Return to checkauthen.pm CVS log

Up to [LON-CAPA] / loncom / auth

- Support Apache 2.4
  - PerlAuthenHandler needs to set $r->user() for requests for <Location>
    directives which include Require valid-user
  - reverse changes in publiccheck.pm rev. 1.20 and 1.21
  - modify changes in lonacc.pm rev. 1.143 and 1.147
  - reverse changes in lonnet.pm rev. 1.1212 and 1.1213, and modify changes
    in rev. 1.1244 (no longer treating 2.4 as a special case).
- Apache access logs will now include username (or username:domain if user's
  domain is not server's default domain) for URLs requiring "valid-user",
- Apache access logs will now include 'public' as requester for image
  files from /res/adm/pages and also domain logos etc.

# The LearningOnline Network
# checks for a cokkie to authenticate a user
#
# $Id: checkauthen.pm,v 1.14 2013/12/13 02:10:27 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
#
# LON-CAPA is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# LON-CAPA is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with LON-CAPA; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
# /home/httpd/html/adm/gpl.txt
#
# http://www.lon-capa.org/
#
###

package Apache::checkauthen;

use strict;
use Apache::Constants qw(:common);
use Apache::lonnet;

sub handler {
    my ($r) = @_;

    if ($r->uri() =~ m{^/res/adm/pages/[^/]+\.(gif|png)$}) {
        if ($r->user() eq '') {
            $r->user('public');
        }
        return OK;
    }

    if (&Apache::lonnet::is_domainimage($r->uri)) {
        if ($r->user() eq '') {
            $r->user('public');
        }
        return OK;
    }

    if ($r->auth_type() ne 'LONCAPA') {
	return DECLINED;
    }
    my $fail = FORBIDDEN; 
    if ($r->dir_config('lonOtherAuthen') eq 'yes') {
	if (defined($r->dir_config('lonOtherAuthenType'))) {
            $r->auth_type($r->dir_config('lonOtherAuthenType'));
        }
	#&Apache::lonnet::logthis("other authen");
	$fail = DECLINED;
    }

    if ($env{'user.name'} eq 'public' 
	&& $env{'user.domain'} eq 'public') {
	if ($env{'request.publicaccess'} ) {
            if ($r->user() eq '') {
                $r->user('public');
            }
	    return OK;
	} else {
	    return $fail;
	}
    }

    my %user;
    my $handle = &Apache::lonnet::check_for_valid_session($r,undef,\%user);
    if ($handle eq '') {
        $handle = $env{'user.environment'};
        if (($handle ne '') && ($r->user() eq '')) {
            if ($env{'user.domain'} eq $r->dir_config('lonDefDomain')) {
                $r->user($env{'user.name'});
            } else {
                $r->user($env{'user.name'}.':'.$env{'user.domain'});
            }
        }
    }

    if ($handle ne '') {
        if ($r->user() eq '') {
            if ($user{'domain'} eq $r->dir_config('lonDefDomain')) {
                $r->user($user{'name'});
            } else {
                $r->user($user{'name'}.':'.$user{'domain'});
            }
        }
        return OK;
    }
    if (($fail == FORBIDDEN) && ($r->uri eq '/adm/email')) {
        $env{'form.firsturl'} = $r->uri;
    }
    return $fail;
}

1;