--- loncom/auth/lonacc.pm	2016/08/05 20:27:18	1.159.2.2
+++ loncom/auth/lonacc.pm	2014/12/01 22:52:54	1.160
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
 #
-# $Id: lonacc.pm,v 1.159.2.2 2016/08/05 20:27:18 raeburn Exp $
+# $Id: lonacc.pm,v 1.160 2014/12/01 22:52:54 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -109,6 +109,7 @@ sub cleanup {
     my ($r)=@_;
     if (! $r->is_initial_req()) { return DECLINED; }
     &Apache::lonnet::save_cache();
+    &Apache::lontexconvert::jsMath_reset();
     return OK;
 }
 
@@ -289,10 +290,7 @@ sub sso_login {
 	return undef;
     }
 
-    my ($user) = ($r->user =~ m/^($match_username)$/);
-    if ($user eq '') {
-        return undef;
-    }
+    my ($user) = ($r->user =~ m/([a-zA-Z0-9_\-@.]*)/);
 
     my $query = $r->args;
     my %form;
@@ -605,6 +603,12 @@ sub handler {
                             return HTTP_NOT_ACCEPTABLE;
                         }
                     }
+                } elsif (($handle =~ /^publicuser_\d+$/) && (&Apache::lonnet::is_portfolio_url($requrl))) {
+                    my $clientip = $r->get_remote_host();
+                    if (&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip) ne 'F') {
+                        $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
+                        return HTTP_NOT_ACCEPTABLE;
+                    }
                 } else {
 		    $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
 		    return HTTP_NOT_ACCEPTABLE;
@@ -743,7 +747,8 @@ sub handler {
     }
 # ------------------------------------ See if this is a viewable portfolio file
     if (&Apache::lonnet::is_portfolio_url($requrl)) {
-	my $access=&Apache::lonnet::allowed('bre',$requrl);
+        my $clientip = $r->get_remote_host();
+        my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip);
 	if ($access eq 'A') {
 	    &Apache::restrictedaccess::setup_handler($r);
 	    return OK;