File:
[LON-CAPA] /
loncom /
auth /
lonuploadedacc.pm
Revision
1.12:
download - view:
text,
annotated -
select for diffs
Thu Apr 7 06:56:21 2005 UTC (19 years, 5 months ago) by
albertel
Branches:
MAIN
CVS tags:
version_2_1_X,
version_2_1_99_0,
version_2_1_3,
version_2_1_2,
version_2_1_1,
version_2_1_0,
version_2_0_X,
version_2_0_99_1,
version_2_0_2,
version_2_0_1,
version_2_0_0,
version_1_99_3,
version_1_99_2,
version_1_99_1_tmcc,
version_1_99_1,
version_1_99_0_tmcc,
version_1_99_0,
HEAD
- ENV -> env
# The LearningOnline Network
# Access Handler for User Files
#
# $Id: lonuploadedacc.pm,v 1.12 2005/04/07 06:56:21 albertel Exp $
#
# Copyright Michigan State University Board of Trustees
#
# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
#
# LON-CAPA is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# LON-CAPA is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with LON-CAPA; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# /home/httpd/html/adm/gpl.txt
#
# http://www.lon-capa.org/
#
package Apache::lonuploadedacc;
#
# The way this is supposed to work:
#
# User A has client machine C
# User A is logged into LON-CAPA server S
# needs file from user B
# homeserver for user B is H
#
# This handler runs on H
# To access a userfile:
# Server S generates a token and puts it into the query string of URL for H
# Client box C asks H for file with token issued by C
# H now must ask S if token is valid, uses S's lond-command tokenauthuserfile
use strict;
use Apache::Constants qw(:common :http);
use Apache::lonnet;
sub handler {
my $r = shift;
my $args=$r->args;
&Apache::loncommon::get_unprocessed_cgi($args,['token','tokenissued']);
my (undef,undef,$udom,$uname,$ufile)=split(/\//,$r->uri,5);
$ufile=~s/^[\~\.]+//;
my $remoteserver=$env{'form.tokenissued'};
my $reply=&Apache::lonnet::reply('tokenauthuserfile:'.
$udom.'/'.$uname.'/'.$ufile.':'.$env{'form.token'},
$remoteserver);
if ($reply eq 'ok') {
return OK;
} elsif ($reply eq 'con_lost' || $reply eq 'no_such_host') {
&Apache::lonnet::logthis("Server unavailable for userfile access $uname at $udom for $ufile with $remoteserver token $env{'form.token'}: $reply");
return HTTP_SERVICE_UNAVAILABLE;
} else {
&Apache::lonnet::logthis("Refused userfile access $uname at $udom for $ufile with $remoteserver token $env{'form.token'}: $reply");
return FORBIDDEN;
}
}
1;
__END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>