[system] / branches / rel-2-4-dev / webwork-modperl / lib / WeBWorK / Authen Repository:
ViewVC logotype

Log of /branches/rel-2-4-dev/webwork-modperl/lib/WeBWorK/Authen

View Directory Listing Directory Listing

Sticky Revision:
Revision 5318 - Directory Listing
Modified Mon Aug 13 22:53:51 2007 UTC (5 years, 9 months ago) by sh002i 
updated copyright dates
Revision 5243 - Directory Listing
Modified Tue Aug 7 22:35:14 2007 UTC (5 years, 9 months ago) by 
This commit was manufactured by cvs2svn to create branch 'rel-2-4-dev'.
Revision 4923 - Directory Listing
Modified Wed Apr 4 15:06:01 2007 UTC (6 years, 1 month ago) by glarose
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
Add set-level proctor login password for proctored gateway/quiz
assignments, improve handling of proctor keys and permissions for
proctored assignments, bug fixes for recently added features.

This commit
 - adds the ability to specify a set-level proctor for proctored
   gateway/quiz assignments.  this is done by adding a proctor with
   a username "set_id:setName", where "setName" is the name of the
   set, adding a "restricted_login_proctor" field to the set tables
   in the database, and allowing Authen::Proctor and
   ContentGenerator::LoginProctor to appropriately deal with this
   possibility.
 - updates proctor permissions and status in global.conf.dist,
   changing the old "proctor_quiz" permission level (3) into two
   levels, "proctor_quiz_login" and "proctor_quiz_grade".
   wwdb_upgrade includes a stanza to make this change to proctors
   that already exist in courses.
 - adds a "Proctor" status in %statuses in global.conf, with no
   valid behaviors.  this allows the creation of proctor users
   in a course who have the permissionLevel to login (and thus
   proctor), but not to access the course.
 - improves GatewayQuiz explanatory messages when scores or work
   are hidden.
 - improves GatewayQuiz proctor key management, especially for
   tests with more than one allowed attempt.  this includes
   adding a deleteAllProctorKeys() method to DB.pm.
 - updates Instructor Tools, UserList.pm and ProblemSetDetail
   to deal with set-level proctoring.  c.f. the note below about
   the ramifications of these changes.
 - updates ProblemSetList to deal with new problem set fields
   set_locations and set-level proctors that are located in a
   different database table than the set data.
 - fixes bugs in UserList and ProblemSetDetail dealing with the
   setting of hide_score, hide_score_by_problem, and
   time_limit_cap.

This update hides set-level proctor users from the classlist
editor (UserList.pm) and instructor tools (Index.pm) interfaces.
They can be created, modified, and deleted at the homework sets
editor page (ProblemSetDetail.pm) only, and there only implicitly:
we never indicate that a user is being created or modified behind
the screen.
Revision 4905 - Directory Listing
Modified Tue Mar 27 17:06:04 2007 UTC (6 years, 1 month ago) by glarose
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
Fix bug in site_check call.
Revision 4894 - Directory Listing
Modified Thu Mar 22 13:50:07 2007 UTC (6 years, 2 months ago) by glarose
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
Added authentication mechanism Cosign.pm.  This implements WeBWorK
authentication using cosign[1], an open-source single sign-on system
developed at the University of Michigan.  This should be a reasonable
model for other modules implementing external, directory or location
based, authentication for WeBWorK.

To use cosign authentication for WeBWorK, set $authen{user_module} in
global.conf to WeBWorK::Authen::Cosign, and then configure apache to
require cosign authentication to enter WeBWorK courses.  If $cosignoff
is set to a true value in the course environment, standard WeBWorK
authentication is used for that course.

Note that cosign is a cookie-based authentication system.  This means
that it is between very hard and impossible to authenticate multiple
users on the same computer/web browser at the same time.  Thus it is
not possible to have both $authen{user_module} and $authen{proctor_module}
set to Cosign at the same time.

Implementation:
  Cosign.pm inherits from Authen.pm.  It redefines get_credentials to
force password authentication, and then assumes password checks succeed.
Because cosign is a Location/Directory based apache authentication
system, by the time the user gets to the Authen module we know that she
has successfully authenticated against cosign.  We also modify the
forget_verification method to return a redirect to the course environment
variable $cosign_logout_script.

 [1] <http://www.umich.edu/~umweb/software/cosign/>
Revision 4781 - Directory Listing
Modified Wed Feb 14 19:08:46 2007 UTC (6 years, 3 months ago) by gage
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
Added warning message when moodle session is not found.
Revision 4753 - Directory Listing
Modified Fri Jan 19 16:20:59 2007 UTC (6 years, 4 months ago) by sh002i
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
the parameter is called moodle17, not moodle_version
Revision 4740 - Directory Listing
Modified Mon Jan 8 20:35:58 2007 UTC (6 years, 4 months ago) by sh002i
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
Preliminary Moodle 1.7 support. There is still some work to do on this,
but I think it belongs in MAIN now.
Revision 4683 - Directory Listing
Modified Tue Nov 28 22:29:38 2006 UTC (6 years, 5 months ago) by sh002i
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
fix moodle 1.5/6 session handling
Revision 4682 - Directory Listing
Modified Tue Nov 28 22:16:01 2006 UTC (6 years, 5 months ago) by sh002i
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
Moodle 1.7 compatibility: This is Mike's current work on Moodle 1.7
compatibility, cross-ported from rel-2-3-exp.

Changes from:
	lib/WeBWorK/Authen/Moodle.pm: 1.9 -> 1.9.2.2
	lib/WeBWorK/DB/Schema/NewSQL/Moodle.pm: 1.5 -> 1.5.4.1
Revision 4647 - Directory Listing
Modified Mon Nov 13 16:53:47 2006 UTC (6 years, 6 months ago) by sh002i
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
label proctor login_type with the user ID of the student
Revision 4646 - Directory Listing
Modified Mon Nov 13 16:48:39 2006 UTC (6 years, 6 months ago) by sh002i
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
improvements to Authen logging:
- add login_type field (normal, guest, proctor, proctor_grading)
- add initial_login field to control when success loggin occurs
- log password success/failure directly, but also log overall success or
  failure at end of verify()
- add log_error field to for overall failure message
- improve wording of some error messages
Revision 4579 - Directory Listing
Modified Thu Oct 19 17:35:25 2006 UTC (6 years, 7 months ago) by sh002i
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
move moodle session table access routines to Authen::Moodle.
Revision 4498 - Directory Listing
Modified Fri Sep 15 21:44:17 2006 UTC (6 years, 8 months ago) by sh002i
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
remove unused $db lexical
Revision 4486 - Directory Listing
Modified Mon Sep 11 20:34:41 2006 UTC (6 years, 8 months ago) by sh002i
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
add more erorr checking, get settings from global.conf.
Revision 4210 - Directory Listing
Modified Sat Jul 8 22:58:55 2006 UTC (6 years, 10 months ago) by gage
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
We don't need this debug statement, and it causes errors when the course is entered from outside moodle
Revision 4197 - Directory Listing
Modified Wed Jul 5 18:28:14 2006 UTC (6 years, 10 months ago) by sh002i
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
use WeBWorK::Cookie
Revision 4137 - Directory Listing
Modified Fri Jun 23 18:42:31 2006 UTC (6 years, 11 months ago) by gage
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
A bare bones method for verifying against and LDAP (in this case the LDAP at the U of R)
You will need to change the constants for use with another local LDAP.

this is not at all finished -- in particular there is no check to see if the user is enrolled
in a specific course.
Revision 4125 - Directory Listing
Modified Thu Jun 8 23:27:02 2006 UTC (6 years, 11 months ago) by sh002i
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
check for a valid moodle session when the webwork key matches an expired
session. this allows for seamless re-login when the webwork timeout is
shorter than the moodle timeout.
Revision 4102 - Directory Listing
Modified Thu May 25 03:08:50 2006 UTC (7 years ago) by gage
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
Replaced instance of fetch_moodle_cookie with fetch_moodle_session
Revision 4101 - Directory Listing
Modified Wed May 24 23:30:23 2006 UTC (7 years ago) by sh002i
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
almost totally works now
* fixed passwork checking (call to md5_hex was wrong)
* added debugging output
* renamed fetch_moodle_cookie to fetch_moodle_session
* commented out unused moodle_session_expired
Revision 4068 - Directory Listing
Modified Fri May 12 18:39:10 2006 UTC (7 years ago) by sh002i
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
some progress
Revision 4047 - Directory Listing
Modified Wed Apr 12 18:50:53 2006 UTC (7 years, 1 month ago) by sh002i
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
Beginnings of a Authen-subclass implementation of Moodle-cookie based
authentication.
Revision 4045 - Directory Listing
Added Wed Apr 12 18:50:11 2006 UTC (7 years, 1 month ago) by sh002i
Original Path: trunk/webwork-modperl/lib/WeBWorK/Authen 
New subclassable architecture. Should function identically to old
implementation (modulo bugs). verifyProctor has been replaced with an
Authen::Proctor subclass, which overrides several methods and consists
of about 30 real lines of code. Cool.
Sort log by:
aubreyja at gmail dot com
 ViewVC Help
Powered by ViewVC 1.0.9