--- loncom/lond	2004/02/18 10:43:02	1.178.2.1
+++ loncom/lond	2004/02/23 10:25:52	1.178.2.2
@@ -2,7 +2,7 @@
 # The LearningOnline Network
 # lond "LON Daemon" Server (port "LOND" 5663)
 #
-# $Id: lond,v 1.178.2.1 2004/02/18 10:43:02 foxr Exp $
+# $Id: lond,v 1.178.2.2 2004/02/23 10:25:52 foxr Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -48,12 +48,12 @@ use localauth;
 use File::Copy;
 use LONCAPA::ConfigFileEdit;
 
-my $DEBUG = 0;		       # Non zero to enable debug log entries.
+my $DEBUG = 1;		       # Non zero to enable debug log entries.
 
 my $status='';
 my $lastlog='';
 
-my $VERSION='$Revision: 1.178.2.1 $'; #' stupid emacs
+my $VERSION='$Revision: 1.178.2.2 $'; #' stupid emacs
 my $remoteVERSION;
 my $currenthostid;
 my $currentdomainid;
@@ -626,6 +626,7 @@ sub AuthenticateHandler {
    #  upass   - User's password.
    
    my ($udom,$uname,$upass)=split(/:/,$tail);
+   Debug(" Authenticate domain = $udom, user = $uname, password = $upass");
    chomp($upass);
    $upass=unescape($upass);
    my $proname=propath($udom,$uname);
@@ -634,6 +635,8 @@ sub AuthenticateHandler {
    #   The user's 'personal' loncapa passworrd file describes how to authenticate:
    
    if (-e $passfilename) {
+     Debug("Located password file: $passfilename");
+
       my $pf = IO::File->new($passfilename);
       my $realpasswd=<$pf>;
       chomp($realpasswd);
@@ -642,6 +645,7 @@ sub AuthenticateHandler {
       #
       #   Authenticate against password stored in the internal file.
       #
+     Debug("Authenticating via $howpwd");
       if ($howpwd eq 'internal') {
          &Debug("Internal auth");
          $pwdcorrect= (crypt($upass,$contentpwd) eq $contentpwd);
@@ -2453,7 +2457,9 @@ sub ProcessRequest {
    # Split off the request keyword from the rest of the stuff.
    
    my ($command, $tail) = split(/:/, $userinput, 2);
-   
+
+   Debug("Command received: $command, encoded = $wasenc");
+
    
 # ------------------------------------------------------------- Normal commands
 
@@ -2466,24 +2472,33 @@ sub ProcessRequest {
       my $Handler      = $$DispatchInfo[0];
       my $NeedEncode   = $$DispatchInfo[1];
       my $ClientTypes  = $$DispatchInfo[2];
+      Debug("Matched dispatch hash: mustencode: $NeedEncode ClientType $ClientTypes");
       
       #  Validate the request:
       
       my $ok = 1;
-      if($NeedEncode && (!$wasenc)) {
-         Reply($client, "refused\n", $userinput);
-         $ok = 0;
+      my $requesterprivs = 0;
+      if(isClient()) {
+	$requesterprivs |= $CLIENT_OK;
       }
-      if(isClient && (($ClientTypes & $CLIENT_OK) == 0)) {
-         Reply($client, "refused\n", $userinput);
-         $ok = 0;
+      if(isManager()) {
+	$requesterprivs |= $MANAGER_OK;
       }
-      if(isManager && (($ClientTypes & $MANAGER_OK) == 0)) {
-         Reply($client, "refused\n", $userinput);
+      if($NeedEncode && (!$wasenc)) {
+	Debug("Must encode but wasn't: $NeedEncode $wasenc");
          $ok = 0;
       }
+      if(($ClientTypes & $requesterprivs) == 0) {
+	Debug("Client not privileged to do this operation");
+	$ok = 0;
+      }
+
       if($ok) {
+	Debug("Dispatching to handler $command $tail");
          $KeepGoing = &$Handler($command, $tail, $client);
+      } else {
+	Debug("Refusing to dispatch because ok is false");
+	Failure($client, "refused", $userinput);
       }