--- loncom/auth/lonauth.pm 2021/12/16 21:48:19 1.121.2.23 +++ loncom/auth/lonauth.pm 2024/10/09 17:56:24 1.121.2.27 @@ -1,7 +1,7 @@ # The LearningOnline Network # User Authentication Module # -# $Id: lonauth.pm,v 1.121.2.23 2021/12/16 21:48:19 raeburn Exp $ +# $Id: lonauth.pm,v 1.121.2.27 2024/10/09 17:56:24 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -29,7 +29,7 @@ package Apache::lonauth; use strict; -use LONCAPA; +use LONCAPA qw(:DEFAULT :match); use Apache::Constants qw(:common); use CGI qw(:standard); use Apache::loncommon(); @@ -41,6 +41,7 @@ use Apache::lonlocal; use Apache::File(); use HTML::Entities; use Digest::MD5; +use CGI::Cookie(); # ------------------------------------------------------------ Successful login sub success { @@ -148,6 +149,27 @@ sub success { } my $windowinfo=&Apache::lonmenu::open($env{'browser.os'}); + if ($env{'environment.remote'} eq 'on') { + my $checkexempt; + if ($env{'user.loadbalexempt'} eq $r->dir_config('lonHostID')) { + if ($env{'user.loadbalcheck.time'} + 600 > time) { + $checkexempt = 1; + } + } + if ($env{'user.noloadbalance'} eq $r->dir_config('lonHostID')) { + $checkexempt = 1; + } + unless (($checkexempt) || + (($destination =~ m{^/adm/switchserver}) && (!$r->is_initial_req()))) { + my ($is_balancer,$otherserver) = + &Apache::lonnet::check_loadbalancing($env{'user.name'}, + $env{'user.domain'}); + if (($is_balancer) && ($otherserver ne '') && + ($otherserver ne $r->dir_config('lonHostID'))) { + $env{'environment.remote'} = 'off'; + } + } + } my $startupremote=&Apache::lonmenu::startupremote($destination); my $remoteinfo=&Apache::lonmenu::load_remote_msg($lowerurl); my $setflags=&Apache::lonmenu::setflags(); @@ -420,9 +442,33 @@ sub handler { # --------------------------------------------------------------------- Failed? if ($authhost eq 'no_host') { - &failed($r,'Username and/or password could not be authenticated.', - \%form); - return OK; + my $pwdverify; + if (&Apache::lonnet::homeserver($form{'uname'},$form{'udom'}) eq 'no_host') { + my %possunames = &alternate_unames_check($form{'uname'},$form{'udom'}); + if (keys(%possunames) > 0) { + foreach my $rulematch (keys(%possunames)) { + my $possuname = $possunames{$rulematch}; + if (($possuname ne '') && ($possuname =~ /^$match_username$/)) { + $authhost=Apache::lonnet::authenticate($possuname,$upass, + $form{'udom'},undef, + $clientcancheckhost); + if (($authhost eq 'no_host') || ($authhost eq 'no_account_on_host')) { + next; + } elsif (($authhost ne '') && (&Apache::lonnet::hostname($authhost) ne '')) { + $pwdverify = 1; + &Apache::lonnet::logthis("Authenticated user: $possuname was submitted as: $form{'uname'}"); + $form{'uname'} = $possuname; + last; + } + } + } + } + } + unless ($pwdverify) { + &failed($r,'Username and/or password could not be authenticated.', + \%form); + return OK; + } } elsif ($authhost eq 'no_account_on_host') { if ($defaultauth) { my $domdesc = &Apache::lonnet::domain($form{'udom'},'description'); @@ -810,6 +856,20 @@ sub loginhelpdisplay { return; } +sub alternate_unames_check { + my ($uname,$udom) = @_; + my %possunames; + my %domdefs = &Apache::lonnet::get_domain_defaults($udom); + if (ref($domdefs{'unamemap_rule'}) eq 'ARRAY') { + if (@{$domdefs{'unamemap_rule'}} > 0) { + %possunames = + &Apache::lonnet::inst_rulecheck($udom,$uname,undef, + 'unamemap',$domdefs{'unamemap_rule'}); + } + } + return %possunames; +} + 1; __END__