--- loncom/auth/lonauth.pm 2004/03/16 20:42:50 1.62 +++ loncom/auth/lonauth.pm 2005/10/24 21:32:42 1.70 @@ -1,7 +1,7 @@ # The LearningOnline Network # User Authentication Module # -# $Id: lonauth.pm,v 1.62 2004/03/16 20:42:50 albertel Exp $ +# $Id: lonauth.pm,v 1.70 2005/10/24 21:32:42 albertel Exp $ # # Copyright Michigan State University Board of Trustees # @@ -25,13 +25,6 @@ # # http://www.lon-capa.org/ # -# 5/21/99,5/22,5/25,5/26,5/27,5/29,6/2,6/11,6/14,6/15 -# 16/11,12/16, -# 1/14,2/24,2/28,2/29,3/7,5/29,5/30,5/31,6/1,6/5,6/29, -# 7/1,7/10,10/2,10/5,10/9,10/26,10/30,11/10, -# 05/28,05/29 Gerd Kortemeyer -# 07/28,08/03 Gerd Kortemeyer -# 8/20 Gerd Kortemeyer package Apache::lonauth; @@ -43,7 +36,7 @@ use CGI::Cookie(); use DynaLoader; # for Crypt::DES version use Crypt::DES; use Apache::loncommon(); -use Apache::lonnet(); +use Apache::lonnet; use Apache::lonmenu(); use Fcntl qw(:flock); use Apache::lonlocal; @@ -56,27 +49,47 @@ sub success { my ($r, $username, $domain, $authhost,$lowerurl) = @_; my $lonids=$r->dir_config('lonIDsDir'); + my $public=($username eq 'public' && $domain eq 'public'); + # See if old ID present, if so, remove - my $filename; - opendir(DIR,$lonids); - while ($filename=readdir(DIR)) { - if ($filename=~/^$username\_\d+\_$domain\_$authhost\.id$/) { - unlink($lonids.'/'.$filename); - } - } - closedir(DIR); + my ($filename,$cookie,$userroles); + my $now=time; -# Give them a new cookie + if ($public) { + my $max_public=100; + my $oldest; + my $oldest_time=0; + for(my $next=1;$next<=$max_public;$next++) { + if (-e $lonids."/publicuser_$next.id") { + my $mtime=(stat($lonids."/publicuser_$next.id"))[9]; + if ($mtime<$oldest_time || !$oldest_time) { + $oldest_time=$mtime; + $oldest=$next; + } + } else { + $cookie="publicuser_$next"; + last; + } + } + if (!$cookie) { $cookie="publicuser_$oldest"; } + } else { + opendir(DIR,$lonids); + while ($filename=readdir(DIR)) { + if ($filename=~/^$username\_\d+\_$domain\_$authhost\.id$/) { + unlink($lonids.'/'.$filename); + } + } + closedir(DIR); - my $cookie; - my $now=time; - $cookie="$username\_$now\_$domain\_$authhost"; +# Give them a new cookie + $cookie="$username\_$now\_$domain\_$authhost"; + # Initialize roles - my $userroles=Apache::lonnet::rolesinit($domain,$username,$authhost); - + $userroles=Apache::lonnet::rolesinit($domain,$username,$authhost); + } # ------------------------------------ Check browser type and MathML capability my ($httpbrowser,$clientbrowser,$clientversion,$clientmathml, @@ -107,7 +120,9 @@ sub success { if (($userenv{'interface'}) && (!$FORM{'interface'})) { $FORM{'interface'}=$userenv{'interface'}; } - $ENV{'environment.remote'}=$userenv{'remote'}; + $env{'environment.remote'}=$userenv{'remote'}; + if ($userenv{'texengine'} eq 'ttm') { $clientmathml=1; } + # --------------- Do not trust query string to be put directly into environment foreach ('imagesuppress','appletsuppress', 'embedsuppress','fontenhance','blackwhite', @@ -141,12 +156,15 @@ sub success { print $idf "request.course.uri=\n"; print $idf "request.course.sec=\n"; print $idf "request.role=cm\n"; - print $idf "request.role.adv=$ENV{'user.adv'}\n"; + print $idf "request.role.adv=$env{'user.adv'}\n"; print $idf "request.host=$ENV{'REMOTE_ADDR'}\n"; + if ($public) { + print $idf "environment.remote=off\n"; + } if ($FORM{'interface'}) { $FORM{'interface'}=~s/\W//gs; print $idf "browser.interface=$FORM{'interface'}\n"; - $ENV{'browser.interface'}=$FORM{'interface'}; + $env{'browser.interface'}=$FORM{'interface'}; foreach ('imagesuppress','appletsuppress', 'embedsuppress','fontenhance','blackwhite') { if (($FORM{$_} eq 'true') || @@ -158,9 +176,9 @@ sub success { if ($userroles ne '') { print $idf "$userroles"; } $idf->close(); } - $ENV{'request.role'}='cm'; - $ENV{'request.role.adv'}=$ENV{'user.adv'}; - $ENV{'browser.type'}=$clientbrowser; + $env{'request.role'}='cm'; + $env{'request.role.adv'}=$env{'user.adv'}; + $env{'browser.type'}=$clientbrowser; # -------------------------------------------------------------------- Log this &Apache::lonnet::log($domain,$username,$authhost, @@ -177,14 +195,22 @@ sub success { # ------------------------------------------------------------ Get cookie ready + if ($public or $lowerurl eq 'noredirect') { return $cookie; } + $cookie="lonID=$cookie; path=/"; # -------------------------------------------------------- Menu script and info my $windowinfo=&Apache::lonmenu::open($clientos); my $startupremote=&Apache::lonmenu::startupremote($lowerurl); + my $remoteinfo=&Apache::lonmenu::load_remote_msg($lowerurl); my $setflags=&Apache::lonmenu::setflags(); my $maincall=&Apache::lonmenu::maincall(); my $bodytag=&Apache::loncommon::bodytag('Successful Login'); my $add=&addcontent(); + my $continuelink; + if (($env{'browser.interface'} eq 'textual') || + ($env{'environment.remote'} eq 'off')) { + $continuelink="".&mt('Continue').""; + } # ------------------------------------------------- Output for successful login $r->send_cgi_header(<$lt{'wel'} $lt{'mes'}.

$lt{'pro'}?

+$remoteinfo $maincall +$continuelink ENDSUCCESS @@ -337,7 +365,7 @@ ENDFAILED $FORM{$name}=$value; } - if ((!$FORM{'uname'}) || (!$FORM{'upass'}) || (!$FORM{'udom'})) { + if ((!$FORM{'uname'}) || (!$FORM{'upass0'}) || (!$FORM{'udom'})) { failed($r,'Username, password and domain need to be specified.'); return OK; } @@ -378,14 +406,17 @@ ENDFAILED else { $cipher=new DES $keybin; } + my $upass=''; + for (my $i=0;$i<=2;$i++) { + my $chunk= + $cipher->decrypt(unpack("a8",pack("H16",substr($FORM{'upass'.$i},0,16)))); - my $upass=$cipher->decrypt( - unpack("a8",pack("H16",substr($FORM{'upass'},0,16)))); + $chunk.= + $cipher->decrypt(unpack("a8",pack("H16",substr($FORM{'upass'.$i},16,16)))); - $upass.=$cipher->decrypt( - unpack("a8",pack("H16",substr($FORM{'upass'},16,16)))); - - $upass=substr($upass,1,ord(substr($upass,0,1))); + $chunk=substr($chunk,1,ord(substr($chunk,0,1))); + $upass.=$chunk; + } # ---------------------------------------------------------------- Authenticate my $authhost=Apache::lonnet::authenticate($FORM{'uname'},