loncom/auth/lontokacc.pm - view

Return to lontokacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

File: [LON-CAPA] / loncom / auth / lontokacc.pm
Revision 1.3: download - view: text, annotated - select for diffs
Wed Jul 31 15:23:55 2002 UTC (21 years, 10 months ago) by www
Branches: MAIN
CVS tags: HEAD

Token security file upload

    1: # The LearningOnline Network
    2: # Low security Access Handler for Token-based access 
    3: # (clearance given by other loncapa host)
    4: #
    5: # $Id: lontokacc.pm,v 1.3 2002/07/31 15:23:55 www Exp $
    6: #
    7: # Copyright Michigan State University Board of Trustees
    8: #
    9: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
   10: #
   11: # LON-CAPA is free software; you can redistribute it and/or modify
   12: # it under the terms of the GNU General Public License as published by
   13: # the Free Software Foundation; either version 2 of the License, or
   14: # (at your option) any later version.
   15: #
   16: # LON-CAPA is distributed in the hope that it will be useful,
   17: # but WITHOUT ANY WARRANTY; without even the implied warranty of
   18: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   19: # GNU General Public License for more details.
   20: #
   21: # You should have received a copy of the GNU General Public License
   22: # along with LON-CAPA; if not, write to the Free Software
   23: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   24: #
   25: # /home/httpd/html/adm/gpl.txt
   26: #
   27: # http://www.lon-capa.org/
   28: #
   29: 
   30: package Apache::lontokacc;
   31: 
   32: use strict;
   33: use Apache::Constants qw(:common);
   34: use Apache::lonnet();
   35: use Apache::loncommon();
   36: 
   37: sub handler {
   38:     my $r = shift;
   39:     my $query=$r->args;
   40:     &Apache::loncommon::get_unprocessed_cgi($query,['token','server']);
   41:     my $tmpinfo='no_token';
   42:     if (($ENV{'form.token'}) || ($ENV{'form.server'})) {
   43:         $tmpinfo=&Apache::lonnet::unescape(
   44:                    &Apache::lonnet::reply('tmpget:'.$ENV{'form.token'},
   45:                                                     $ENV{'form.server'}));
   46:         chomp($tmpinfo);
   47:         my $uri=$r->uri;
   48:         if ($tmpinfo=~/$uri$/) {
   49: 	   return OK;
   50:         }
   51:     }
   52:     $r->log_reason("Invalid token-based access:".$r->uri.' for '.$tmpinfo.'.',
   53:         $r->filename); 
   54:     return FORBIDDEN;
   55: }
   56: 
   57: 1;
   58: __END__
   59: 
   60:

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>