loncom/interface/domainprefs.pm - diff

Return to domainprefs.pm CVS log

Up to [LON-CAPA] / loncom / interface

Diff for /loncom/interface/domainprefs.pm between versions 1.387 and 1.388

version 1.387, 2021/09/27 03:26:24	version 1.388, 2021/10/07 15:51:15
Line 7518 sub print_wafproxy {	Line 7518 sub print_wafproxy {
my $itemcount = 0;	my $itemcount = 0;
my $datatable;	my $datatable;
my %servers = &Apache::lonnet::internet_dom_servers($dom);	my %servers = &Apache::lonnet::internet_dom_servers($dom);
my (%othercontrol,%otherdoms,%aliases,%values,$setdom,$showdom);	my (%othercontrol,%otherdoms,%aliases,%saml,%values,$setdom,$showdom);
my %lt = &wafproxy_titles();	my %lt = &wafproxy_titles();
foreach my $server (sort(keys(%servers))) {	foreach my $server (sort(keys(%servers))) {
my $serverhome = &Apache::lonnet::get_server_homeID($servers{$server});	my $serverhome = &Apache::lonnet::get_server_homeID($servers{$server});
Line 7543 sub print_wafproxy {	Line 7543 sub print_wafproxy {
$showdom = 1;	$showdom = 1;
}	}
}	}
	if (ref($settings->{'saml'}) eq 'HASH') {
	$saml{$dom} = $settings->{'saml'};
	}
}	}
}	}
}	}
Line 7562 sub print_wafproxy {	Line 7565 sub print_wafproxy {
my %config = &Apache::lonnet::get_dom('configuration',['wafproxy'],$domain);	my %config = &Apache::lonnet::get_dom('configuration',['wafproxy'],$domain);
if (ref($config{'wafproxy'}) eq 'HASH') {	if (ref($config{'wafproxy'}) eq 'HASH') {
$aliases{$domain} = $config{'wafproxy'}{'alias'};	$aliases{$domain} = $config{'wafproxy'}{'alias'};
	if (exists($config{'wafproxy'}{'saml'})) {
	$saml{$domain} = $config{'wafproxy'}{'saml'};
	}
foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext') {	foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext') {
$values{$domain}{$item} = $config{'wafproxy'}{$item};	$values{$domain}{$item} = $config{'wafproxy'}{$item};
}	}
Line 7580 sub print_wafproxy {	Line 7586 sub print_wafproxy {
'<i>'.&Apache::lonnet::hostname($server).'</i></td><td> </td>';	'<i>'.&Apache::lonnet::hostname($server).'</i></td><td> </td>';
if ($othercontrol{$server}) {	if ($othercontrol{$server}) {
$dom_in_effect = $othercontrol{$server};	$dom_in_effect = $othercontrol{$server};
my $current;	my ($current,$forsaml);
if (ref($aliases{$dom_in_effect}) eq 'HASH') {	if (ref($aliases{$dom_in_effect}) eq 'HASH') {
$current = $aliases{$dom_in_effect}{$server};	$current = $aliases{$dom_in_effect}{$server};
}	}
	if (ref($saml{$dom_in_effect}) eq 'HASH') {
	if ($saml{$dom_in_effect}{$server}) {
	$forsaml = 1;
	}
	}
$aliasrows .= '<td class="LC_left_item" style="vertical-align: baseline;">'.	$aliasrows .= '<td class="LC_left_item" style="vertical-align: baseline;">'.
&mt('Alias').':&nbsp';	&mt('Alias').':&nbsp';
if ($current) {	if ($current) {
$aliasrows .= $current;	$aliasrows .= $current;
	if ($forsaml) {
	$aliasrows .= ' ('.&mt('also for Shibboleth').')';
	}
} else {	} else {
$aliasrows .= &mt('None');	$aliasrows .= &mt('None');
}	}
Line 7596 sub print_wafproxy {	Line 7610 sub print_wafproxy {
'<b>'.$dom_in_effect.'</b>').')</span></td>';	'<b>'.$dom_in_effect.'</b>').')</span></td>';
} else {	} else {
$dom_in_effect = $dom;	$dom_in_effect = $dom;
my $current;	my ($current,$samlon,$samloff);
	$samloff = ' checked="checked"';
if (ref($aliases{$dom}) eq 'HASH') {	if (ref($aliases{$dom}) eq 'HASH') {
if ($aliases{$dom}{$server}) {	if ($aliases{$dom}{$server}) {
$current = $aliases{$dom}{$server};	$current = $aliases{$dom}{$server};
}	}
}	}
	if (ref($saml{$dom}) eq 'HASH') {
	if ($saml{$dom}{$server}) {
	$samlon = $samloff;
	undef($samloff);
	}
	}
$aliasrows .= '<td class="LC_left_item" style="vertical-align: baseline;">'.	$aliasrows .= '<td class="LC_left_item" style="vertical-align: baseline;">'.
&mt('Alias').': '.	&mt('Alias').': '.
'<input type="text" name="wafproxy_alias_'.$server.'" '.	'<input type="text" name="wafproxy_alias_'.$server.'" '.
'value="'.$current.'" size="30" /></td>';	'value="'.$current.'" size="30" />'.
	(' 'x2).'<span class="LC_nobreak">'.
	&mt('Alias used for Shibboleth').': <label>'.
	'<input type="radio" value="0"'.$samloff.' name="wafproxy_alias_saml_'.$server.'" />'.
	&mt('No').'</label> <label>'.
	'<input type="radio" value="1"'.$samlon.' name="wafproxy_alias_saml_'.$server.'" />'.
	&mt('Yes').'</label></span>'.
	'</td>';
}	}
$aliasrows .= '</tr>';	$aliasrows .= '</tr>';
$aliasinfo{$dom_in_effect} .= $aliasrows;	$aliasinfo{$dom_in_effect} .= $aliasrows;
Line 20236 sub modify_selfenrollment {	Line 20264 sub modify_selfenrollment {
sub modify_wafproxy {	sub modify_wafproxy {
my ($dom,$action,$lastactref,%domconfig) = @_;	my ($dom,$action,$lastactref,%domconfig) = @_;
my %servers = &Apache::lonnet::internet_dom_servers($dom);	my %servers = &Apache::lonnet::internet_dom_servers($dom);
my (%othercontrol,%canset,%values,%curralias,%currvalue,@warnings,%wafproxy,	my (%othercontrol,%canset,%values,%curralias,%currsaml,%currvalue,@warnings,
%changes,%expirecache);	%wafproxy,%changes,%expirecache,%expiresaml);
foreach my $server (sort(keys(%servers))) {	foreach my $server (sort(keys(%servers))) {
my $serverhome = &Apache::lonnet::get_server_homeID($servers{$server});	my $serverhome = &Apache::lonnet::get_server_homeID($servers{$server});
if ($serverhome eq $server) {	if ($serverhome eq $server) {
Line 20252 sub modify_wafproxy {	Line 20280 sub modify_wafproxy {
if (ref($domconfig{'wafproxy'}{'alias'}) eq 'HASH') {	if (ref($domconfig{'wafproxy'}{'alias'}) eq 'HASH') {
%curralias = %{$domconfig{'wafproxy'}{'alias'}};	%curralias = %{$domconfig{'wafproxy'}{'alias'}};
}	}
	if (ref($domconfig{'wafproxy'}{'saml'}) eq 'HASH') {
	%currsaml = %{$domconfig{'wafproxy'}{'saml'}};
	}
foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext','sslopt') {	foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext','sslopt') {
$currvalue{$item} = $domconfig{'wafproxy'}{$item};	$currvalue{$item} = $domconfig{'wafproxy'}{$item};
}	}
Line 20259 sub modify_wafproxy {	Line 20290 sub modify_wafproxy {
my $output;	my $output;
if (keys(%canset)) {	if (keys(%canset)) {
%{$wafproxy{'alias'}} = ();	%{$wafproxy{'alias'}} = ();
	%{$wafproxy{'saml'}} = ();
foreach my $key (sort(keys(%canset))) {	foreach my $key (sort(keys(%canset))) {
if ($env{'form.wafproxy_'.$dom}) {	if ($env{'form.wafproxy_'.$dom}) {
$wafproxy{'alias'}{$key} = $env{'form.wafproxy_alias_'.$key};	$wafproxy{'alias'}{$key} = $env{'form.wafproxy_alias_'.$key};
Line 20266 sub modify_wafproxy {	Line 20298 sub modify_wafproxy {
if ($wafproxy{'alias'}{$key} ne $curralias{$key}) {	if ($wafproxy{'alias'}{$key} ne $curralias{$key}) {
$changes{'alias'} = 1;	$changes{'alias'} = 1;
}	}
	if ($env{'form.wafproxy_alias_saml_'.$key}) {
	$wafproxy{'saml'}{$key} = 1;
	}
	if ($wafproxy{'saml'}{$key} ne $currsaml{$key}) {
	$changes{'saml'} = 1;
	}
} else {	} else {
$wafproxy{'alias'}{$key} = '';	$wafproxy{'alias'}{$key} = '';
	$wafproxy{'saml'}{$key} = '';
if ($curralias{$key}) {	if ($curralias{$key}) {
$changes{'alias'} = 1;	$changes{'alias'} = 1;
}	}
	if ($currsaml{$key}) {
	$changes{'saml'} = 1;
	}
}	}
if ($wafproxy{'alias'}{$key} eq '') {	if ($wafproxy{'alias'}{$key} eq '') {
if ($curralias{$key}) {	if ($curralias{$key}) {
Line 20278 sub modify_wafproxy {	Line 20320 sub modify_wafproxy {
}	}
delete($wafproxy{'alias'}{$key});	delete($wafproxy{'alias'}{$key});
}	}
	if ($wafproxy{'saml'}{$key} eq '') {
	if ($currsaml{$key}) {
	$expiresaml{$key} = 1;
	}
	delete($wafproxy{'saml'}{$key});
	}
}	}
unless (keys(%{$wafproxy{'alias'}})) {	unless (keys(%{$wafproxy{'alias'}})) {
delete($wafproxy{'alias'});	delete($wafproxy{'alias'});
}	}
# Localization for values in %warn occus in &mt() calls separately.	unless (keys(%{$wafproxy{'saml'}})) {
	delete($wafproxy{'saml'});
	}
	# Localization for values in %warn occurs in &mt() calls separately.
my %warn = (	my %warn = (
trusted => 'trusted IP range(s)',	trusted => 'trusted IP range(s)',
vpnint => 'internal IP range(s) for VPN sessions(s)',	vpnint => 'internal IP range(s) for VPN sessions(s)',
Line 20350 sub modify_wafproxy {	Line 20401 sub modify_wafproxy {
} else {	} else {
if (keys(%curralias)) {	if (keys(%curralias)) {
$changes{'alias'} = 1;	$changes{'alias'} = 1;
	}
	if (keys(%currsaml)) {
	$changes{'saml'} = 1;
}	}
if (keys(%currvalue)) {	if (keys(%currvalue)) {
foreach my $key (keys(%currvalue)) {	foreach my $key (keys(%currvalue)) {
Line 20402 sub modify_wafproxy {	Line 20456 sub modify_wafproxy {
$lastactref->{'proxyalias'} = \%updates;	$lastactref->{'proxyalias'} = \%updates;
}	}
}	}
	if ((exists($wafproxy{'saml'})) \|\| (keys(%expiresaml))) {
	my %samlupdates = %expiresaml;
	foreach my $key (keys(%expiresaml)) {
	&Apache::lonnet::devalidate_cache_new('proxysaml',$key);
	}
	if (ref($wafproxy{'saml'}) eq 'HASH') {
	my $cachetime = 246060;
	foreach my $key (keys(%{$wafproxy{'saml'}})) {
	$samlupdates{$key} = 1;
	&Apache::lonnet::do_cache_new('proxysaml',$key,$wafproxy{'saml'}{$key},
	$cachetime);
	}
	}
	if (ref($lastactref) eq 'HASH') {
	$lastactref->{'proxysaml'} = \%samlupdates;
	}
	}
$output = &mt('Changes were made to Web Application Firewall/Reverse Proxy').'<ul>';	$output = &mt('Changes were made to Web Application Firewall/Reverse Proxy').'<ul>';
foreach my $item ('alias','remoteip','ipheader','trusted','vpnint','vpnext','sslopt') {	foreach my $item ('alias','remoteip','ipheader','trusted','vpnint','vpnext','sslopt') {
if ($changes{$item}) {	if ($changes{$item}) {
Line 20425 sub modify_wafproxy {	Line 20496 sub modify_wafproxy {
unless ($numaliased) {	unless ($numaliased) {
$output .= '<li>'.&mt('Aliases deleted for hostnames').'</li>';	$output .= '<li>'.&mt('Aliases deleted for hostnames').'</li>';
}	}
	} elsif ($item eq 'saml') {
	my $shown;
	if (ref($wafproxy{'saml'}) eq 'HASH') {
	if (keys(%{$wafproxy{'saml'}})) {
	$shown = join(', ',sort(keys(%{$wafproxy{'saml'}})));
	}
	}
	if ($shown) {
	$output .= '<li>'.&mt('Alias used by Shibboleth for: [_1]',
	$shown).'</li>';
	} else {
	$output .= '<li>'.&mt('No alias used for Shibboleth').'</li>';
	}
} else {	} else {
if ($item eq 'remoteip') {	if ($item eq 'remoteip') {
my %ip_methods = &remoteip_methods();	my %ip_methods = &remoteip_methods();
Line 22218 sub devalidate_remote_domconfs {	Line 22302 sub devalidate_remote_domconfs {
my %thismachine;	my %thismachine;
map { $thismachine{$_} = 1; } &Apache::lonnet::current_machine_ids();	map { $thismachine{$_} = 1; } &Apache::lonnet::current_machine_ids();
my @posscached = ('domainconfig','domdefaults','ltitools','usersessions',	my @posscached = ('domainconfig','domdefaults','ltitools','usersessions',
'directorysrch','passwdconf','cats','proxyalias');	'directorysrch','passwdconf','cats','proxyalias','proxysaml');
my %cache_by_lonhost;	my %cache_by_lonhost;
if (exists($cachekeys->{'samllanding'})) {	if (exists($cachekeys->{'samllanding'})) {
if (ref($cachekeys->{'samllanding'}) eq 'HASH') {	if (ref($cachekeys->{'samllanding'}) eq 'HASH') {
Line 22244 sub devalidate_remote_domconfs {	Line 22328 sub devalidate_remote_domconfs {
my @cached;	my @cached;
foreach my $name (@posscached) {	foreach my $name (@posscached) {
if ($cachekeys->{$name}) {	if ($cachekeys->{$name}) {
if ($name eq 'proxyalias') {	if (($name eq 'proxyalias') \|\| ($name eq 'proxysaml')) {
if (ref($cachekeys->{$name}) eq 'HASH') {	if (ref($cachekeys->{$name}) eq 'HASH') {
foreach my $key (keys(%{$cachekeys->{$name}})) {	foreach my $key (keys(%{$cachekeys->{$name}})) {
push(@cached,&escape($name).':'.&escape($key));	push(@cached,&escape($name).':'.&escape($key));

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.387
changed lines
	Added in v.1.388