I see two ways to use WeBWorKs LTI interface under this restriction:
1) Have one "preconfigured tool" for each WeBWorK course and disallow professors to configure other LTI tools. The disadvantage is that the Moodle administrators have to set them up individually and that they show up for all the Moodle users. This way some professors may accidentally add the predefined WeBWorK activities to their Moodle courses and students may accidentally enroll in these WeBWorK courses. This would be possible without any changed in WeBWorK, but we would like to avoid this.
2) One may have only one "preconfigured tool", which would contain a generic URL such as
and the LTI secret. We would like to pass the WeBWorK course name as a parameter to WeBWorK. These parameters can be different for each activity that uses this "predefined tool". This way professors would only need to provide their WeBWorK course name as a parameter for the preconfigured tool in Moodle. Moodle would then call WeBWorK using a URL such as
or pass the pair course=mycourse using a POST request (I do not know whether a GET or POST request is generated by Moodle). Is something like this already possible with WeBWorKs LTI interface? If not, what do you thing about such an implementation? It it feasible?
One might also want to restrict LTI access to the WeBWorK server on a per-course level to prevent WeBWorK courses being accessed from courses in the LMS that are not meant to access them. Currently it seems that the LTI secret is enough to access a WeBWorK server. So if you share the LTI secret with professor A who reads course A to set up an LTI connection in the LMS, he may as well set up a LTI connection to course B on the same WeBWorK server. Is there a way to prevent this? Would it be easy to add course specific passwords in WeBWorK to restrict the LTI access? Or could the LTI secret be defined on a per-course level?