1: # The LearningOnline Network
2: # Low security Access Handler for Token-based access
3: # (clearance given by other loncapa host)
4: #
5: # $Id: lontokacc.pm,v 1.3 2002/07/31 15:23:55 www Exp $
6: #
7: # Copyright Michigan State University Board of Trustees
8: #
9: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
10: #
11: # LON-CAPA is free software; you can redistribute it and/or modify
12: # it under the terms of the GNU General Public License as published by
13: # the Free Software Foundation; either version 2 of the License, or
14: # (at your option) any later version.
15: #
16: # LON-CAPA is distributed in the hope that it will be useful,
17: # but WITHOUT ANY WARRANTY; without even the implied warranty of
18: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19: # GNU General Public License for more details.
20: #
21: # You should have received a copy of the GNU General Public License
22: # along with LON-CAPA; if not, write to the Free Software
23: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24: #
25: # /home/httpd/html/adm/gpl.txt
26: #
27: # http://www.lon-capa.org/
28: #
29:
30: package Apache::lontokacc;
31:
32: use strict;
33: use Apache::Constants qw(:common);
34: use Apache::lonnet();
35: use Apache::loncommon();
36:
37: sub handler {
38: my $r = shift;
39: my $query=$r->args;
40: &Apache::loncommon::get_unprocessed_cgi($query,['token','server']);
41: my $tmpinfo='no_token';
42: if (($ENV{'form.token'}) || ($ENV{'form.server'})) {
43: $tmpinfo=&Apache::lonnet::unescape(
44: &Apache::lonnet::reply('tmpget:'.$ENV{'form.token'},
45: $ENV{'form.server'}));
46: chomp($tmpinfo);
47: my $uri=$r->uri;
48: if ($tmpinfo=~/$uri$/) {
49: return OK;
50: }
51: }
52: $r->log_reason("Invalid token-based access:".$r->uri.' for '.$tmpinfo.'.',
53: $r->filename);
54: return FORBIDDEN;
55: }
56:
57: 1;
58: __END__
59:
60:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>