Forum LAMS for Tech-Heads - General Forum: Re: Re: Integration - Single sign on questions

Back to LAMS for Tech-Heads - General Forum
	Search:

	3: Re: Re: Integration - Single sign on questions By: Ernie Ghiglione	In response to 2	11/15/05 08:47 PM	[ Reply \| Forward ]
Hi Scott, Thanks for posting this second message, now I think I understand this a bit clearer. Ok, before I get into this directly, here's a bit more overall info on how the Moodle/Sakai/Blackboard/etc integrations work with Moodle. For all the integrated packages, you can see that we have created a module within the LMS that we trying to integrate. So you have a LAMS Module within Sakai, Moodle and Blackboard that we have developed. These modules basically do a few things: 1.- Work as liason between the LMS and LAMS 2.- Call the LAMS webservices to get information about sequences and classes 3.- Provide interface for LAMS Monitor and Authoring 4.- Provide the authentication for LAMS (using a hash generated on-the-fly) 5.- Provide an interface for LAMS to get basic information about users (username, first name and last name) 6.- probably some other things that I can't think of now. The first thing that you do when you want to integration LAMS and Moodle is download the LAMS Moodle Module and add it to your existing (or new) Moodle installation following the instructions. Also, you need to add the an entry to the LAMS database (on the LAMS side) following these instructions. So once these two systems have all the info about each other, then the fun begins. For the sake of simplicity let's use a Moodle-LAMS example. When a Moodle students logs in into Moodle, and wants to access a LAMS sequence, the rendering of the URL to LAMS sequencing is done dynamically. In the URL, LAMS appends a whole lot of information: http://lamsmoodle.melcoe.mq.edu.au/lams//LoginRequest?uid=ernieg&method=learner&ts=November+16%2C2005+12%3A36+pm&sid=elche&hash=92b9e16e510b16b8f9d5d78f7541c38a8eff5656&lsid=1275&course_id=14 The uid is the user_id in Moodle. The method is the module you are about to acces in LAMS (it is different depending of Monitor, Authoring, etc) The ts is a date The sid is the server_key (see the LAMS and Moodle installation instructions). The hash is what LAMS uses for authenticating the user and verifying that he/she is coming from the right place. (this is the single sign-on mechanism we use The course_id is the Moodle course_id When LAMS gets all these parameters, it first checks that the hash is correct. The hash is created adding a bunch of parameters and using the secret key that both parties (LAMS and Moodle) have. If the hash is not correct, then the user will get kicked out as LAMS will understand that the user is not coming for the Moodle instance but elsewhere. Once the hash is verified, then LAMS does the authentication and basically accepts the user request. But now LAMS has to check whether this user does actually exists on its database. So it quickly searches the uid. If it exists, then let the user go straight to the sequence. If she doesn't, then LAMS queries the LAMS-Moodle module for the basic user info, so it can create a record for her in LAMS. Once it gets the data from Moodle, creates a record and adds the user to the LAMS class (which has a in one-to-one relation to the Moodle course). I hope that clarifies how the LMS integrations work. Ernie Posted by Ernie Ghiglione

	4: Re: Re: Re: Integration - Single sign on questions By: Scott Bradley	In response to 3	11/16/05 04:32 AM	[ Reply \| Forward ]
This looks great Enrie thanks, Apurva and I are still a bit unsure of the hash value and how to create it. -- "The hash is what LAMS uses for authenticating the user and verifying that he/she is coming from the right place. (this is the single sign-on mechanism we use" -- How do we construct the hash? We've tried generating our own and also looking at the Moodle integration code but its not very clear. -- from the moodle/lams code $plaintext = trim($datetime).trim($USER->username).trim ($CONSTANTS->author_method).trim($CFG->lams_serverid).trim($CFG->lams_serverkey); $hash = sha1(strtolower($plaintext)); It appears to be the concatenation of: the datetime, username, author method??(what is this?), the server id and the server key. Then the result is converted to lowercase and the sha hash function performed on it. Most of the values appear to be ok, the one that doesn't make sense is the author_method. Thanks for you quick response, Scott. Posted by Scott Bradley

	5: Re: Re: Re: Re: Integration - Single sign on questions By: Scott Bradley	In response to 4	11/16/05 04:35 AM	[ Reply \| Forward ]
Also, Do we need to apply for the server key and the server id? In the Moodle configuration file it appears like we have to apply for them. Is this correct? $string['serverid'] = 'Enter the server ID received from LAMS international.'; $string['serverkey'] = 'Enter the server key received from LAMS international.'; s. Posted by Scott Bradley

	6: Re: Re: Re: Re: Re: Integration - Single sign on questions By: Jun-Dir Liew	In response to 5	11/16/05 07:06 PM	[ Reply \| Forward ]
That must be a mistake from when the module was being tested, you don't need LI to give you an ID/key - feel free to use whatever suits you. It just needs to match the ID/key stored in LAMS' external server table. Also, the author_method in the hash is referring to whether that particular hash is for author/monitor/learner, in this case author. Maybe someone else could shed some light on why this is. Posted by Jun-Dir Liew

	7: Re: Re: Re: Re: Integration - Single sign on questions By: Ernie Ghiglione	In response to 4	11/17/05 01:32 AM	[ Reply \| Forward ]
> author method??(what is this?) As Jun-Dir mentions, it is actually a string containing "author" "monitor" or "learner" according to the module you are about to access in LAMS. Posted by Ernie Ghiglione

Reply to first post on this page

Back to LAMS for Tech-Heads - General Forum