--- loncom/lonnet/perl/lonnet.pm	2018/05/01 14:28:41	1.1376
+++ loncom/lonnet/perl/lonnet.pm	2018/07/04 16:58:29	1.1378
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.1376 2018/05/01 14:28:41 raeburn Exp $
+# $Id: lonnet.pm,v 1.1378 2018/07/04 16:58:29 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -652,31 +652,39 @@ sub transfer_profile_to_env {
 sub check_for_valid_session {
     my ($r,$name,$userhashref,$domref) = @_;
     my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
-    my ($linkname,$pubname);
-    if ($name eq '') {
-        $name = 'lonID';
+    my ($lonidsdir,$linkname,$pubname,$secure,$lonid);
+    if ($name eq 'lonDAV') {
+        $lonidsdir=$r->dir_config('lonDAVsessDir');
+    } else {
+        $lonidsdir=$r->dir_config('lonIDsDir');
+        if ($name eq '') {
+            $name = 'lonID';
+        }
+    }
+    if ($name eq 'lonID') {
+        $secure = 'lonSID';
         $linkname = 'lonLinkID';
         $pubname = 'lonPubID';
-    }
-    my $lonid=$cookies{$name};
-    if (!$lonid) {
-        if (($name eq 'lonID') && ($ENV{'SERVER_PORT'} != 443) && ($linkname)) {
+        if (exists($cookies{$secure})) {
+            $lonid=$cookies{$secure};
+        } elsif (exists($cookies{$name})) {
+            $lonid=$cookies{$name};
+        } elsif (exists($cookies{$linkname})) {
             $lonid=$cookies{$linkname};
+        } elsif (exists($cookies{$pubname})) {
+            $lonid=$cookies{$pubname};
         }
-        if (!$lonid) {
-            if (($name eq 'lonID') && ($pubname)) {
-                $lonid=$cookies{$pubname};
-            }
-        }
+    } else {
+        $lonid=$cookies{$name};
     }
     return undef if (!$lonid);
 
     my $handle=&LONCAPA::clean_handle($lonid->value);
-    my $lonidsdir;
-    if ($name eq 'lonDAV') {
-        $lonidsdir=$r->dir_config('lonDAVsessDir');
-    } else {
-        $lonidsdir=$r->dir_config('lonIDsDir');
+    if (-l "$lonidsdir/$handle.id") {
+        my $link = readlink("$lonidsdir/$handle.id");
+        if ((-e $link) && ($link =~ m{^\Q$lonidsdir\E/(.+)\.id$})) {
+            $handle = $1;
+        }
     }
     if (!-e "$lonidsdir/$handle.id") {
         if ((ref($domref)) && ($name eq 'lonID') && 
@@ -9290,7 +9298,7 @@ sub assignrole {
             }
             if ($refused) {
                 my ($cdom,$cnum) = ($cwosec =~ m{^/?($match_domain)/($match_courseid)$});
-                if (!$selfenroll && $context eq 'course') {
+                if (!$selfenroll && (($context eq 'course') || ($context eq 'ltienroll' && $env{'request.lti.login'}))) {
                     my %crsenv;
                     if ($role eq 'cc' || $role eq 'co') {
                         %crsenv = &userenvironment($cdom,$cnum,('internal.courseowner'));
@@ -9313,7 +9321,7 @@ sub assignrole {
                 } elsif (($selfenroll == 1) && ($udom eq $env{'user.domain'}) && ($uname eq $env{'user.name'})) {
                     if ($role eq 'st') {
                         $refused = '';
-                    } elsif (($context eq 'ltienroll') && ($env{'request.lti'})) {
+                    } elsif (($context eq 'ltienroll') && ($env{'request.lti.login'})) {
                         $refused = '';
                     }
                 } elsif ($context eq 'requestcourses') {