[LON-CAPA-cvs] cvs: loncom /auth lonlogin.pm /lonnet/perl lonnet.pm
raeburn
raeburn at source.lon-capa.org
Tue Dec 4 22:29:12 EST 2018
raeburn Wed Dec 5 03:29:12 2018 EDT
Modified files:
/loncom/auth lonlogin.pm
/loncom/lonnet/perl lonnet.pm
Log:
- Avoid repeated redirects back and forth between balancer and target node
in corner case.
- Remove file on balancer with record of node in use when browser lacks
cookie for the active session on (balanced) node, when log-in page on
that node is set to redirect.
- If removal fails, remove the user's session file on the node itself.
-------------- next part --------------
Index: loncom/auth/lonlogin.pm
diff -u loncom/auth/lonlogin.pm:1.175 loncom/auth/lonlogin.pm:1.176
--- loncom/auth/lonlogin.pm:1.175 Sun Dec 2 14:55:59 2018
+++ loncom/auth/lonlogin.pm Wed Dec 5 03:29:05 2018
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Login Screen
#
-# $Id: lonlogin.pm,v 1.175 2018/12/02 14:55:59 raeburn Exp $
+# $Id: lonlogin.pm,v 1.176 2018/12/05 03:29:05 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -37,7 +37,7 @@
use Apache::lonlocal;
use Apache::migrateuser();
use lib '/home/httpd/lib/perl/';
-use LONCAPA;
+use LONCAPA qw(:DEFAULT :match);
use CGI::Cookie();
sub handler {
@@ -47,7 +47,7 @@
(join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},
$ENV{'REDIRECT_QUERY_STRING'}),
['interface','username','domain','firsturl','localpath','localres',
- 'token','role','symb','iptoken']);
+ 'token','role','symb','iptoken','btoken']);
if (!defined($env{'form.firsturl'})) {
&Apache::lonacc::get_posted_cgi($r,['firsturl']);
}
@@ -64,10 +64,10 @@
# For "public user" - remove any exising "public" cookie, as user really wants to log-in
my ($handle,$lonidsdir,$expirepub,$userdom);
+ $lonidsdir=$r->dir_config('lonIDsDir');
unless ($r->header_only) {
$handle = &Apache::lonnet::check_for_valid_session($r,'lonID',undef,\$userdom);
if ($handle ne '') {
- $lonidsdir=$r->dir_config('lonIDsDir');
if ($handle=~/^publicuser\_/) {
unlink($r->dir_config('lonIDsDir')."/$handle.id");
undef($handle);
@@ -106,6 +106,7 @@
return OK;
}
+ my $lonhost = $r->dir_config('lonHostID');
$env{'form.firsturl'} =~ s/(`)/'/g;
# Check if browser sent a LON-CAPA load balancer cookie (and this is a balancer)
@@ -120,6 +121,13 @@
if ($env{'form.firsturl'} ne '') {
$dest = $env{'form.firsturl'};
}
+ my %info = (
+ balcookie => $lonhost.':'.$balancer_cookie,
+ );
+ my $balancer_token = &Apache::lonnet::tmpput(\%info,$found_server);
+ if ($balancer_token) {
+ $dest .= (($dest=~/\?/)?'&;':'?') . 'btoken='.$balancer_token;
+ }
my $url = $protocol.'://'.$hostname.$dest;
my $start_page =
&Apache::loncommon::start_page('Switching Server ...',undef,
@@ -131,6 +139,19 @@
}
#
+# Check if a LON-CAPA load balancer sent user here because user's browser sent
+# it a balancer cookie for an active session on this server.
+#
+
+ my $balcookie;
+ if ($env{'form.btoken'}) {
+ my %info = &Apache::lonnet::tmpget($env{'form.btoken'});
+ $balcookie = $info{'balcookie'};
+ &Apache::lonnet::tmpdel($env{'form.btoken'});
+ delete($env{'form.btoken'});
+ }
+
+#
# If browser sent an old cookie for which the session file had been removed
# check if configuration for user's domain has a portal URL set. If so
# switch user's log-in to the portal.
@@ -156,7 +177,7 @@
&Apache::loncommon::end_page();
my $dest = '/adm/roles';
if ($env{'form.firsturl'} ne '') {
- $dest = $env{'form.firsturl'};
+ $dest = $env{'form.firsturl'};
}
$r->print(
$start_page
@@ -194,12 +215,11 @@
my $iconpath=
&Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL'));
- my $lonhost = $r->dir_config('lonHostID');
my $domain = &Apache::lonnet::default_login_domain();
my $defdom = $domain;
if ($lonhost ne '') {
unless ($sessiondata{'sessionserver'}) {
- my $redirect = &check_loginvia($domain,$lonhost);
+ my $redirect = &check_loginvia($domain,$lonhost,$lonidsdir,$balcookie);
if ($redirect) {
$r->print($redirect);
return OK;
@@ -707,8 +727,8 @@
}
sub check_loginvia {
- my ($domain,$lonhost) = @_;
- if ($domain eq '' || $lonhost eq '') {
+ my ($domain,$lonhost,$lonidsdir,$balcookie) = @_;
+ if ($domain eq '' || $lonhost eq '' || $lonidsdir eq '') {
return;
}
my %domconfhash = &Apache::loncommon::get_domainconf($domain);
@@ -737,6 +757,36 @@
}
if ($newhost ne $lonhost) {
if (&Apache::lonnet::hostname($newhost) ne '') {
+ if ($balcookie) {
+ my ($balancer,$cookie) = split(/:/,$balcookie);
+ if ($cookie =~ /^($match_domain)_($match_username)_([a-f0-9]+)$/) {
+ my ($udom,$uname,$cookieid) = ($1,$2,$3);
+ unless (&Apache::lonnet::delbalcookie($cookie,$balancer) eq 'ok') {
+ if ((-d $lonidsdir) && (opendir(my $dh,$lonidsdir))) {
+ while (my $filename=readdir($dh)) {
+ if ($filename=~/^(\Q$uname\E_\d+_\Q$udom\E_$match_lonid)\.id$/) {
+ my $handle = $1;
+ my %hash =
+ &Apache::lonnet::get_sessionfile_vars($handle,$lonidsdir,
+ ['request.balancercookie',
+ 'user.linkedenv']);
+ if ($hash{'request.balancercookie'} eq "$balancer:$cookieid") {
+ if (unlink("$lonidsdir/$filename")) {
+ if (($hash{'user.linkedenv'} =~ /^[a-f0-9]+_linked$/) &&
+ (-l "$lonidsdir/$hash{'user.linkedenv'}.id") &&
+ (readlink("$lonidsdir/$hash{'user.linkedenv'}.id") eq "$lonidsdir/$filename")) {
+ unlink("$lonidsdir/$hash{'user.linkedenv'}.id");
+ }
+ }
+ }
+ last;
+ }
+ }
+ closedir($dh);
+ }
+ }
+ }
+ }
$output = &redirect_page($newhost,$path);
}
}
Index: loncom/lonnet/perl/lonnet.pm
diff -u loncom/lonnet/perl/lonnet.pm:1.1391 loncom/lonnet/perl/lonnet.pm:1.1392
--- loncom/lonnet/perl/lonnet.pm:1.1391 Wed Nov 28 05:05:36 2018
+++ loncom/lonnet/perl/lonnet.pm Wed Dec 5 03:29:11 2018
@@ -1,7 +1,7 @@
# The LearningOnline Network
# TCP networking package
#
-# $Id: lonnet.pm,v 1.1391 2018/11/28 05:05:36 raeburn Exp $
+# $Id: lonnet.pm,v 1.1392 2018/12/05 03:29:11 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -747,6 +747,37 @@
}
}
+sub get_sessionfile_vars {
+ my ($handle,$lonidsdir,$storearr) = @_;
+ my %returnhash;
+ unless (ref($storearr) eq 'ARRAY') {
+ return %returnhash;
+ }
+ if (-l "$lonidsdir/$handle.id") {
+ my $link = readlink("$lonidsdir/$handle.id");
+ if ((-e $link) && ($link =~ m{^\Q$lonidsdir\E/(.+)\.id$})) {
+ $handle = $1;
+ }
+ }
+ if ((-e "$lonidsdir/$handle.id") &&
+ ($handle =~ /^($match_username)\_\d+\_($match_domain)\_(.+)$/)) {
+ my ($possuname,$possudom,$possuhome) = ($1,$2,$3);
+ if ((&domain($possudom) ne '') && (&homeserver($possuname,$possudom) eq $possuhome)) {
+ if (open(my $idf,'+<',"$lonidsdir/$handle.id")) {
+ flock($idf,LOCK_SH);
+ if (tie(my %disk_env,'GDBM_File',"$lonidsdir/$handle.id",
+ &GDBM_READER(),0640)) {
+ foreach my $item (@{$storearr}) {
+ $returnhash{$item} = $disk_env{$item};
+ }
+ untie(%disk_env);
+ }
+ }
+ }
+ }
+ return %returnhash;
+}
+
# ---------------------------------------------------------- Append Environment
sub appenv {
More information about the LON-CAPA-cvs
mailing list