Annotation of loncom/auth/lontokacc.pm, revision 1.3

1.1       www         1: # The LearningOnline Network
                      2: # Low security Access Handler for Token-based access 
                      3: # (clearance given by other loncapa host)
                      4: #
1.3     ! www         5: # $Id: lontokacc.pm,v 1.2 2002/07/27 19:06:41 www Exp $
1.1       www         6: #
                      7: # Copyright Michigan State University Board of Trustees
                      8: #
                      9: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
                     10: #
                     11: # LON-CAPA is free software; you can redistribute it and/or modify
                     12: # it under the terms of the GNU General Public License as published by
                     13: # the Free Software Foundation; either version 2 of the License, or
                     14: # (at your option) any later version.
                     15: #
                     16: # LON-CAPA is distributed in the hope that it will be useful,
                     17: # but WITHOUT ANY WARRANTY; without even the implied warranty of
                     18: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
                     19: # GNU General Public License for more details.
                     20: #
                     21: # You should have received a copy of the GNU General Public License
                     22: # along with LON-CAPA; if not, write to the Free Software
                     23: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
                     24: #
                     25: # /home/httpd/html/adm/gpl.txt
                     26: #
                     27: # http://www.lon-capa.org/
                     28: #
                     29: 
                     30: package Apache::lontokacc;
                     31: 
                     32: use strict;
1.2       www        33: use Apache::Constants qw(:common);
1.1       www        34: use Apache::lonnet();
                     35: use Apache::loncommon();
                     36: 
                     37: sub handler {
                     38:     my $r = shift;
1.3     ! www        39:     my $query=$r->args;
        !            40:     &Apache::loncommon::get_unprocessed_cgi($query,['token','server']);
1.2       www        41:     my $tmpinfo='no_token';
1.1       www        42:     if (($ENV{'form.token'}) || ($ENV{'form.server'})) {
1.2       www        43:         $tmpinfo=&Apache::lonnet::unescape(
                     44:                    &Apache::lonnet::reply('tmpget:'.$ENV{'form.token'},
                     45:                                                     $ENV{'form.server'}));
1.3     ! www        46:         chomp($tmpinfo);
        !            47:         my $uri=$r->uri;
        !            48:         if ($tmpinfo=~/$uri$/) {
1.1       www        49: 	   return OK;
                     50:         }
                     51:     }
1.3     ! www        52:     $r->log_reason("Invalid token-based access:".$r->uri.' for '.$tmpinfo.'.',
1.2       www        53:         $r->filename); 
1.1       www        54:     return FORBIDDEN;
                     55: }
                     56: 
                     57: 1;
                     58: __END__
                     59: 
                     60: 

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>