version 1.1, 2002/07/27 18:48:19
|
version 1.4, 2002/08/01 22:36:11
|
Line 1
|
Line 1
|
# The LearningOnline Network |
# The LearningOnline Network |
# Low security Access Handler for Token-based access |
# Access Handler for User File Transfers |
# (clearance given by other loncapa host) |
|
# |
# |
# $Id$ |
# $Id$ |
# |
# |
Line 32 package Apache::lontokacc;
|
Line 31 package Apache::lontokacc;
|
use strict; |
use strict; |
use Apache::Constants qw(:common :remotehost); |
use Apache::Constants qw(:common :remotehost); |
use Apache::lonnet(); |
use Apache::lonnet(); |
use Apache::loncommon(); |
use Apache::File(); |
|
|
sub handler { |
sub handler { |
my $r = shift; |
my $r = shift; |
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'}, |
my $reqhost; |
['token','server']); |
unless ($reqhost=$r->get_remote_host(REMOTE_DOUBLE_REV)) { |
if (($ENV{'form.token'}) || ($ENV{'form.server'})) { |
$r->log_reason("Spoof request"); |
my $tmpinfo=Apache::lonnet::reply('tmpget:'.$ENV{'form.token'}, |
return FORBIDDEN; |
$ENV{'form.server'}); |
|
|
|
if ($tmpinfo eq $r->uri) { |
|
return OK; |
|
} |
|
} |
} |
$r->log_reason("Invalid token-based access",$r->filename); |
my $readline; |
|
my $lontabdir=$r->dir_config('lonTabDir'); |
|
{ |
|
my $fh; |
|
unless ($fh=Apache::File->new("$lontabdir/hosts.tab")) { |
|
$r->log_reason("Could not find host tab file"); |
|
return FORBIDDEN; |
|
} |
|
while ($readline=<$fh>) { |
|
my ($id,$domain,$role,$name,$ip)=split(/:/,$readline); |
|
if ($name =~ /$reqhost/i) { return OK; } |
|
} |
|
|
|
} |
|
$r->log_reason("Invalid request for user file transfer from $reqhost", |
|
$r->filename); |
return FORBIDDEN; |
return FORBIDDEN; |
} |
} |
|
|
Line 54 sub handler {
|
Line 63 sub handler {
|
__END__ |
__END__ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|