--- loncom/auth/lontokacc.pm	2002/07/27 19:06:41	1.2
+++ loncom/auth/lontokacc.pm	2002/07/31 15:23:55	1.3
@@ -2,7 +2,7 @@
 # Low security Access Handler for Token-based access 
 # (clearance given by other loncapa host)
 #
-# $Id: lontokacc.pm,v 1.2 2002/07/27 19:06:41 www Exp $
+# $Id: lontokacc.pm,v 1.3 2002/07/31 15:23:55 www Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -36,18 +36,20 @@ use Apache::loncommon();
 
 sub handler {
     my $r = shift;
-    &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},
-                                            ['token','server']);
+    my $query=$r->args;
+    &Apache::loncommon::get_unprocessed_cgi($query,['token','server']);
     my $tmpinfo='no_token';
     if (($ENV{'form.token'}) || ($ENV{'form.server'})) {
         $tmpinfo=&Apache::lonnet::unescape(
                    &Apache::lonnet::reply('tmpget:'.$ENV{'form.token'},
                                                     $ENV{'form.server'}));
-        if ($tmpinfo eq $r->uri) {
+        chomp($tmpinfo);
+        my $uri=$r->uri;
+        if ($tmpinfo=~/$uri$/) {
 	   return OK;
         }
     }
-    $r->log_reason("Invalid token-based access ".$r->uri.' '.$tmpinfo,
+    $r->log_reason("Invalid token-based access:".$r->uri.' for '.$tmpinfo.'.',
         $r->filename); 
     return FORBIDDEN;
 }