Annotation of loncom/auth/loncacc.pm, revision 1.8
1.1 albertel 1: # The LearningOnline Network
2: # Cookie Based Access Handler for Construction Area
3: # (lonacc: 5/21/99,5/22,5/29,5/31 Gerd Kortemeyer)
1.4 www 4: # 6/15,16/11,22/11,
1.6 www 5: # 01/06,01/11,6/1 Gerd Kortemeyer
1.1 albertel 6:
7: package Apache::loncacc;
8:
9: use strict;
1.8 ! www 10: use Apache::Constants qw(:common :http :methods);
1.7 www 11: use Apache::File;
1.1 albertel 12: use CGI::Cookie();
13:
14: sub handler {
15: my $r = shift;
16: my $requrl=$r->uri;
17: my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
18: my $lonid=$cookies{'lonID'};
19: my $cookie;
20: if ($lonid) {
21: my $handle=$lonid->value;
22: $handle=~s/\W//g;
23: my $lonidsdir=$r->dir_config('lonIDsDir');
24: if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
25: my $ownername=$requrl;
26: $ownername=~s/\/\~(\w+).*/\1/;
27: my $ownerdomain=$r->dir_config('lonDefDomain');
28: my @handleparts=split(/\_/,$handle);
29: my $username=$handleparts[0];
30: my $domain=$handleparts[2];
31: if (($username ne $ownername) || ($domain ne $ownerdomain)) {
32: $r->log_reason
33: ("$username at $domain not authorized", $r->filename);
34: return HTTP_NOT_ACCEPTABLE;
35: }
1.2 www 36: my @profile;
37: {
38: my $idf=Apache::File->new("$lonidsdir/$handle.id");
39: @profile=<$idf>;
40: }
41: my $envi;
42: for ($envi=0;$envi<=$#profile;$envi++) {
43: chomp($profile[$envi]);
44: my ($envname,$envvalue)=split(/=/,$profile[$envi]);
1.4 www 45: $r->subprocess_env("$envname" => "$envvalue");
1.2 www 46: }
1.4 www 47: $r->subprocess_env("user.environment" => "$lonidsdir/$handle.id",
48: "request.state" => "construct",
49: "request.filename" => $r->filename);
1.5 www 50: my $buffer;
1.8 ! www 51:
1.5 www 52: $r->read($buffer,$r->header_in('Content-length'));
53: my @pairs=split(/&/,$buffer);
54: my $pair; my $name; my $value;
55: foreach $pair (@pairs) {
56: ($name,$value) = split(/=/,$pair);
1.6 www 57: $value =~ tr/+/ /;
58: $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
1.5 www 59: $r->subprocess_env("form.$name" => $value);
60: }
1.8 ! www 61:
! 62: $r->method_number(M_GET);
! 63: $r->method('GET');
! 64: $r->headers_in->unset('Content-length');
! 65:
1.1 albertel 66: return OK;
67: } else {
68: $r->log_reason("Cookie $handle not valid", $r->filename)
69: };
70: }
1.6 www 71:
72: # ----------------------------------------------- Store where they wanted to go
73:
74: $ENV{'request.firsturl'}=$requrl;
1.1 albertel 75: return FORBIDDEN;
76: }
77:
78: 1;
79: __END__
80:
81:
82:
83:
84:
85:
86:
87:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>