[system] / branches / rel-2-4-patches / webwork-modperl / lib / Apache / AuthenWeBWorK.pm Repository:
ViewVC logotype

View of /branches/rel-2-4-patches/webwork-modperl/lib/Apache/AuthenWeBWorK.pm

Parent Directory Parent Directory | Revision Log Revision Log

Revision 5734 - (download) (as text) (annotate)
Tue Jun 24 00:44:59 2008 UTC (4 years, 10 months ago)
File size: 4532 byte(s) 
This commit was manufactured by cvs2svn to create branch 'rel-2-4-patches'.
    1 ################################################################################
    2 # WeBWorK Online Homework Delivery System
    3 # Copyright © 2000-2007 The WeBWorK Project, http://openwebwork.sf.net/
    4 # $CVSHeader: webwork2/lib/Apache/AuthenWeBWorK.pm,v 1.2 2006/06/28 16:19:57 sh002i Exp $
    5 #
    6 # This program is free software; you can redistribute it and/or modify it under
    7 # the terms of either: (a) the GNU General Public License as published by the
    8 # Free Software Foundation; either version 2, or (at your option) any later
    9 # version, or (b) the "Artistic License" which comes with this package.
   10 #
   11 # This program is distributed in the hope that it will be useful, but WITHOUT
   12 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
   13 # FOR A PARTICULAR PURPOSE.  See either the GNU General Public License or the
   14 # Artistic License for more details.
   15 ################################################################################
   16 
   17 package Apache::AuthenWeBWorK;
   18 
   19 =head1 NAME
   20 
   21 Apache::AuthenWeBWorK - Authenticate against WeBWorK::Authen framework.
   22 
   23 =head1 CONFIGURATION
   24 
   25  PerlSetVar authen_webwork_root /path/to/webwork2
   26  PerlSetVar authen_webwork_course "some-course-id"
   27  PerlSetVar authen_webwork_module "WeBWorK::Authen::something"
   28 
   29 =cut
   30 
   31 use strict;
   32 use warnings;
   33 use Apache::Constants qw(:common);
   34 
   35 use WeBWorK::Debug;
   36 use WeBWorK::Request;
   37 use WeBWorK::ContentGenerator;
   38 use WeBWorK::DB;
   39 use WeBWorK::Authz;
   40 use WeBWorK::Utils qw/runtime_use/;
   41 
   42 ################################################################################
   43 
   44 =head1 APACHE AUTHEN HANDLER
   45 
   46 =over
   47 
   48 =item handler($r)
   49 
   50 =cut
   51 
   52 sub handler($) {
   53   my ($apache) = @_;
   54   my $r = new WeBWorK::Request($apache);
   55 
   56   my ($res, $sent_pw) = $r->get_basic_auth_pw;
   57   return $res unless $res == OK;
   58 
   59   my $webwork_root = $r->dir_config('authen_webwork_root');
   60   my $webwork_course = $r->dir_config('authen_webwork_course');
   61 
   62   return fail($r, "authen_webwork_root not set")
   63     unless defined $webwork_root and $webwork_root ne "";
   64   return fail($r, "authen_webwork_course not set")
   65     unless defined $webwork_course and $webwork_course ne "";
   66 
   67   # FIXME most of this build-up code is yoinked from lib/WeBWorK.pm
   68   # needs to be factored out somehow
   69   # (for example, the authen module selection code probably belongs in a factory)
   70 
   71   my $ce = eval { new WeBWorK::CourseEnvironment({
   72     webwork_dir => $webwork_root,
   73     courseName => $webwork_course,
   74   }) };
   75   $@ and return fail($r, "failed to initialize the course environment: $@");
   76   $r->ce($ce);
   77 
   78   my $authz = new WeBWorK::Authz($r);
   79   $r->authz($authz);
   80 
   81   # figure out which authentication module to use
   82   my $user_authen_module;
   83   my $proctor_authen_module;
   84   if (ref $ce->{authen}{user_module} eq "HASH") {
   85     if (exists $ce->{authen}{user_module}{$ce->{dbLayoutName}}) {
   86       $user_authen_module = $ce->{authen}{user_module}{$ce->{dbLayoutName}};
   87     } else {
   88       $user_authen_module = $ce->{authen}{user_module}{"*"};
   89     }
   90   } else {
   91     $user_authen_module = $ce->{authen}{user_module};
   92   }
   93 
   94   runtime_use $user_authen_module;
   95   my $authen = $user_authen_module->new($r);
   96   $r->authen($authen);
   97 
   98   my $db = new WeBWorK::DB($ce->{dbLayout});
   99   $r->db($db);
  100 
  101   # now, here's the problem... WeBWorK::Authen looks at $r->params directly, whereas we
  102   # need to look at $user and $sent_pw. this is a perfect opportunity for a mixin, i think.
  103   my $authenOK;
  104   {
  105     no warnings 'redefine';
  106     local *WeBWorK::Authen::get_credentials   = \&Authen::WeBWorK::HTTPBasic::get_credentials;
  107     local *WeBWorK::Authen::maybe_send_cookie = \&Authen::WeBWorK::HTTPBasic::noop;
  108     local *WeBWorK::Authen::maybe_kill_cookie = \&Authen::WeBWorK::HTTPBasic::noop;
  109     local *WeBWorK::Authen::set_params        = \&Authen::WeBWorK::HTTPBasic::noop;
  110 
  111     $authenOK = $authen->verify;
  112   }
  113 
  114 
  115   debug("verify said: '$authenOK'");
  116 
  117   if ($authenOK) {
  118     debug("this will work!!!");
  119     return OK;
  120   } else {
  121     return AUTH_REQUIRED;
  122   }
  123 }
  124 
  125 sub fail {
  126   my ($r, $msg) = @_;
  127     $r->note_basic_auth_failure;
  128     $r->log_reason($msg, $r->filename);
  129     return AUTH_REQUIRED;
  130 }
  131 
  132 =back
  133 
  134 =cut
  135 
  136 package Authen::WeBWorK::HTTPBasic;
  137 
  138 use strict;
  139 use warnings;
  140 use Apache::Constants qw(:common);
  141 use WeBWorK::Debug;
  142 
  143 sub get_credentials {
  144   my ($self) = @_;
  145   my $r = $self->{r};
  146 
  147   my ($res, $sent_pw) = $r->get_basic_auth_pw;
  148   return unless $res == OK;
  149   my $user_id = $r->connection->user;
  150 
  151   if (defined $r->connection->user) {
  152     $self->{user_id} = $r->connection->user;
  153     $self->{password} = $sent_pw;
  154     $self->{credential_source} = "http_basic";
  155     return 1;
  156   }
  157 }
  158 
  159 sub noop {}
  160 
  161 1;
aubreyja at gmail dot com
 ViewVC Help
Powered by ViewVC 1.0.9