--- loncom/auth/lonwebdavauth.pm 2012/06/01 11:39:29 1.2 +++ loncom/auth/lonwebdavauth.pm 2015/05/29 20:00:49 1.4 @@ -1,7 +1,7 @@ # The LearningOnline Network # Authentication Handler for webDAV access to Authoring Space. # -# $Id: lonwebdavauth.pm,v 1.2 2012/06/01 11:39:29 raeburn Exp $ +# $Id: lonwebdavauth.pm,v 1.4 2015/05/29 20:00:49 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -32,7 +32,7 @@ Apache::lonwebdavauth - webDAV Authentic =head1 SYNOPSIS -Invoked for /+webdav/[\w\-]+/[\w\-]+/ by +Invoked for ^/+webdav/[\w\-.]+/\w[\w.\-\@]+/ by /etc/httpd/conf/loncapa_apache.conf: PerlAuthenHandler Apache::lonwebdavauth @@ -57,11 +57,10 @@ The perlvar "lonDAVsessDir" in /etc/http provides the directory location: /home/httpd/webdav/sessionIDs. If the session is stale, or the cookie is missing or invalid, -the user is re-challenged for login information. If the perlvar -lonOtherAuthen has been set, Single Sign On will be used, otherwise -an Apache Basic Auth request will be sent to the client. +the user is re-challenged for login information, by sending +an Apache Basic Auth request to the client. -If Apache Basic Auth is used, successful authentication will +If Apache Basic Auth is successful authentication will result in creation of a webDAV session file containing a minimal set of information about the user which will also be loaded into the user's environment. The environment persists @@ -87,13 +86,8 @@ Check for valid webDAV session =item * -No session? - if SSO enabled: return DECLINED - -=item * - -No session? - if SSO not enabled: return AUTH_REQUIRED -which will prompt webDAV client to authenticate user -(via Apache Basic Auth). +No session? return AUTH_REQUIRED which will prompt +webDAV client to authenticate user (via Apache Basic Auth). =item * @@ -179,13 +173,6 @@ sub handler { } } - if ($r->dir_config('lonOtherAuthen') eq 'yes') { - if (defined($r->dir_config('lonOtherAuthenType'))) { - $r->auth_type($r->dir_config('lonOtherAuthenType')); - } - return DECLINED; - } - my ($status,$upass) = $r->get_basic_auth_pw; return $status unless ($status == 0 || $status == OK); @@ -198,7 +185,7 @@ sub handler { } else { $uname = $r->user; ($udom) = ($r->uri =~ m{^/webdav/($match_domain)/}); - unless (($udom ne '' ) && ($uname =~ /^$match_username$/)) { + unless (($udom ne '' ) && ($uname =~ /^$match_username$/) && ($upass ne '')) { $r->note_basic_auth_failure; return AUTH_REQUIRED; } @@ -208,8 +195,9 @@ sub handler { my $uhome = &Apache::lonnet::authenticate($uname,$upass,$udom); if (($uhome ne 'no_host') && (&Apache::lonnet::hostname($uhome) ne '')) { - $handle = &init_webdav_env($sessiondir,$uname,$udom, - $uhome,$now,$timetolive); + my ($author) = ($r->uri =~ m{^/webdav/($match_domain/$match_username)/}); + $handle = &init_webdav_env($r,$sessiondir,$uname,$udom, + $uhome,$now,$timetolive,$author); if ($handle ne '') { if (&Apache::lonnet::usertools_access($uname,$udom,'webdav')) { my $cookie = "lonDAV=$handle; path=/webdav/; secure; HttpOnly;"; @@ -228,7 +216,7 @@ sub handler { } sub init_webdav_env { - my ($sessiondir,$uname,$udom,$uhome,$now,$timetolive) = @_; + my ($r,$sessiondir,$uname,$udom,$uhome,$now,$timetolive,$author) = @_; my $handle; my $currnewest = 0; if ($sessiondir ne '') { @@ -297,6 +285,13 @@ sub init_webdav_env { \%userenv,\%domdef,\%is_adv); @env{keys(%disk_env)} = @disk_env{keys(%disk_env)}; untie(%disk_env); + my $ip; + my $c = $r->connection; + if (ref($c)) { + $ip = $c->remote_ip; + } + &Apache::lonnet::log($udom,$uname,$uhome, + "Login webdav/$author $ip"); } return $handle; }