--- loncom/auth/lonacc.pm 2013/12/13 02:10:27 1.149 +++ loncom/auth/lonacc.pm 2014/05/05 23:17:12 1.155 @@ -1,7 +1,7 @@ # The LearningOnline Network # Cookie Based Access Handler # -# $Id: lonacc.pm,v 1.149 2013/12/13 02:10:27 raeburn Exp $ +# $Id: lonacc.pm,v 1.155 2014/05/05 23:17:12 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -160,6 +160,8 @@ sub get_posted_cgi { if (length($value) == 1) { $value=~s/[\r\n]$//; } + } elsif ($fname =~ /\.(xls|doc|ppt)x$/i) { + $value=~s/[\r\n]$//; } if (ref($fields) eq 'ARRAY') { next if (!grep(/^\Q$name\E$/,@{$fields})); @@ -264,10 +266,13 @@ sub upload_size_allowed { =item sso_login() handle the case of the single sign on user, at this point $r->user - will be set and valid now need to find the loncapa user info, and possibly + will be set and valid; now need to find the loncapa user info, and possibly balance them. If $r->user() is set this means either it was either set by - SSO or by checkauthen.pm if a valid cookie was found. The latter case can - be identified by the third arg ($usename). + SSO or by checkauthen.pm, if a valid cookie was found. The latter case can + be identified by the third arg ($usename), except when lonacc is called in + an internal redirect to /adm/switchserver (e.g., load-balancing following + successful authentication) -- no cookie set yet. For that particular case + simply skip the call to sso_login(). returns OK if it was SSO and user was handled. returns undef if not SSO or no means to handle the user. @@ -361,6 +366,11 @@ sub sso_login { $info{$item} = $form{$item}; } } + unless ($info{'symb'}) { + unless (($r->uri eq '/adm/roles') || ($r->uri eq '/adm/sso')) { + $info{'origurl'} = $r->uri; + } + } if ($r->dir_config("ssodirecturl") == 1) { $info{'origurl'} = $r->uri; } @@ -376,10 +386,8 @@ sub sso_login { $r->set_handlers('PerlHandler'=> undef); } return OK; - } elsif (defined($r->dir_config('lonSSOUserUnknownRedirect'))) { + } else { &Apache::lonnet::logthis(" SSO authorized unknown user $user "); - $r->subprocess_env->set('SSOUserUnknown' => $user); - $r->subprocess_env->set('SSOUserDomain' => $domain); my @cancreate; my %domconfig = &Apache::lonnet::get_dom('configuration',['usercreation'],$domain); @@ -393,13 +401,18 @@ sub sso_login { } } } - if (grep(/^sso$/,@cancreate)) { - $r->internal_redirect('/adm/createaccount'); - } else { - $r->internal_redirect($r->dir_config('lonSSOUserUnknownRedirect')); + if ((grep(/^sso$/,@cancreate)) || (defined($r->dir_config('lonSSOUserUnknownRedirect')))) { + $r->subprocess_env->set('SSOUserUnknown' => $user); + $r->subprocess_env->set('SSOUserDomain' => $domain); + if (grep(/^sso$/,@cancreate)) { + $r->set_handlers('PerlHandler'=> [\&Apache::createaccount::handler]); + $r->handler('perl-script'); + } else { + $r->internal_redirect($r->dir_config('lonSSOUserUnknownRedirect')); + $r->set_handlers('PerlHandler'=> undef); + } + return OK; } - $r->set_handlers('PerlHandler'=> undef); - return OK; } return undef; } @@ -419,9 +432,11 @@ sub handler { my %user; my $handle = &Apache::lonnet::check_for_valid_session($r,undef,\%user); - my $result = &sso_login($r,$handle,$user{'name'}); - if (defined($result)) { - return $result; + unless (($requrl eq '/adm/switchserver') && (!$r->is_initial_req())) { + my $result = &sso_login($r,$handle,$user{'name'}); + if (defined($result)) { + return $result; + } } my ($is_balancer,$otherserver); @@ -520,6 +535,10 @@ sub handler { if ($otherserver ne '') { $env{'form.otherserver'} = $otherserver; } + unless (($env{'form.origurl'}) || ($r->uri eq '/adm/roles') || + ($r->uri eq '/adm/switchserver') || ($r->uri eq '/adm/sso')) { + $env{'form.origurl'} = $r->uri; + } } # ---------------------------------------------------------------- Check access