[LON-CAPA-cvs] cvs: loncom /lti ltiauth.pm

raeburn raeburn at source.lon-capa.org
Tue Jul 12 18:55:46 EDT 2022


raeburn		Tue Jul 12 22:55:46 2022 EDT

  Modified files:              
    /loncom/lti	ltiauth.pm 
  Log:
  - On a balancer node, if LON-CAPA is an LTI Provider or if deep link access
    with LTI mediated link protection is in use, check for balancer cookie
    after credentials in LTI payload validated.
  
  
Index: loncom/lti/ltiauth.pm
diff -u loncom/lti/ltiauth.pm:1.39 loncom/lti/ltiauth.pm:1.40
--- loncom/lti/ltiauth.pm:1.39	Thu Jun 30 21:04:14 2022
+++ loncom/lti/ltiauth.pm	Tue Jul 12 22:55:46 2022
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Basic LTI Authentication Module
 #
-# $Id: ltiauth.pm,v 1.39 2022/06/30 21:04:14 raeburn Exp $
+# $Id: ltiauth.pm,v 1.40 2022/07/12 22:55:46 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -1126,6 +1126,11 @@
     ($is_balancer,$otherserver) =
         &Apache::lonnet::check_loadbalancing($uname,$udom,'login');
     if ($is_balancer) {
+        # Check if browser sent a LON-CAPA load balancer cookie (and this is a balancer)
+        my ($found_server,$balancer_cookie) = &Apache::lonnet::check_for_balancer_cookie($r);
+        if (($found_server) && ($balancer_cookie =~ /^\Q$udom\E_\Q$uname\E_/)) {
+            $otherserver = $found_server;
+        }
         if ($otherserver eq '') {
             my $lowest_load;
             ($otherserver,undef,undef,undef,$lowest_load) = &Apache::lonnet::choose_server($udom);




More information about the LON-CAPA-cvs mailing list