[LON-CAPA-cvs] cvs: loncom /auth migrateuser.pm
raeburn
raeburn at source.lon-capa.org
Mon Oct 6 23:13:34 EDT 2014
raeburn Tue Oct 7 03:13:34 2014 EDT
Modified files:
/loncom/auth migrateuser.pm
Log:
Bug 6675 (IP change detected in session migration).
- log when IP change detected.
- Include user's domain in query string if re-authentication uses /adm/login.
Index: loncom/auth/migrateuser.pm
diff -u loncom/auth/migrateuser.pm:1.23 loncom/auth/migrateuser.pm:1.24
--- loncom/auth/migrateuser.pm:1.23 Mon Oct 6 00:48:44 2014
+++ loncom/auth/migrateuser.pm Tue Oct 7 03:13:34 2014
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Starts a user off based of an existing token.
#
-# $Id: migrateuser.pm,v 1.23 2014/10/06 00:48:44 raeburn Exp $
+# $Id: migrateuser.pm,v 1.24 2014/10/07 03:13:34 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -37,12 +37,15 @@
use Apache::lonlogin();
sub goto_login {
- my ($r) = @_;
+ my ($r,$domain) = @_;
&Apache::loncommon::content_type($r,'text/html');
$r->send_http_header;
+ my $url = '/adm/login';
+ if ($domain) {
+ $url .= '?domain='.$domain;
+ }
$r->print(&Apache::loncommon::start_page('Going to login',undef,
- {'redirect' =>
- [0,'/adm/login'],}).
+ {'redirect' => [0,$url],}).
'<h1>'.&mt('One moment please...').'</h1>'.
'<p>'.&mt('Transferring to login page.').'</p>'.
&Apache::loncommon::end_page());
@@ -173,10 +176,13 @@
$url .= '/adm/roles';
} else {
$url .= '/adm/login';
+ if ($udom) {
+ $url .= '?domain='.$udom;
+ }
$message .= '<br />'.&mt('You will need to provide your password one more time.');
}
my %info= (
- 'domain' => $dataref->{'domain'},
+ 'domain' => $udom,
'username' => $dataref->{'username'},
'role' => $dataref->{'role'},
'sessionserver' => $lonhost,
@@ -189,7 +195,8 @@
}
my $iptoken = &Apache::lonnet::tmpput(\%info,$switchto);
unless ($iptoken eq 'conlost') {
- $url .= '?iptoken='.$iptoken;
+ $url .= ($url =~ /\?/) ? '&' : '?';
+ $url .= 'iptoken='.$iptoken;
}
$r->print(&Apache::loncommon::start_page($title,undef,
{'redirect' =>
@@ -223,12 +230,18 @@
return &goto_login($r);
}
if ($data{'ip'} ne $ENV{'REMOTE_ADDR'}) {
+ &Apache::lonnet::logthis('IP change when session migration requested -- was: '.
+ $data{'ip'}.'; now: '.$ENV{'REMOTE_ADDR'}.' for '.$data{'username'}.':'.$data{'domain'});
return &ip_changed($r,$data{'domain'},$data{'server'},\%data);
}
&Apache::lonnet::logthis("Allowing access for $data{'username'}:$data{'domain'} to $data{'role'}");
my $home=&Apache::lonnet::homeserver($data{'username'},$data{'domain'});
- if ($home =~ /(con_lost|no_such_host)/) { return &goto_login($r); }
+ my $udom;
+ if (&Apache::lonnet::domain($data{'domain'})) {
+ $udom=$data{'domain'};
+ }
+ if ($home =~ /(con_lost|no_such_host)/) { return &goto_login($r,$udom); }
my $extra_env = &sso_check(\%data);
More information about the LON-CAPA-cvs
mailing list