[LON-CAPA-cvs] cvs: loncom / loncron /auth lontokacc.pm /lonnet/perl lonnet.pm
www
lon-capa-cvs@mail.lon-capa.org
Sat, 27 Jul 2002 19:06:41 -0000
www Sat Jul 27 15:06:41 2002 EDT
Modified files:
/loncom loncron
/loncom/auth lontokacc.pm
/loncom/lonnet/perl lonnet.pm
Log:
Toward bug 481.
To use token-based access, use for example
'<img src="'.&Apache::lonnet::tokenwrapper($fulluri).'" />'
Index: loncom/loncron
diff -u loncom/loncron:1.31 loncom/loncron:1.32
--- loncom/loncron:1.31 Thu Jul 25 14:24:27 2002
+++ loncom/loncron Sat Jul 27 15:06:41 2002
@@ -264,7 +264,7 @@
$cleaned++;
unlink("$fname");
} else {
- if ($since>100*$perlvar{'lonExpire'}) {
+ if ($since>365*$perlvar{'lonExpire'}) {
$cleaned++;
unlink("$fname");
} else { $old++; }
Index: loncom/auth/lontokacc.pm
diff -u loncom/auth/lontokacc.pm:1.1 loncom/auth/lontokacc.pm:1.2
--- loncom/auth/lontokacc.pm:1.1 Sat Jul 27 14:48:19 2002
+++ loncom/auth/lontokacc.pm Sat Jul 27 15:06:41 2002
@@ -2,7 +2,7 @@
# Low security Access Handler for Token-based access
# (clearance given by other loncapa host)
#
-# $Id: lontokacc.pm,v 1.1 2002/07/27 18:48:19 www Exp $
+# $Id: lontokacc.pm,v 1.2 2002/07/27 19:06:41 www Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -30,23 +30,25 @@
package Apache::lontokacc;
use strict;
-use Apache::Constants qw(:common :remotehost);
+use Apache::Constants qw(:common);
use Apache::lonnet();
use Apache::loncommon();
sub handler {
my $r = shift;
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},
- ['token','server']);
+ ['token','server']);
+ my $tmpinfo='no_token';
if (($ENV{'form.token'}) || ($ENV{'form.server'})) {
- my $tmpinfo=Apache::lonnet::reply('tmpget:'.$ENV{'form.token'},
- $ENV{'form.server'});
-
+ $tmpinfo=&Apache::lonnet::unescape(
+ &Apache::lonnet::reply('tmpget:'.$ENV{'form.token'},
+ $ENV{'form.server'}));
if ($tmpinfo eq $r->uri) {
return OK;
}
}
- $r->log_reason("Invalid token-based access",$r->filename);
+ $r->log_reason("Invalid token-based access ".$r->uri.' '.$tmpinfo,
+ $r->filename);
return FORBIDDEN;
}
Index: loncom/lonnet/perl/lonnet.pm
diff -u loncom/lonnet/perl/lonnet.pm:1.253 loncom/lonnet/perl/lonnet.pm:1.254
--- loncom/lonnet/perl/lonnet.pm:1.253 Wed Jul 17 15:18:47 2002
+++ loncom/lonnet/perl/lonnet.pm Sat Jul 27 15:06:41 2002
@@ -1,7 +1,7 @@
# The LearningOnline Network
# TCP networking package
#
-# $Id: lonnet.pm,v 1.253 2002/07/17 19:18:47 stredwic Exp $
+# $Id: lonnet.pm,v 1.254 2002/07/27 19:06:41 www Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -707,6 +707,16 @@
return $response->content;
}
+
+# ------- Add a token to a remote URI's query string to vouch for access rights
+
+sub tokenwrapper {
+ my $uri=shift;
+ my $token=&reply('tmpput:'.&escape($uri),$perlvar{'lonHostID'});
+ return $uri.(($uri=~/\?/)?'&':'?').
+ 'token='.$token.'&server='.$perlvar{'lonHostID'};
+}
+
# ------------------------------------------------------------------------- Log