument     500 /adm/errorhandler
 </LocationMatch>
 
@@ -517,7 +518,7 @@ SetHandler perl-script
 PerlHandler Apache::daxepage
 </LocationMatch>
 
-<LocationMatch "^/daxepage/uploaded/[^/]+/[^/]+/.*html?$">
+<LocationMatch "^/daxepage/uploaded/[^/]+/[^/]+/(docs|supplemental)/.*html?$">
 SetHandler perl-script
 PerlHandler Apache::daxepage
 </LocationMatch>
@@ -532,12 +533,12 @@ SetHandler perl-script
 PerlHandler Apache::daxeopen
 </LocationMatch>
 
-<LocationMatch "^/daxeopen/(res|priv)/(.+/)?$">
+<LocationMatch "^/daxeopen/(res|priv|uploaded)/(.+/)?$">
 SetHandler perl-script
 PerlHandler Apache::daxeopen
 </LocationMatch>
 
-<LocationMatch "^/daxeopen/uploaded/[^/]+/[^/]+/.*html?$">
+<LocationMatch "^/daxeopen/uploaded/[^/]+/[^/]+/(docs|supplemental)/.*html?$">
 SetHandler perl-script
 PerlHandler Apache::daxeopen
 </LocationMatch>
@@ -549,6 +550,13 @@ PerlHandler Apache::daxeopen
 </IfModule>
 </LocationMatch>
 
+<LocationMatch "(?i)^/daxeopen/uploaded/.+\.(?!html$|htm$|xhtml$|xhtm$)[^.]*$">
+<IfModule mod_rewrite.c>
+  RewriteEngine on
+  RewriteRule /daxeopen/(.*) /$1
+</IfModule>
+</LocationMatch>
+
 <LocationMatch "(?i)^/daxeopen/(res/.*\.(jpg|jpeg|gif|png|svg))$">
 <IfModule mod_rewrite.c>
   RewriteEngine on
@@ -765,11 +773,43 @@ ErrorDocument     406 /adm/roles
 ErrorDocument     500 /adm/errorhandler
 </Location>
 
+<Location /adm/courseauthor>
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler       Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::loncourseauthor
+ErrorDocument     403 /adm/login
+ErrorDocument     406 /adm/roles
+ErrorDocument     500 /adm/errorhandler
+</Location>
+
+<Location /adm/courseuser>
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler       Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::loncourseuser
+ErrorDocument     403 /adm/login
+ErrorDocument     406 /adm/roles
+ErrorDocument     500 /adm/errorhandler
+</Location>
+
 <Location /adm/login>
 SetHandler perl-script
 PerlHandler Apache::lonlogin
 </Location>
 
+<LocationMatch "^/+adm/launch/tiny/[\w.-]+/\w+">
+SetHandler perl-script
+PerlHandler Apache::ltiauth
+</LocationMatch>
+
+<Location /adm/relaunch>
+SetHandler perl-script
+PerlHandler Apache::lonrelaunch
+</Location>
+
 <LocationMatch "^/+adm/lti($|/)">
 SetHandler perl-script
 PerlHandler Apache::ltiauth
@@ -853,6 +893,7 @@ PerlHandler Apache::migrateuser
 </Location>
 
 <Location /adm/sso>
+  Header set Cache-Control "private,no-store,no-cache,max-age=0"
   <IfModule mod_shib>
     AuthType shibboleth
     ShibUseEnvironment On
@@ -861,12 +902,25 @@ PerlHandler Apache::migrateuser
     require valid-user
     PerlAuthzHandler       Apache::lonshibacc
     PerlAuthzHandler       Apache::lonacc
+    ErrorDocument     403 /adm/login
+    ErrorDocument     500 /adm/errorhandler
   </IfModule>
   <IfModule !mod_shib>
     PerlTypeHandler        Apache::lonnoshib
   </IfModule>
 </Location>
 
+<Location /adm/linkexit>
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler       Apache::lonacc
+SetHandler perl-script
+PerlHandler Apache::lonlinkexit
+ErrorDocument     403 /adm/login
+ErrorDocument     409 /adm/preferences?action=lockwarning
+ErrorDocument     500 /adm/errorhandler
+</Location>
+
 <Location /adm/annotations>
 AuthType LONCAPA
 Require valid-user
@@ -1742,10 +1796,6 @@ AllowOverride None
    DirectoryIndex disabled
 </DirectoryMatch>
 
-<DirectoryMatch "^/home/httpd/lonUsers/*">
-   Options +FollowSymLinks -Includes
-</DirectoryMatch>
-
 # ============================================================= Access Handlers
 
 # ------------------------------------------------- Allow server-status reports