--- loncom/auth/lonacc.pm	2007/01/31 16:48:54	1.107
+++ loncom/auth/lonacc.pm	2007/04/26 18:31:53	1.109
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
 #
-# $Id: lonacc.pm,v 1.107 2007/01/31 16:48:54 albertel Exp $
+# $Id: lonacc.pm,v 1.109 2007/04/26 18:31:53 banghart Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -207,6 +207,9 @@ sub sso_login {
 sub handler {
     my $r = shift;
     my $requrl=$r->uri;
+    if (&Apache::lonnet::is_domainimage($requrl)) {
+        return OK;
+    }
     my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
     my $lonid=$cookies{'lonID'};
     my $cookie;
@@ -284,6 +287,14 @@ sub handler {
 		$env{'user.domain'};
 	    if ($requrl !~ /^\Q$start\E/) {
 		$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
+		return HTTP_NOT_ACCEPTABLE;
+	    }
+	}
+	if ($requrl =~ m|^/zipspool/|) {
+	    my $start='/zipspool/zipout/'.$env{'user.name'}.
+		$env{'user.domain'};
+	    if ($requrl !~ /^\Q$start\E/) {
+		$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
 		return HTTP_NOT_ACCEPTABLE;
 	    }
 	}