version 1.2, 2002/07/27 19:06:41
|
version 1.4, 2002/08/01 22:36:11
|
Line 1
|
Line 1
|
# The LearningOnline Network |
# The LearningOnline Network |
# Low security Access Handler for Token-based access |
# Access Handler for User File Transfers |
# (clearance given by other loncapa host) |
|
# |
# |
# $Id$ |
# $Id$ |
# |
# |
Line 30
|
Line 29
|
package Apache::lontokacc; |
package Apache::lontokacc; |
|
|
use strict; |
use strict; |
use Apache::Constants qw(:common); |
use Apache::Constants qw(:common :remotehost); |
use Apache::lonnet(); |
use Apache::lonnet(); |
use Apache::loncommon(); |
use Apache::File(); |
|
|
sub handler { |
sub handler { |
my $r = shift; |
my $r = shift; |
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'}, |
my $reqhost; |
['token','server']); |
unless ($reqhost=$r->get_remote_host(REMOTE_DOUBLE_REV)) { |
my $tmpinfo='no_token'; |
$r->log_reason("Spoof request"); |
if (($ENV{'form.token'}) || ($ENV{'form.server'})) { |
return FORBIDDEN; |
$tmpinfo=&Apache::lonnet::unescape( |
|
&Apache::lonnet::reply('tmpget:'.$ENV{'form.token'}, |
|
$ENV{'form.server'})); |
|
if ($tmpinfo eq $r->uri) { |
|
return OK; |
|
} |
|
} |
} |
$r->log_reason("Invalid token-based access ".$r->uri.' '.$tmpinfo, |
my $readline; |
$r->filename); |
my $lontabdir=$r->dir_config('lonTabDir'); |
|
{ |
|
my $fh; |
|
unless ($fh=Apache::File->new("$lontabdir/hosts.tab")) { |
|
$r->log_reason("Could not find host tab file"); |
|
return FORBIDDEN; |
|
} |
|
while ($readline=<$fh>) { |
|
my ($id,$domain,$role,$name,$ip)=split(/:/,$readline); |
|
if ($name =~ /$reqhost/i) { return OK; } |
|
} |
|
|
|
} |
|
$r->log_reason("Invalid request for user file transfer from $reqhost", |
|
$r->filename); |
return FORBIDDEN; |
return FORBIDDEN; |
} |
} |
|
|
Line 56 sub handler {
|
Line 63 sub handler {
|
__END__ |
__END__ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|