[LON-CAPA-cvs] cvs: loncom /enrollment Enrollment.pm

raeburn lon-capa-cvs@mail.lon-capa.org
Thu, 18 Mar 2004 16:46:28 -0000 

raeburn		Thu Mar 18 11:46:28 2004 EDT

  Modified files:              
    /loncom/enrollment	Enrollment.pm 
  Log:
  Since $auth and $authparam are passed separately to lonnet::modifystudent(), appending ':'.$authparam to $auth prior to calling this routine results in the separately passed $authparam being discarded in the makeuser process on lond, and also means that the parameter is sent to lond without being escaped. -  append no longer occurs.
  
  Comparsion of authenication for existing user with authentication in classlist data (or default) now provides more verbose output.
  
  
Index: loncom/enrollment/Enrollment.pm
diff -u loncom/enrollment/Enrollment.pm:1.11 loncom/enrollment/Enrollment.pm:1.12
--- loncom/enrollment/Enrollment.pm:1.11	Wed Mar 17 19:24:57 2004
+++ loncom/enrollment/Enrollment.pm	Thu Mar 18 11:46:28 2004
@@ -1,5 +1,5 @@
 # Automated Enrollment manager
-# $Id: Enrollment.pm,v 1.11 2004/03/18 00:24:57 raeburn Exp $
+# $Id: Enrollment.pm,v 1.12 2004/03/18 16:46:28 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -242,9 +242,6 @@
                     if ( ($authparam eq '')  || (!defined($authparam)) )  {
                         $authparam = $autharg;
                     }
-                    if ($auth =~ m/^krb/) {
-                        $auth .= ':'.$authparam;
-                    }
                     if ( ($end eq '') || (!defined($end)) )  {
                          $end = $enddate;
                     }
@@ -342,18 +339,22 @@
                         }                            
                         my $krbdefdom = '';
                         my $currentauth=&Apache::lonnet::queryauthenticate($uname,$dom);
-                        if ($currentauth=~/^krb(4|5):/) {
-                            $currentauth=~/^krb(4|5):(.*)/;
-                            $krbdefdom=$1;
+                        if ($currentauth=~/^(krb[45]):(.*)/) {
+                            $currentauth = $1;
+                            $krbdefdom = $2;
                         } elsif ($currentauth=~ /^(unix|internal|localauth):/) {
                             $currentauth = $1;
                         } else {
                             $$logmsg .= "Invalid authentication method $currentauth for $uname.".$linefeed;  
                         }
 # Report if authentication methods are different.
-                        if ($currentauth ne $auth ) {
-                            $$logmsg .= "Authentication mismatch for $uname - $currentauth in system, $auth based on information in classlist or default for this course.".$linefeed;
-                        }
+                        if ($currentauth ne $auth) {
+                            $$logmsg .= "Authentication type mismatch for $uname - '$currentauth' in system, '$auth' based on information in classlist or default for this course.".$linefeed;
+                        } elsif ($auth =~ m/^krb/) {
+                            if ($krbdefdom ne $authparam) {
+                                $$logmsg .= "Kerberos domain mismatch for $uname - '$krbdefdom' in system, '$authparam' based on information in classlist or default for this course.".$linefeed;
+                            }
+
 # Check user data
                         if ($first  ne $userenv{'firstname'}  ||
                             $middle ne $userenv{'middlename'} ||