[LON-CAPA-cvs] cvs: loncom /auth lonacc.pm lonauth.pm
albertel
lon-capa-cvs@mail.lon-capa.org
Wed, 30 Aug 2006 16:50:24 -0000
albertel Wed Aug 30 12:50:24 2006 EDT
Modified files:
/loncom/auth lonacc.pm lonauth.pm
Log:
- optimizing the login for users (fewer redirects occur) also if the user
is going to be load balanced don't fire the remote up on the initial
server
Index: loncom/auth/lonacc.pm
diff -u loncom/auth/lonacc.pm:1.93 loncom/auth/lonacc.pm:1.94
--- loncom/auth/lonacc.pm:1.93 Tue Aug 29 16:04:41 2006
+++ loncom/auth/lonacc.pm Wed Aug 30 12:50:23 2006
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Cookie Based Access Handler
#
-# $Id: lonacc.pm,v 1.93 2006/08/29 20:04:41 albertel Exp $
+# $Id: lonacc.pm,v 1.94 2006/08/30 16:50:23 albertel Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -137,6 +137,53 @@
$r->headers_in->unset('Content-length');
}
+# handle the case of the single sign on user, at this point $r->user
+# will be set and valid now need to find the loncapa user info and possibly
+# balance them
+# returns OK if it was a SSO and user was handled
+# undef if not SSO or no means to hanle the user
+sub sso_login {
+ my ($r,$lonid,$handle) = @_;
+
+ my $lonidsdir=$r->dir_config('lonIDsDir');
+ if (!($r->user
+ && (!defined($env{'user.name'}) && !defined($env{'user.domain'}))
+ && (!$lonid || !-e "$lonidsdir/$handle.id" || $handle eq ''))) {
+ # not an SSO case or already logged in
+ return undef;
+ }
+
+ my $domain = $r->dir_config('lonDefDomain');
+ my $home=&Apache::lonnet::homeserver($r->user,$domain);
+ if ($home !~ /(con_lost|no_host|no_such_host)/) {
+ if ($r->dir_config("lonBalancer") eq 'yes') {
+ # login but immeaditly go to switch server to find us a new
+ # machine
+ &Apache::lonauth::success($r,$r->user,$domain,$home,'noredirect');
+ $r->internal_redirect('/adm/switchserver');
+ } else {
+ # need to login them in, so generate the need data that
+ # migrate expects to do login
+ my %info=('ip' => $r->connection->remote_ip(),
+ 'domain' => $domain,
+ 'username' => $r->user,
+ 'server' => $r->dir_config('lonHostID'),
+ 'sso.login' => 1
+ );
+ my $token =
+ &Apache::lonnet::tmpput(\%info,
+ $r->dir_config('lonHostID'));
+ $env{'form.token'} = $token;
+ $r->internal_redirect('/adm/migrateuser');
+ }
+ return OK;
+ } elsif (defined($r->dir_config('lonSSOUserUnkownRedirect'))) {
+ $r->internal_redirect($r->dir_config('lonSSOUserUnkownRedirect'));
+ return OK;
+ }
+ return undef;
+}
+
sub handler {
my $r = shift;
my $requrl=$r->uri;
@@ -151,32 +198,11 @@
$handle=~s/\W//g;
}
- my ($sso_login);
- if ($r->user
- #&& $r->user ne 'lonadm'
- && (!$lonid || !-e "$lonidsdir/$handle.id" || $handle eq '') ) {
- &Apache::lonnet::logthis("$handle and -e ".(-e "$lonidsdir/$handle.id"));
-
- my $domain = $r->dir_config('lonDefDomain');
- my $home=&Apache::lonnet::homeserver($r->user,$domain);
- if ($home !~ /(con_lost|no_host|no_such_host)/) {
- my %info=('ip' => $r->connection->remote_ip(),
- 'domain' => $domain,
- 'username' => $r->user,
- 'server' => $r->dir_config('lonHostID'),
- 'sso.login' => 1
- );
- my $token = &Apache::lonnet::tmpput(\%info,
- $r->dir_config('lonHostID'));
- $env{'form.token'} = $token;
- $r->internal_redirect('/adm/migrateuser');
- return OK;
- } elsif (defined($r->dir_config('lonSSOUserUnkownRedirect'))) {
- $r->internal_redirect($r->dir_config('lonSSOUserUnkownRedirect'));
- return OK;
- }
+ if (my $result = &sso_login($r,$lonid,$handle)) {
+ return $result
}
+
if ($r->dir_config("lonBalancer") eq 'yes') {
$r->set_handlers('PerlResponseHandler'=>
[\&Apache::switchserver::handler]);
Index: loncom/auth/lonauth.pm
diff -u loncom/auth/lonauth.pm:1.80 loncom/auth/lonauth.pm:1.81
--- loncom/auth/lonauth.pm:1.80 Tue Jun 27 10:09:46 2006
+++ loncom/auth/lonauth.pm Wed Aug 30 12:50:23 2006
@@ -1,7 +1,7 @@
# The LearningOnline Network
# User Authentication Module
#
-# $Id: lonauth.pm,v 1.80 2006/06/27 14:09:46 albertel Exp $
+# $Id: lonauth.pm,v 1.81 2006/08/30 16:50:23 albertel Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -170,6 +170,7 @@
}
}
+ $env{'user.environment'} = "$lonids/$cookie.id";
open(my $idf,">$lonids/$cookie.id");
unless (flock($idf,LOCK_EX)) {
&Apache::lonnet::logthis("<font color=blue>WARNING: ".
@@ -178,18 +179,10 @@
return 'error: '.$!;
}
- while (my ($key,$value) = each(%initial_env)) {
- print $idf (&escape($key).'='.&escape($value)."\n");
- }
- while (my ($key,$value) = each(%userenv)) {
- print $idf (&escape('environment.'.$key).'='.&escape($value)."\n");
- }
- while (my ($key,$value) = each(%{$userroles})) {
- print $idf (&escape($key).'='.&escape($value)."\n");
- }
- while (my ($key,$value) = each(%{$extra_env})) {
- print $idf (&escape($key).'='.&escape($value)."\n");
- }
+ &add_to_env($idf,\%initial_env);
+ &add_to_env($idf,\%userenv);
+ &add_to_env($idf,$userroles);
+ &add_to_env($idf,$extra_env);
close($idf);
}
$env{'request.role'}='cm';
@@ -256,6 +249,14 @@
ENDSUCCESS
}
+sub add_to_env {
+ my ($idf,$env_data) = @_;
+ @env{keys(%$env_data)} = @$env_data{keys(%$env_data)};
+ while (my ($key,$value) = each(%$env_data)) {
+ print $idf (&escape($key).'='.&escape($value)."\n");
+ }
+}
+
# --------------------------------------------------------------- Failed login!
sub failed {
@@ -449,7 +450,12 @@
&Apache::lonnet::logthis('Non-privileged user attempting switch user');
}
}
- &success($r,$FORM{'uname'},$FORM{'udom'},$authhost,$firsturl);
+ if ($r->dir_config("lonBalancer") eq 'yes') {
+ &success($r,$FORM{'uname'},$FORM{'udom'},$authhost,'noredirect');
+ $r->internal_redirect('/adm/switchserver');
+ } else {
+ &success($r,$FORM{'uname'},$FORM{'udom'},$authhost,$firsturl);
+ }
return OK;
}