--- loncom/interface/domainprefs.pm 2021/04/18 02:08:46 1.381
+++ loncom/interface/domainprefs.pm 2021/11/03 13:49:57 1.389
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Handler to set domain-wide configuration settings
#
-# $Id: domainprefs.pm,v 1.381 2021/04/18 02:08:46 raeburn Exp $
+# $Id: domainprefs.pm,v 1.389 2021/11/03 13:49:57 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -223,7 +223,7 @@ sub handler {
'ltitools','ssl','trust','lti','privacy','passwords',
'proctoring','wafproxy'],$dom);
my %encconfig =
- &Apache::lonnet::get_dom('encconfig',['ltitools','lti','proctoring'],$dom);
+ &Apache::lonnet::get_dom('encconfig',['ltitools','lti','proctoring'],$dom,undef,1);
if (ref($domconfig{'ltitools'}) eq 'HASH') {
if (ref($encconfig{'ltitools'}) eq 'HASH') {
foreach my $id (keys(%{$domconfig{'ltitools'}})) {
@@ -297,7 +297,10 @@ sub handler {
{col1 => 'Log-in Help',
col2 => 'Value'},
{col1 => 'Custom HTML in document head',
- col2 => 'Value'}],
+ col2 => 'Value'},
+ {col1 => 'SSO',
+ col2 => 'Dual login: SSO and non-SSO options'},
+ ],
print => \&print_login,
modify => \&modify_login,
},
@@ -632,7 +635,10 @@ sub handler {
{col1 => 'Log-in Help',
col2 => 'Value'},
{col1 => 'Custom HTML in document head',
- col2 => 'Value'}],
+ col2 => 'Value'},
+ {col1 => 'SSO',
+ col2 => 'Dual login: SSO and non-SSO options'},
+ ],
print => \&print_login,
modify => \&modify_login,
};
@@ -857,6 +863,10 @@ sub print_config_box {
$output .= &proctoring_javascript($settings);
} elsif ($action eq 'wafproxy') {
$output .= &wafproxy_javascript($dom);
+ } elsif ($action eq 'autoupdate') {
+ $output .= &autoupdate_javascript();
+ } elsif ($action eq 'login') {
+ $output .= &saml_javascript();
}
$output .=
'
'.
- ''.&mt('Domain: [_1]',$domain).' | '.
+ ''.&mt('Domain: [_1]',''.$domain.'').' | '.
'';
- foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext') {
+ foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext','sslopt') {
my $showval = &mt('None');
+ if ($item eq 'ssl') {
+ $showval = $lt{'ssltossl'};
+ }
if ($values{$domain}{$item}) {
$showval = $values{$domain}{$item};
+ if ($item eq 'ssl') {
+ $showval = $lt{'alltossl'};
+ } elsif ($item eq 'remoteip') {
+ $showval = $ip_methods{$values{$domain}{$item}};
+ }
}
$datatable .= ''.
''.$lt{$item}.': '.$showval.' | ';
@@ -7531,7 +7804,7 @@ sub wafproxy_titles {
vpnaliased => 'via aliased hostname (WAF)',
vpnint => 'Internal IP Range(s) for VPN sessions',
vpnext => 'IP Range(s) for backend WAF connections',
- ssloptions => 'Forwarding http/https',
+ sslopt => 'Forwarding http/https',
alltossl => 'WAF forwards both http and https requests to https',
ssltossl => 'WAF forwards http requests to http and https to https',
);
@@ -11159,12 +11432,14 @@ sub usertype_update_row {
sub modify_login {
my ($r,$dom,$confname,$lastactref,%domconfig) = @_;
my ($resulttext,$errors,$colchgtext,%changes,%colchanges,%newfile,%newurl,
- %curr_loginvia,%loginhash,@currlangs,@newlangs,$addedfile,%title,@offon);
+ %curr_loginvia,%loginhash,@currlangs,@newlangs,$addedfile,%title,@offon,
+ %currsaml,%saml,%samltext,%samlimg,%samlalt,%samlurl,%samltitle,%samlnotsso);
%title = ( coursecatalog => 'Display course catalog',
adminmail => 'Display administrator E-mail address',
helpdesk => 'Display "Contact Helpdesk" link',
newuser => 'Link for visitors to create a user account',
- loginheader => 'Log-in box header');
+ loginheader => 'Log-in box header',
+ saml => 'Dual SSO and non-SSO login');
@offon = ('off','on');
if (ref($domconfig{login}) eq 'HASH') {
if (ref($domconfig{login}{loginvia}) eq 'HASH') {
@@ -11172,6 +11447,20 @@ sub modify_login {
$curr_loginvia{$lonhost} = $domconfig{login}{loginvia}{$lonhost};
}
}
+ if (ref($domconfig{login}{'saml'}) eq 'HASH') {
+ foreach my $lonhost (keys(%{$domconfig{login}{'saml'}})) {
+ if (ref($domconfig{login}{'saml'}{$lonhost}) eq 'HASH') {
+ $currsaml{$lonhost} = $domconfig{login}{'saml'}{$lonhost};
+ $saml{$lonhost} = 1;
+ $samltext{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'text'};
+ $samlurl{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'url'};
+ $samlalt{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'alt'};
+ $samlimg{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'img'};
+ $samltitle{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'title'};
+ $samlnotsso{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'notsso'};
+ }
+ }
+ }
}
($errors,%colchanges) = &modify_colors($r,$dom,$confname,['login'],
\%domconfig,\%loginhash);
@@ -11418,6 +11707,89 @@ sub modify_login {
$errors .= ''.$error.'';
}
}
+ my @delsamlimg = &Apache::loncommon::get_env_multiple('form.saml_img_del');
+ my @newsamlimgs;
+ foreach my $lonhost (keys(%domservers)) {
+ if ($env{'form.saml_'.$lonhost}) {
+ if ($env{'form.saml_img_'.$lonhost.'.filename'}) {
+ push(@newsamlimgs,$lonhost);
+ }
+ foreach my $item ('text','alt','url','title','notsso') {
+ $env{'form.saml_'.$item.'_'.$lonhost} =~ s/^\s+|\s+$//g;
+ }
+ if ($saml{$lonhost}) {
+ if (grep(/^\Q$lonhost\E$/,@delsamlimg)) {
+#FIXME Need to obsolete published image
+ delete($currsaml{$lonhost}{'img'});
+ $changes{'saml'}{$lonhost} = 1;
+ }
+ if ($env{'form.saml_alt_'.$lonhost} ne $samlalt{$lonhost}) {
+ $changes{'saml'}{$lonhost} = 1;
+ }
+ if ($env{'form.saml_text_'.$lonhost} ne $samltext{$lonhost}) {
+ $changes{'saml'}{$lonhost} = 1;
+ }
+ if ($env{'form.saml_url_'.$lonhost} ne $samlurl{$lonhost}) {
+ $changes{'saml'}{$lonhost} = 1;
+ }
+ if ($env{'form.saml_title_'.$lonhost} ne $samltitle{$lonhost}) {
+ $changes{'saml'}{$lonhost} = 1;
+ }
+ if ($env{'form.saml_notsso_'.$lonhost} ne $samlnotsso{$lonhost}) {
+ $changes{'saml'}{$lonhost} = 1;
+ }
+ } else {
+ $changes{'saml'}{$lonhost} = 1;
+ }
+ foreach my $item ('text','alt','url','title','notsso') {
+ $currsaml{$lonhost}{$item} = $env{'form.saml_'.$item.'_'.$lonhost};
+ }
+ } else {
+ if ($saml{$lonhost}) {
+ $changes{'saml'}{$lonhost} = 1;
+ delete($currsaml{$lonhost});
+ }
+ }
+ }
+ foreach my $posshost (keys(%currsaml)) {
+ unless (exists($domservers{$posshost})) {
+ delete($currsaml{$posshost});
+ }
+ }
+ %{$loginhash{'login'}{'saml'}} = %currsaml;
+ if (@newsamlimgs) {
+ my $error;
+ my ($configuserok,$author_ok,$switchserver) = &config_check($dom,$confname,$servadm);
+ if ($configuserok eq 'ok') {
+ if ($switchserver) {
+ $error = &mt("Upload of SSO Button Image is not permitted to this server: [_1].",$switchserver);
+ } elsif ($author_ok eq 'ok') {
+ foreach my $lonhost (@newsamlimgs) {
+ my $formelem = 'saml_img_'.$lonhost;
+ my ($result,$imgurl) = &publishlogo($r,'upload',$formelem,$dom,$confname,
+ "login/saml/$lonhost",'','',
+ $env{'form.saml_img_'.$lonhost.'.filename'});
+ if ($result eq 'ok') {
+ $currsaml{$lonhost}{'img'} = $imgurl;
+ $loginhash{'login'}{'saml'}{$lonhost}{'img'} = $imgurl;
+ $changes{'saml'}{$lonhost} = 1;
+ } else {
+ my $puberror = &mt("Upload of SSO button image failed for [_1] because an error occurred publishing the file in RES space. Error was: [_2].",
+ $lonhost,$result);
+ $errors .= ''.$puberror.'';
+ }
+ }
+ } else {
+ $error = &mt("Upload of SSO button image file(s) failed because an author role could not be assigned to a Domain Configuration user ([_1]) in domain: [_2]. Error was: [_3].",$confname,$dom,$author_ok);
+ }
+ } else {
+ $error = &mt("Upload of SSO button image file(s) failed because a Domain Configuration user ([_1]) could not be created in domain: [_2]. Error was: [_3].",$confname,$dom,$configuserok);
+ }
+ if ($error) {
+ &Apache::lonnet::logthis($error);
+ $errors .= ''.$error.'';
+ }
+ }
&process_captcha('login',\%changes,$loginhash{'login'},$domconfig{'login'});
my $defaulthelpfile = '/adm/loginproblems.html';
@@ -11458,6 +11830,31 @@ sub modify_login {
}
if (keys(%changes) > 0 || $colchgtext) {
&Apache::loncommon::devalidate_domconfig_cache($dom);
+ if (exists($changes{'saml'})) {
+ my $hostid_in_use;
+ my @hosts = &Apache::lonnet::current_machine_ids();
+ if (@hosts > 1) {
+ foreach my $hostid (@hosts) {
+ if (&Apache::lonnet::host_domain($hostid) eq $dom) {
+ $hostid_in_use = $hostid;
+ last;
+ }
+ }
+ } else {
+ $hostid_in_use = $r->dir_config('lonHostID');
+ }
+ if (($hostid_in_use) &&
+ (&Apache::lonnet::host_domain($hostid_in_use) eq $dom)) {
+ &Apache::lonnet::devalidate_cache_new('samllanding',$hostid_in_use);
+ }
+ if (ref($lastactref) eq 'HASH') {
+ if (ref($changes{'saml'}) eq 'HASH') {
+ my %updates;
+ map { $updates{$_} = 1; } keys(%{$changes{'saml'}});
+ $lastactref->{'samllanding'} = \%updates;
+ }
+ }
+ }
if (ref($lastactref) eq 'HASH') {
$lastactref->{'domainconfig'} = 1;
}
@@ -11537,6 +11934,38 @@ sub modify_login {
}
}
}
+ } elsif ($item eq 'saml') {
+ if (ref($changes{$item}) eq 'HASH') {
+ my %notlt = (
+ text => 'Text for log-in by SSO',
+ img => 'SSO button image',
+ alt => 'Alt text for button image',
+ url => 'SSO URL',
+ title => 'Tooltip for SSO link',
+ notsso => 'Text for non-SSO log-in',
+ );
+ foreach my $lonhost (sort(keys(%{$changes{$item}}))) {
+ if (ref($currsaml{$lonhost}) eq 'HASH') {
+ $resulttext .= ''.&mt("$title{$item} in use for [_1]","$lonhost").
+ '';
+ foreach my $key ('text','img','alt','url','title','notsso') {
+ if ($currsaml{$lonhost}{$key} eq '') {
+ $resulttext .= '- '.&mt("$notlt{$key} not in use").'
';
+ } else {
+ my $value = "'$currsaml{$lonhost}{$key}'";
+ if ($key eq 'img') {
+ $value = '';
+ }
+ $resulttext .= '- '.&mt("$notlt{$key} set to: [_1]",
+ $value).'
';
+ }
+ }
+ $resulttext .= ' ';
+ } else {
+ $resulttext .= ''.&mt("$title{$item} not in use for [_1]",$lonhost).'';
+ }
+ }
+ }
} elsif ($item eq 'captcha') {
if (ref($loginhash{'login'}) eq 'HASH') {
my $chgtxt;
@@ -13505,7 +13934,7 @@ sub modify_ltitools {
my %ltienchash = (
$action => { %encconfig }
);
- &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom);
+ &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom,undef,1);
if (keys(%changes) > 0) {
my $cachetime = 24*60*60;
my %ltiall = %confhash;
@@ -14079,7 +14508,7 @@ sub modify_proctoring {
my %proc_enchash = (
$action => { %encconfhash }
);
- &Apache::lonnet::put_dom('encconfig',\%proc_enchash,$dom);
+ &Apache::lonnet::put_dom('encconfig',\%proc_enchash,$dom,undef,1);
if (keys(%changes) > 0) {
my $cachetime = 24*60*60;
my %procall = %confhash;
@@ -14571,7 +15000,7 @@ sub modify_lti {
my %ltienchash = (
$action => { %encconfig }
);
- &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom);
+ &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom,undef,1);
if (keys(%changes) > 0) {
my $cachetime = 24*60*60;
my %ltiall = %confhash;
@@ -14913,8 +15342,10 @@ sub modify_autoupdate {
}
my @offon = ('off','on');
my %title = &Apache::lonlocal::texthash (
- run => 'Auto-update:',
- classlists => 'Updates to user information in classlists?'
+ run => 'Auto-update:',
+ classlists => 'Updates to user information in classlists?',
+ unexpired => 'Skip updates for users without active or future roles?',
+ lastactive => 'Skip updates for inactive users?',
);
my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom);
my %fieldtitles = &Apache::lonlocal::texthash (
@@ -14958,12 +15389,23 @@ sub modify_autoupdate {
my %updatehash = (
autoupdate => { run => $env{'form.autoupdate_run'},
classlists => $env{'form.classlists'},
+ unexpired => $env{'form.unexpired'},
fields => {%fields},
lockablenames => \@lockablenames,
}
);
+ my $lastactivedays;
+ if ($env{'form.lastactive'}) {
+ $lastactivedays = $env{'form.lastactivedays'};
+ $lastactivedays =~ s/^\s+|\s+$//g;
+ unless ($lastactivedays =~ /^\d+$/) {
+ undef($lastactivedays);
+ $env{'form.lastactive'} = 0;
+ }
+ }
+ $updatehash{'autoupdate'}{'lastactive'} = $lastactivedays;
foreach my $key (keys(%currautoupdate)) {
- if (($key eq 'run') || ($key eq 'classlists')) {
+ if (($key eq 'run') || ($key eq 'classlists') || ($key eq 'unexpired') || ($key eq 'lastactive')) {
if (exists($updatehash{autoupdate}{$key})) {
if ($currautoupdate{$key} ne $updatehash{autoupdate}{$key}) {
$changes{$key} = 1;
@@ -15009,6 +15451,16 @@ sub modify_autoupdate {
$changes{'lockablenames'} = 1;
}
}
+ unless (grep(/^unexpired$/,keys(%currautoupdate))) {
+ if ($updatehash{'autoupdate'}{'unexpired'}) {
+ $changes{'unexpired'} = 1;
+ }
+ }
+ unless (grep(/^lastactive$/,keys(%currautoupdate))) {
+ if ($updatehash{'autoupdate'}{'lastactive'} ne '') {
+ $changes{'lastactive'} = 1;
+ }
+ }
foreach my $item (@{$types},'default') {
if (defined($fields{$item})) {
if (ref($currautoupdate{'fields'}) eq 'HASH') {
@@ -15071,6 +15523,11 @@ sub modify_autoupdate {
my $newvalue;
if ($key eq 'run') {
$newvalue = $offon[$env{'form.autoupdate_run'}];
+ } elsif ($key eq 'lastactive') {
+ $newvalue = $offon[$env{'form.lastactive'}];
+ unless ($lastactivedays eq '') {
+ $newvalue .= '; '.&mt('inactive = no activity in last [quant,_1,day]',$lastactivedays);
+ }
} else {
$newvalue = $offon[$env{'form.'.$key}];
}
@@ -19810,8 +20267,8 @@ sub modify_selfenrollment {
sub modify_wafproxy {
my ($dom,$action,$lastactref,%domconfig) = @_;
my %servers = &Apache::lonnet::internet_dom_servers($dom);
- my (%othercontrol,%canset,%values,%curralias,%currvalue,@warnings,%wafproxy,
- %changes,%expirecache);
+ my (%othercontrol,%canset,%values,%curralias,%currsaml,%currvalue,@warnings,
+ %wafproxy,%changes,%expirecache,%expiresaml);
foreach my $server (sort(keys(%servers))) {
my $serverhome = &Apache::lonnet::get_server_homeID($servers{$server});
if ($serverhome eq $server) {
@@ -19826,13 +20283,17 @@ sub modify_wafproxy {
if (ref($domconfig{'wafproxy'}{'alias'}) eq 'HASH') {
%curralias = %{$domconfig{'wafproxy'}{'alias'}};
}
- foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext') {
+ if (ref($domconfig{'wafproxy'}{'saml'}) eq 'HASH') {
+ %currsaml = %{$domconfig{'wafproxy'}{'saml'}};
+ }
+ foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext','sslopt') {
$currvalue{$item} = $domconfig{'wafproxy'}{$item};
}
}
my $output;
if (keys(%canset)) {
%{$wafproxy{'alias'}} = ();
+ %{$wafproxy{'saml'}} = ();
foreach my $key (sort(keys(%canset))) {
if ($env{'form.wafproxy_'.$dom}) {
$wafproxy{'alias'}{$key} = $env{'form.wafproxy_alias_'.$key};
@@ -19840,11 +20301,21 @@ sub modify_wafproxy {
if ($wafproxy{'alias'}{$key} ne $curralias{$key}) {
$changes{'alias'} = 1;
}
+ if ($env{'form.wafproxy_alias_saml_'.$key}) {
+ $wafproxy{'saml'}{$key} = 1;
+ }
+ if ($wafproxy{'saml'}{$key} ne $currsaml{$key}) {
+ $changes{'saml'} = 1;
+ }
} else {
$wafproxy{'alias'}{$key} = '';
+ $wafproxy{'saml'}{$key} = '';
if ($curralias{$key}) {
$changes{'alias'} = 1;
}
+ if ($currsaml{$key}) {
+ $changes{'saml'} = 1;
+ }
}
if ($wafproxy{'alias'}{$key} eq '') {
if ($curralias{$key}) {
@@ -19852,17 +20323,26 @@ sub modify_wafproxy {
}
delete($wafproxy{'alias'}{$key});
}
+ if ($wafproxy{'saml'}{$key} eq '') {
+ if ($currsaml{$key}) {
+ $expiresaml{$key} = 1;
+ }
+ delete($wafproxy{'saml'}{$key});
+ }
}
unless (keys(%{$wafproxy{'alias'}})) {
delete($wafproxy{'alias'});
}
- # Localization for values in %warn occus in &mt() calls separately.
+ unless (keys(%{$wafproxy{'saml'}})) {
+ delete($wafproxy{'saml'});
+ }
+ # Localization for values in %warn occurs in &mt() calls separately.
my %warn = (
trusted => 'trusted IP range(s)',
vpnint => 'internal IP range(s) for VPN sessions(s)',
vpnext => 'IP range(s) for backend WAF connections',
);
- foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext') {
+ foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext','sslopt') {
my $possible = $env{'form.wafproxy_'.$item};
$possible =~ s/^\s+|\s+$//g;
if ($possible ne '') {
@@ -19874,6 +20354,10 @@ sub modify_wafproxy {
if ($wafproxy{'remoteip'} eq 'h') {
$wafproxy{$item} = $possible;
}
+ } elsif ($item eq 'sslopt') {
+ if ($possible =~ /^0|1$/) {
+ $wafproxy{$item} = $possible;
+ }
} else {
my (@ok,$count);
if (($item eq 'vpnint') || ($item eq 'vpnext')) {
@@ -19920,6 +20404,9 @@ sub modify_wafproxy {
} else {
if (keys(%curralias)) {
$changes{'alias'} = 1;
+ }
+ if (keys(%currsaml)) {
+ $changes{'saml'} = 1;
}
if (keys(%currvalue)) {
foreach my $key (keys(%currvalue)) {
@@ -19936,7 +20423,7 @@ sub modify_wafproxy {
if ($putresult eq 'ok') {
my $cachetime = 24*60*60;
my (%domdefaults,$updatedomdefs);
- foreach my $item ('ipheader','trusted','vpnint','vpnext') {
+ foreach my $item ('ipheader','trusted','vpnint','vpnext','sslopt') {
if ($changes{$item}) {
unless ($updatedomdefs) {
%domdefaults = &Apache::lonnet::get_domain_defaults($dom);
@@ -19972,8 +20459,25 @@ sub modify_wafproxy {
$lastactref->{'proxyalias'} = \%updates;
}
}
+ if ((exists($wafproxy{'saml'})) || (keys(%expiresaml))) {
+ my %samlupdates = %expiresaml;
+ foreach my $key (keys(%expiresaml)) {
+ &Apache::lonnet::devalidate_cache_new('proxysaml',$key);
+ }
+ if (ref($wafproxy{'saml'}) eq 'HASH') {
+ my $cachetime = 24*60*60;
+ foreach my $key (keys(%{$wafproxy{'saml'}})) {
+ $samlupdates{$key} = 1;
+ &Apache::lonnet::do_cache_new('proxysaml',$key,$wafproxy{'saml'}{$key},
+ $cachetime);
+ }
+ }
+ if (ref($lastactref) eq 'HASH') {
+ $lastactref->{'proxysaml'} = \%samlupdates;
+ }
+ }
$output = &mt('Changes were made to Web Application Firewall/Reverse Proxy').'';
- foreach my $item ('alias','remoteip','ipheader','trusted','vpnint','vpnext') {
+ foreach my $item ('alias','remoteip','ipheader','trusted','vpnint','vpnext','sslopt') {
if ($changes{$item}) {
if ($item eq 'alias') {
my $numaliased = 0;
@@ -19995,6 +20499,19 @@ sub modify_wafproxy {
unless ($numaliased) {
$output .= '- '.&mt('Aliases deleted for hostnames').'
';
}
+ } elsif ($item eq 'saml') {
+ my $shown;
+ if (ref($wafproxy{'saml'}) eq 'HASH') {
+ if (keys(%{$wafproxy{'saml'}})) {
+ $shown = join(', ',sort(keys(%{$wafproxy{'saml'}})));
+ }
+ }
+ if ($shown) {
+ $output .= '- '.&mt('Alias used by Shibboleth for: [_1]',
+ $shown).'
';
+ } else {
+ $output .= '- '.&mt('No alias used for Shibboleth').'
';
+ }
} else {
if ($item eq 'remoteip') {
my %ip_methods = &remoteip_methods();
@@ -20037,6 +20554,12 @@ sub modify_wafproxy {
} else {
$output .= '- '.&mt('IP Range(s) for backend WAF connections deleted').'
';
}
+ } elsif ($item eq 'sslopt') {
+ if ($wafproxy{$item}) {
+ $output .= '- '.&mt('WAF/Reverse Proxy expected to forward requests to https on LON-CAPA node, regardless of original protocol in web browser (http or https).').'
';
+ } else {
+ $output .= '- '.&mt('WAF/Reverse Proxy expected to preserve original protocol in web browser (either http or https) when forwarding to LON-CAPA node.').'
';
+ }
}
}
}
@@ -21001,8 +21524,13 @@ sub modify_loadbalancing {
}
}
if ($changes{'curr'}{$balancer}{'cookie'}) {
- $resulttext .= '- '.&mt('Load Balancer: [_1] -- cookie use enabled',
- $balancer).'
';
+ if ($currcookies{$balancer}) {
+ $resulttext .= '- '.&mt('Load Balancer: [_1] -- cookie use disabled',
+ $balancer).'
';
+ } else {
+ $resulttext .= '- '.&mt('Load Balancer: [_1] -- cookie use enabled',
+ $balancer).'
';
+ }
}
}
}
@@ -21782,15 +22310,34 @@ sub devalidate_remote_domconfs {
my %thismachine;
map { $thismachine{$_} = 1; } &Apache::lonnet::current_machine_ids();
my @posscached = ('domainconfig','domdefaults','ltitools','usersessions',
- 'directorysrch','passwdconf','cats','proxyalias');
+ 'directorysrch','passwdconf','cats','proxyalias','proxysaml');
+ my %cache_by_lonhost;
+ if (exists($cachekeys->{'samllanding'})) {
+ if (ref($cachekeys->{'samllanding'}) eq 'HASH') {
+ my %landing = %{$cachekeys->{'samllanding'}};
+ my %domservers = &Apache::lonnet::get_servers($dom);
+ if (keys(%domservers)) {
+ foreach my $server (keys(%domservers)) {
+ my @cached;
+ next if ($thismachine{$server});
+ if ($landing{$server}) {
+ push(@cached,&escape('samllanding').':'.&escape($server));
+ }
+ if (@cached) {
+ $cache_by_lonhost{$server} = \@cached;
+ }
+ }
+ }
+ }
+ }
if (keys(%servers)) {
foreach my $server (keys(%servers)) {
next if ($thismachine{$server});
my @cached;
foreach my $name (@posscached) {
if ($cachekeys->{$name}) {
- if ($name eq 'proxyalias') {
- if (ref($cachekeys->{$name}) eq 'HASH') {
+ if (($name eq 'proxyalias') || ($name eq 'proxysaml')) {
+ if (ref($cachekeys->{$name}) eq 'HASH') {
foreach my $key (keys(%{$cachekeys->{$name}})) {
push(@cached,&escape($name).':'.&escape($key));
}
@@ -21800,6 +22347,10 @@ sub devalidate_remote_domconfs {
}
}
}
+ if ((exists($cache_by_lonhost{$server})) &&
+ (ref($cache_by_lonhost{$server}) eq 'ARRAY')) {
+ push(@cached,@{$cache_by_lonhost{$server}});
+ }
if (@cached) {
&Apache::lonnet::remote_devalidate_cache($server,\@cached);
}
|