Annotation of loncom/auth/loncacc.pm, revision 1.12
1.1 albertel 1: # The LearningOnline Network
2: # Cookie Based Access Handler for Construction Area
3: # (lonacc: 5/21/99,5/22,5/29,5/31 Gerd Kortemeyer)
1.4 www 4: # 6/15,16/11,22/11,
1.12 ! www 5: # 01/06,01/11,6/1,9/25,9/28,11/22,12/25 Gerd Kortemeyer
1.1 albertel 6:
7: package Apache::loncacc;
8:
9: use strict;
1.8 www 10: use Apache::Constants qw(:common :http :methods);
1.7 www 11: use Apache::File;
1.1 albertel 12: use CGI::Cookie();
13:
14: sub handler {
15: my $r = shift;
16: my $requrl=$r->uri;
17: my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
18: my $lonid=$cookies{'lonID'};
19: my $cookie;
20: if ($lonid) {
21: my $handle=$lonid->value;
22: $handle=~s/\W//g;
23: my $lonidsdir=$r->dir_config('lonIDsDir');
24: if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
25: my $ownername=$requrl;
1.11 www 26: $ownername=~s/\/(?:\~|priv\/)(\w+).*/\1/;
1.1 albertel 27: my $ownerdomain=$r->dir_config('lonDefDomain');
28: my @handleparts=split(/\_/,$handle);
29: my $username=$handleparts[0];
30: my $domain=$handleparts[2];
31: if (($username ne $ownername) || ($domain ne $ownerdomain)) {
32: $r->log_reason
33: ("$username at $domain not authorized", $r->filename);
34: return HTTP_NOT_ACCEPTABLE;
35: }
1.2 www 36: my @profile;
37: {
38: my $idf=Apache::File->new("$lonidsdir/$handle.id");
39: @profile=<$idf>;
40: }
41: my $envi;
42: for ($envi=0;$envi<=$#profile;$envi++) {
43: chomp($profile[$envi]);
44: my ($envname,$envvalue)=split(/=/,$profile[$envi]);
1.9 www 45: $ENV{$envname} = $envvalue;
1.2 www 46: }
1.9 www 47: $ENV{'user.environment'} = "$lonidsdir/$handle.id";
48: $ENV{'request.state'} = "construct";
49: $ENV{'request.filename'} = $r->filename;
50:
51: # -------------------------------------------------------- Load POST parameters
52:
53:
1.12 ! www 54: my $buffer;
1.8 www 55:
1.12 ! www 56: $r->read($buffer,$r->header_in('Content-length'));
! 57:
! 58: unless ($buffer=~/^(\-+\w+)\s+Content\-Disposition\:\s*form\-data/si) {
1.5 www 59: my @pairs=split(/&/,$buffer);
1.9 www 60: my $pair;
1.5 www 61: foreach $pair (@pairs) {
1.9 www 62: my ($name,$value) = split(/=/,$pair);
1.6 www 63: $value =~ tr/+/ /;
64: $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
1.10 www 65: $name =~ tr/+/ /;
66: $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
1.9 www 67: $ENV{"form.$name"}=$value;
1.5 www 68: }
1.12 ! www 69: } else {
! 70: my $contentsep=$1;
! 71: my @lines = split (/\n/,$buffer);
! 72: my $name='';
! 73: my $value='';
! 74: my $fname='';
! 75: my $fmime='';
! 76: my $i;
! 77: for ($i=0;$i<=$#lines;$i++) {
! 78: if ($lines[$i]=~/^$contentsep/) {
! 79: if ($name) {
! 80: chomp($value);
! 81: $ENV{"form.$name"}=$value;
! 82: if ($fname) {
! 83: $ENV{"form.$name.filename"}=$fname;
! 84: $ENV{"form.$name.mimetype"}=$fmime;
! 85: }
! 86: }
! 87: if ($i<$#lines) {
! 88: $i++;
! 89: $lines[$i]=~
! 90: /Content\-Disposition\:\s*form\-data\;\s*name\=\"([^\"]+)\"/i;
! 91: $name=$1;
! 92: $value='';
! 93: if ($lines[$i]=~/filename\=\"([^\"]+)\"/i) {
! 94: $fname=$1;
! 95: if
! 96: ($lines[$i+1]=~/Content\-Type\:\s*([\w\-\/]+)/i) {
! 97: $fmime=$1;
! 98: $i++;
! 99: } else {
! 100: $fmime='';
! 101: }
! 102: } else {
! 103: $fname='';
! 104: $fmime='';
! 105: }
! 106: $i++;
! 107: }
! 108: } else {
! 109: $value.=$lines[$i]."\n";
! 110: }
! 111: }
! 112: }
1.8 www 113: $r->method_number(M_GET);
114: $r->method('GET');
115: $r->headers_in->unset('Content-length');
116:
1.1 albertel 117: return OK;
118: } else {
119: $r->log_reason("Cookie $handle not valid", $r->filename)
120: };
121: }
1.6 www 122:
123: # ----------------------------------------------- Store where they wanted to go
124:
125: $ENV{'request.firsturl'}=$requrl;
1.1 albertel 126: return FORBIDDEN;
127: }
128:
129: 1;
130: __END__
131:
132:
133:
134:
135:
136:
137:
138:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to loncacc.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / auth