Annotation of loncom/auth/lonracc.pm, revision 1.8
1.1 albertel 1: # The LearningOnline Network
2: # Access Handler for File Transfers
1.3 www 3: #
1.8 ! albertel 4: # $Id: lonracc.pm,v 1.7 2002/10/29 18:34:33 matthew Exp $
1.3 www 5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
1.1 albertel 28: # (lonacc: Cookie Based Access Handler
29: # 5/21/99,5/22,5/29,5/31,6/15 Gerd Kortemeyer)
1.2 www 30: # 6/16,6/18,7/3,
31: # 6/30/00 Gerd Kortemeyer
1.1 albertel 32:
33: package Apache::lonracc;
34:
35: use strict;
36: use Apache::Constants qw(:common :remotehost);
1.5 albertel 37: use Apache::lonnet();
1.1 albertel 38: use Apache::File();
39:
1.5 albertel 40: sub subscribed {
41: my ($filename,$id) = @_;
42: my $found=0;
43: my $expr='^'.$id.':'.$Apache::lonnet::hostip{$id}.':';
44: $expr =~ s/\./\\\./g;
45: my $sh;
46: if ($sh=Apache::File->new("$filename.subscription")) {
47: while (my $subline=<$sh>) { if ($subline =~ /$expr/) { $found=1; } }
48: $sh->close();
49: }
50: return $found;
51: }
52:
1.1 albertel 53: sub handler {
54: my $r = shift;
1.6 bowersj2 55: my $reqhost = $r->get_remote_host(REMOTE_DOUBLE_REV);
56: if (!$reqhost && $r->get_remote_host(REMOTE_NOLOOKUP) eq $r->get_server_name()) {
57: $reqhost = $r->get_server_name();
58: }
1.7 matthew 59: unless ($reqhost) {
1.6 bowersj2 60: $r->log_reason("Spoof request from ".$ENV{'REMOTE_ADDR'});
1.1 albertel 61: return FORBIDDEN;
62: }
63: my $readline;
64: my $lontabdir=$r->dir_config('lonTabDir');
65: {
66: my $fh;
67: unless ($fh=Apache::File->new("$lontabdir/hosts.tab")) {
68: $r->log_reason("Could not find host tab file");
69: return FORBIDDEN;
70: }
71: while ($readline=<$fh>) {
1.8 ! albertel 72: my $return;
1.1 albertel 73: my ($id,$domain,$role,$name,$ip)=split(/:/,$readline);
74: if ($name =~ /$reqhost/i) {
75: my $filename=$r->filename;
1.5 albertel 76: if ((-e "$filename.$id") ||
77: &subscribed($filename,$id) ||
78: ($filename=~/\.meta$/)) {
1.1 albertel 79: return OK;
80: } else {
1.8 ! albertel 81: $return=FORBIDDEN;
1.1 albertel 82: }
83: }
84: }
1.8 ! albertel 85: if ($return == FORBIDDEN) {
! 86: $r->log_reason("$id not subscribed", $r->filename);
! 87: }
1.1 albertel 88: }
89: $r->log_reason("Invalid request for file transfer from $reqhost",
90: $r->filename);
91: return FORBIDDEN;
92: }
93:
94: 1;
95: __END__
96:
1.4 harris41 97: =head1 NAME
98:
99: Apache::lonracc - Access Handler for File Transfers
100:
101: =head1 SYNOPSIS
102:
103: Invoked by /etc/httpd/conf/loncapa.conf:
104:
105: <LocationMatch "^/raw.*">
106: PerlAccessHandler Apache::lonracc
107: </LocationMatch>
108:
109: =head1 INTRODUCTION
110:
111: This module enables authentication for file transfers and works
112: against the /res tree.
113:
114: Only lond invokes the /raw namespace through its subscribe function.
115:
116: This is part of the LearningOnline Network with CAPA project
117: described at http://www.lon-capa.org.
118:
119: =head1 HANDLER SUBROUTINE
120:
121: This routine is called by Apache and mod_perl.
122:
123: =over 4
124:
125: =item *
126:
127: Determine requesting host
128:
129: =item *
130:
131: See whether or not the requesting host is subscribed.
132:
133: =item *
134:
135: Respond with status of request and make log entry in case of unallowed
136: access.
137:
138: =back
139:
140: =cut
1.1 albertel 141:
142:
143:
144:
145:
146:
147:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to lonracc.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / auth