--- loncom/auth/lonwebdavauth.pm	2015/05/29 18:42:01	1.3
+++ loncom/auth/lonwebdavauth.pm	2015/05/30 00:11:04	1.5
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Authentication Handler for webDAV access to Authoring Space.
 #
-# $Id: lonwebdavauth.pm,v 1.3 2015/05/29 18:42:01 raeburn Exp $
+# $Id: lonwebdavauth.pm,v 1.5 2015/05/30 00:11:04 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -57,11 +57,10 @@ The perlvar "lonDAVsessDir" in /etc/http
 provides the directory location: /home/httpd/webdav/sessionIDs.
 
 If the session is stale, or the cookie is missing or invalid, 
-the user is re-challenged for login information. If the perlvar
-lonOtherAuthen has been set, Single Sign On will be used, otherwise
-an Apache Basic Auth request will be sent to the client.
+the user is re-challenged for login information, by sending
+an Apache Basic Auth request to the client.
 
-If Apache Basic Auth is used, successful authentication will
+If Apache Basic Auth is successful authentication will
 result in creation of a webDAV session file containing a 
 minimal set of information about the user which will also be 
 loaded into the user's environment.  The environment persists
@@ -87,13 +86,8 @@ Check for valid webDAV session
 
 =item *
 
-No session? - if SSO enabled: return DECLINED
-
-=item *
-
-No session? - if SSO not enabled: return AUTH_REQUIRED
-which will prompt webDAV client to authenticate user 
-(via Apache Basic Auth).
+No session? return AUTH_REQUIRED which will prompt 
+webDAV client to authenticate user (via Apache Basic Auth). 
 
 =item *
 
@@ -179,26 +173,25 @@ sub handler {
         }
     }
 
-    if ($r->dir_config('lonOtherAuthen') eq 'yes') {
-        if (defined($r->dir_config('lonOtherAuthenType'))) {
-            $r->auth_type($r->dir_config('lonOtherAuthenType'));
-        }
-        return DECLINED;
-    }
-
     my ($status,$upass) = $r->get_basic_auth_pw;
     return $status unless ($status == 0 || $status == OK);
 
     if ($r->user =~ /,/) {
         ($uname,$udom) = split(/,/,$r->user);
+        $uname =~ s/^\s+//;
+        $uname =~ s/\s+$//;
+        $udom =~ s/^\s+//;
+        $udom =~ s/\s+$//;
         unless (($uname =~ /^$match_username$/) && ($udom =~ /^$match_domain$/)) {
             $r->note_basic_auth_failure;
             return AUTH_REQUIRED;
         }
     } else {
         $uname = $r->user;
+        $uname =~ s/^\s+//;
+        $uname =~ s/\s+$//;
         ($udom) = ($r->uri =~ m{^/webdav/($match_domain)/});
-        unless (($udom ne '' ) && ($uname =~ /^$match_username$/)) {
+        unless (($udom ne '' ) && ($uname =~ /^$match_username$/) && ($upass ne '')) {
             $r->note_basic_auth_failure;
             return AUTH_REQUIRED;
         }