UsingWW: Issues with LTI authentication after upgrade

We recently upgraded from a much older version of WW to the latest, version 2.19. Now our LTI authentication system isn't working properly. I set up a new course, copy over the assignments from previous semester, then add the professor. Then the professor goes into canvas, changes her new canvas assignments to the updated URL. She clicks on the URL to get in to Webwork, which is working fine, but when she hits set info to make edits to the WW set (like the assignment date range), it asks for her credentials and doesn't take them when she puts them in. Normally the system shouldn't ask for credentials if you click on a WW link through canvas, it authenticates.

We checked all the configuration settings we could think of. We also looked at the authentication cookie and can see that it has authenticated (see screenshot). I'm uploading my config folder (removing sensitive data). Any suggestions would be great.

We are running on Ubuntu 22.04.5 server.

conf.zip

Re: Issues with LTI authentication after upgrade

by Don Eisele - Tuesday, 14 January 2025, 1:00 PM

I work with Darin. The Debug log shows LTI:Advanced verification going on with subsequent page loads, where it's checking for oath/etc. Is this normal behavior?

[Tue Jan 14 17:44:07.16089 2025] (eval):

===> Begin WeBWorK::dispatch() <===

[Tue Jan 14 17:44:07.16449 2025] (eval): Hi, I'm the new dispatcher!

[Tue Jan 14 17:44:07.16563 2025] (eval): --------------------------------------------------------------------------------

[Tue Jan 14 17:44:07.16644 2025] (eval): Okay, I got some basic information:

[Tue Jan 14 17:44:07.16721 2025] (eval): The site location is /webwork2

[Tue Jan 14 17:44:07.16785 2025] (eval): The request method is POST

[Tue Jan 14 17:44:07.16981 2025] (eval): The URI is /webwork2/Math221s25/OL25

[Tue Jan 14 17:44:07.17152 2025] (eval): The argument string is oauth_consumer_key=webwork&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1736876645&oauth_nonce=vm3YcrEhGzm46WqKkkBBHdAdjBhx4lvDzL5AGMSc6g&oauth_version=1.0&context_id=d8aec218fbd775b40750feaabf4b1ba2563913d8&context_label=Calc+1&context_title=Calc+1+test+2025&custom_canvas_assignment_points_possible=0&custom_canvas_assignment_title=OL25&custom_canvas_enrollment_state=active&ext_ims_lis_basic_outcome_url=https%3A%2F%2Fk-state.instructure.com%2Fapi%2Flti%2Fv1%2Ftools%2F3001%2Fext_grade_passback&ext_lti_assignment_id=b763619f-689f-4887-b620-bea5c738ba25&ext_outcome_data_values_accepted=url%2Ctext&ext_outcome_result_total_score_accepted=true&ext_outcome_submission_needs_additional_review_accepted=true&ext_outcome_submission_prioritize_non_tool_grade_accepted=true&ext_outcome_submission_submitted_at_accepted=true&ext_outcomes_tool_placement_url=https%3A%2F%2Fk-state.instructure.com%2Fapi%2Flti%2Fv1%2Fturnitin%2Foutcomes_placement%2F3001&ext_roles=urn%3Alti%3Ainstrole%3Aims%2Flis%2FInstructor%2Curn%3Alti%3Ainstrole%3Aims%2Flis%2FStudent%2Curn%3Alti%3Arole%3Aims%2Flis%2FLearner%2Curn%3Alti%3Asysrole%3Aims%2Flis%2FUser&launch_presentation_document_target=iframe&launch_presentation_locale=en&launch_presentation_return_url=https%3A%2F%2Fk-state.instructure.com%2Fcourses%2F175719%2Fassignments&lis_outcome_service_url=https%3A%2F%2Fk-state.instructure.com%2Fapi%2Flti%2Fv1%2Ftools%2F3001%2Fgrade_passback&lis_person_contact_email_primary=eisele%40ksu.edu&lis_result_sourcedid=3001-175719-2144909-20434-f4161ded36e5d55e4591c6b115ae67a3de53cec0&lti_message_type=basic-lti-launch-request&lti_version=LTI-1p0&oauth_callback=about%3Ablank&resource_link_id=4b017ff18d706c756b94ff233f5fa7f6cb899791&resource_link_title=OL25&roles=Learner&tool_consumer_info_product_family_code=canvas&tool_consumer_info_version=cloud&tool_consumer_instance_contact_email=notifications%40instructure.com&tool_consumer_instance_guid=7db438071375c02373713c12c73869ff2f470b68.k-state.instructure.com&tool_consumer_instance_name=Kansas+State+University&user_id=7bc1a8f49a59863458345dc544e40c056554705f&oauth_signature=eorz%2BcfKtsrfakbQ5zY02d1qmAU%3D

[Tue Jan 14 17:44:07.17418 2025] (eval): --------------------------------------------------------------------------------

[Tue Jan 14 17:44:07.17772 2025] (eval): The path is /Math221s25/OL25/

[Tue Jan 14 17:44:07.18052 2025] (eval): The current route is problem_list

[Tue Jan 14 17:44:07.18218 2025] (eval): Here is some information about this route:

[Tue Jan 14 17:44:07.18327 2025] (eval): The display module for this route is WeBWorK::ContentGenerator::ProblemSet

[Tue Jan 14 17:44:07.18429 2025] (eval): This route has the following captures:

[Tue Jan 14 17:44:07.18524 2025] (eval): action => go

[Tue Jan 14 17:44:07.18617 2025] (eval): courseID => Math221s25

[Tue Jan 14 17:44:07.18712 2025] (eval): setID => OL25

[Tue Jan 14 17:44:07.18780 2025] (eval): controller => ProblemSet

[Tue Jan 14 17:44:07.18852 2025] (eval): --------------------------------------------------------------------------------

[Tue Jan 14 17:44:07.18926 2025] (eval): Now we want to look at the parameters we got.

[Tue Jan 14 17:44:07.19053 2025] (eval): The raw params:

[Tue Jan 14 17:44:07.19735 2025] (eval): resource_link_id => "4b017ff18d706c756b94ff233f5fa7f6cb899791"

[Tue Jan 14 17:44:07.19927 2025] (eval): context_title => "Calc 1 test 2025"

[Tue Jan 14 17:44:07.20029 2025] (eval): ext_outcome_submission_submitted_at_accepted => "true"

[Tue Jan 14 17:44:07.20134 2025] (eval): context_id => "d8aec218fbd775b40750feaabf4b1ba2563913d8"

[Tue Jan 14 17:44:07.20229 2025] (eval): lis_person_contact_email_primary => "eisele@ksu.edu"

[Tue Jan 14 17:44:07.20310 2025] (eval): user_id => "7bc1a8f49a59863458345dc544e40c056554705f"

[Tue Jan 14 17:44:07.20425 2025] (eval): custom_canvas_assignment_title => "OL25"

[Tue Jan 14 17:44:07.20566 2025] (eval): ext_lti_assignment_id => "b763619f-689f-4887-b620-bea5c738ba25"

[Tue Jan 14 17:44:07.20713 2025] (eval): lti_version => "LTI-1p0"

[Tue Jan 14 17:44:07.20856 2025] (eval): ext_outcome_data_values_accepted => "url,text"

[Tue Jan 14 17:44:07.20951 2025] (eval): roles => "Learner"

[Tue Jan 14 17:44:07.21057 2025] (eval): oauth_nonce => "vm3YcrEhGzm46WqKkkBBHdAdjBhx4lvDzL5AGMSc6g"

[Tue Jan 14 17:44:07.21167 2025] (eval): oauth_timestamp => "1736876645"

[Tue Jan 14 17:44:07.21314 2025] (eval): tool_consumer_instance_contact_email => "notifications@instructure.com"

[Tue Jan 14 17:44:07.21441 2025] (eval): lti_message_type => "basic-lti-launch-request"

[Tue Jan 14 17:44:07.21556 2025] (eval): launch_presentation_locale => "en"

[Tue Jan 14 17:44:07.21688 2025] (eval): lis_result_sourcedid => "3001-175719-2144909-20434-f4161ded36e5d55e4591c6b115ae67a3de53cec0"

[Tue Jan 14 17:44:07.21839 2025] (eval): ext_roles => "urn:lti:instrole:ims/lis/Instructor,urn:lti:instrole:ims/lis/Student,urn:lti:role:ims/lis/Learner,urn:lti:sysrole:ims/lis/User"

[Tue Jan 14 17:44:07.21958 2025] (eval): oauth_callback => "about:blank"

[Tue Jan 14 17:44:07.22061 2025] (eval): ext_outcomes_tool_placement_url => "https://k-state.instructure.com/api/lti/v1/turnitin/outcomes_placement/3001"

[Tue Jan 14 17:44:07.22157 2025] (eval): oauth_version => "1.0"

[Tue Jan 14 17:44:07.22243 2025] (eval): oauth_signature => "eorz+cfKtsrfakbQ5zY02d1qmAU="

[Tue Jan 14 17:44:07.22348 2025] (eval): tool_consumer_instance_name => "Kansas State University"

[Tue Jan 14 17:44:07.22458 2025] (eval): launch_presentation_document_target => "iframe"

[Tue Jan 14 17:44:07.22572 2025] (eval): ext_outcome_submission_needs_additional_review_accepted => "true"

[Tue Jan 14 17:44:07.22682 2025] (eval): lis_outcome_service_url => "https://k-state.instructure.com/api/lti/v1/tools/3001/grade_passback"

[Tue Jan 14 17:44:07.22776 2025] (eval): oauth_consumer_key => "webwork"

[Tue Jan 14 17:44:07.22889 2025] (eval): ext_outcome_result_total_score_accepted => "true"

[Tue Jan 14 17:44:07.23013 2025] (eval): tool_consumer_instance_guid => "7db438071375c02373713c12c73869ff2f470b68.k-state.instructure.com"

[Tue Jan 14 17:44:07.23090 2025] (eval): ext_outcome_submission_prioritize_non_tool_grade_accepted => "true"

[Tue Jan 14 17:44:07.23169 2025] (eval): tool_consumer_info_product_family_code => "canvas"

[Tue Jan 14 17:44:07.23273 2025] (eval): custom_canvas_assignment_points_possible => "0"

[Tue Jan 14 17:44:07.23439 2025] (eval): launch_presentation_return_url => "https://k-state.instructure.com/courses/175719/assignments"

[Tue Jan 14 17:44:07.23573 2025] (eval): oauth_signature_method => "HMAC-SHA1"

[Tue Jan 14 17:44:07.23746 2025] (eval): custom_canvas_enrollment_state => "active"

[Tue Jan 14 17:44:07.23880 2025] (eval): tool_consumer_info_version => "cloud"

[Tue Jan 14 17:44:07.24010 2025] (eval): ext_ims_lis_basic_outcome_url => "https://k-state.instructure.com/api/lti/v1/tools/3001/ext_grade_passback"

[Tue Jan 14 17:44:07.24136 2025] (eval): context_label => "Calc 1"

[Tue Jan 14 17:44:07.24263 2025] (eval): resource_link_title => "OL25"

[Tue Jan 14 17:44:07.24359 2025] (eval): --------------------------------------------------------------------------------

[Tue Jan 14 17:44:07.24453 2025] (eval): We need to get a course environment (with or without a courseID!)

[Tue Jan 14 17:44:07.33126 2025] (eval): Here's the course environment: WeBWorK::CourseEnvironment=HASH(0x55afac314588)

[Tue Jan 14 17:44:07.34073 2025] (eval): Using authentication module WeBWorK::Authen::LTIAdvanced: WeBWorK::Authen::LTIAdvanced=HASH(0x55afac4359c8)

[Tue Jan 14 17:44:07.34345 2025] (eval): We got a courseID from the route, now we can do some stuff:

[Tue Jan 14 17:44:07.34454 2025] (eval): ...we can create a database object...

[Tue Jan 14 17:44:07.47084 2025] (eval): (here's the DB handle: WeBWorK::DB=HASH(0x55afac3153c0))

[Tue Jan 14 17:44:07.47401 2025] WeBWorK::Authen::verify: BEGIN VERIFY

[Tue Jan 14 17:44:07.47521 2025] WeBWorK::Authen::LTIAdvanced::request_has_data_for_this_verification_module: LTIAdvanced has been called for data verification

[Tue Jan 14 17:44:07.47644 2025] WeBWorK::Authen::LTIAdvanced::request_has_data_for_this_verification_module: LTIAdvanced returning that it has sufficient data

[Tue Jan 14 17:44:07.47770 2025] WeBWorK::Authen::do_verify: db ok

[Tue Jan 14 17:44:07.47876 2025] WeBWorK::Authen::LTIAdvanced::get_credentials: LTIAdvanced::get_credentials has been called

[Tue Jan 14 17:44:07.48810 2025] WeBWorK::Authen::LTIAdvanced::get_credentials: LTIAdvanced::get_credentials is returning a 1

[Tue Jan 14 17:44:07.48984 2025] WeBWorK::Authen::do_verify: credentials ok

[Tue Jan 14 17:44:07.49099 2025] WeBWorK::Authen::LTIAdvanced::check_user: LTIAdvanced::check_user has been called for user_id = |eisele|

[Tue Jan 14 17:44:07.53007 2025] WeBWorK::Authen::LTIAdvanced::check_user: LTIAdvanced::check_user is about to return a 1.

[Tue Jan 14 17:44:07.53219 2025] WeBWorK::Authen::do_verify: check user ok

[Tue Jan 14 17:44:07.53326 2025] WeBWorK::Authen::LTIAdvanced::verify_normal_user: LTIAdvanced::verify_normal_user called for user |eisele|

[Tue Jan 14 17:44:07.53413 2025] WeBWorK::Authen::LTIAdvanced::authenticate: LTIAdvanced::authenticate called for user |eisele|

[Tue Jan 14 17:44:07.53486 2025] WeBWorK::Authen::LTIAdvanced::authenticate: ref(c) = |WeBWorK::ContentGenerator::ProblemSet|

[Tue Jan 14 17:44:07.53564 2025] WeBWorK::Authen::LTIAdvanced::authenticate: Nonce = |vm3YcrEhGzm46WqKkkBBHdAdjBhx4lvDzL5AGMSc6g|

[Tue Jan 14 17:44:07.69754 2025] WeBWorK::Authen::LTIAdvanced::authenticate: c->param(oauth_signature) = |eorz+cfKtsrfakbQ5zY02d1qmAU=|

[Tue Jan 14 17:44:07.70095 2025] WeBWorK::Authen::LTIAdvanced::authenticate: resource_link_id->|4b017ff18d706c756b94ff233f5fa7f6cb899791|

[Tue Jan 14 17:44:07.70216 2025] WeBWorK::Authen::LTIAdvanced::authenticate: context_title->|Calc 1 test 2025|

[Tue Jan 14 17:44:07.70298 2025] WeBWorK::Authen::LTIAdvanced::authenticate: ext_outcome_submission_submitted_at_accepted->|true|

[Tue Jan 14 17:44:07.70402 2025] WeBWorK::Authen::LTIAdvanced::authenticate: context_id->|d8aec218fbd775b40750feaabf4b1ba2563913d8|

[Tue Jan 14 17:44:07.70508 2025] WeBWorK::Authen::LTIAdvanced::authenticate: lis_person_contact_email_primary->|eisele@ksu.edu|

[Tue Jan 14 17:44:07.70609 2025] WeBWorK::Authen::LTIAdvanced::authenticate: user_id->|7bc1a8f49a59863458345dc544e40c056554705f|

[Tue Jan 14 17:44:07.70679 2025] WeBWorK::Authen::LTIAdvanced::authenticate: custom_canvas_assignment_title->|OL25|

[Tue Jan 14 17:44:07.70748 2025] WeBWorK::Authen::LTIAdvanced::authenticate: ext_lti_assignment_id->|b763619f-689f-4887-b620-bea5c738ba25|

[Tue Jan 14 17:44:07.70814 2025] WeBWorK::Authen::LTIAdvanced::authenticate: lti_version->|LTI-1p0|

[Tue Jan 14 17:44:07.70879 2025] WeBWorK::Authen::LTIAdvanced::authenticate: ext_outcome_data_values_accepted->|url,text|

[Tue Jan 14 17:44:07.70940 2025] WeBWorK::Authen::LTIAdvanced::authenticate: roles->|Learner|

[Tue Jan 14 17:44:07.70998 2025] WeBWorK::Authen::LTIAdvanced::authenticate: oauth_nonce->|vm3YcrEhGzm46WqKkkBBHdAdjBhx4lvDzL5AGMSc6g|

[Tue Jan 14 17:44:07.71056 2025] WeBWorK::Authen::LTIAdvanced::authenticate: oauth_timestamp->|1736876645|

[Tue Jan 14 17:44:07.71113 2025] WeBWorK::Authen::LTIAdvanced::authenticate: tool_consumer_instance_contact_email->|notifications@instructure.com|

[Tue Jan 14 17:44:07.71172 2025] WeBWorK::Authen::LTIAdvanced::authenticate: lti_message_type->|basic-lti-launch-request|

[Tue Jan 14 17:44:07.71234 2025] WeBWorK::Authen::LTIAdvanced::authenticate: launch_presentation_locale->|en|

[Tue Jan 14 17:44:07.71294 2025] WeBWorK::Authen::LTIAdvanced::authenticate: lis_result_sourcedid->|3001-175719-2144909-20434-f4161ded36e5d55e4591c6b115ae67a3de53cec0|

[Tue Jan 14 17:44:07.71353 2025] WeBWorK::Authen::LTIAdvanced::authenticate: ext_roles->|urn:lti:instrole:ims/lis/Instructor,urn:lti:instrole:ims/lis/Student,urn:lti:role:ims/lis/Learner,urn:lti:sysrole:ims/lis/User|

[Tue Jan 14 17:44:07.71416 2025] WeBWorK::Authen::LTIAdvanced::authenticate: oauth_callback->|about:blank|

[Tue Jan 14 17:44:07.71475 2025] WeBWorK::Authen::LTIAdvanced::authenticate: ext_outcomes_tool_placement_url->|https://k-state.instructure.com/api/lti/v1/turnitin/outcomes_placement/3001|

[Tue Jan 14 17:44:07.71532 2025] WeBWorK::Authen::LTIAdvanced::authenticate: oauth_version->|1.0|

[Tue Jan 14 17:44:07.71592 2025] WeBWorK::Authen::LTIAdvanced::authenticate: oauth_signature->|eorz+cfKtsrfakbQ5zY02d1qmAU=|

[Tue Jan 14 17:44:07.71654 2025] WeBWorK::Authen::LTIAdvanced::authenticate: tool_consumer_instance_name->|Kansas State University|

[Tue Jan 14 17:44:07.71732 2025] WeBWorK::Authen::LTIAdvanced::authenticate: launch_presentation_document_target->|iframe|

[Tue Jan 14 17:44:07.71791 2025] WeBWorK::Authen::LTIAdvanced::authenticate: ext_outcome_submission_needs_additional_review_accepted->|true|

[Tue Jan 14 17:44:07.71847 2025] WeBWorK::Authen::LTIAdvanced::authenticate: lis_outcome_service_url->|https://k-state.instructure.com/api/lti/v1/tools/3001/grade_passback|

[Tue Jan 14 17:44:07.71903 2025] WeBWorK::Authen::LTIAdvanced::authenticate: oauth_consumer_key->|webwork|

[Tue Jan 14 17:44:07.71966 2025] WeBWorK::Authen::LTIAdvanced::authenticate: ext_outcome_result_total_score_accepted->|true|

[Tue Jan 14 17:44:07.72059 2025] WeBWorK::Authen::LTIAdvanced::authenticate: tool_consumer_instance_guid->|7db438071375c02373713c12c73869ff2f470b68.k-state.instructure.com|

[Tue Jan 14 17:44:07.72135 2025] WeBWorK::Authen::LTIAdvanced::authenticate: ext_outcome_submission_prioritize_non_tool_grade_accepted->|true|

[Tue Jan 14 17:44:07.72224 2025] WeBWorK::Authen::LTIAdvanced::authenticate: tool_consumer_info_product_family_code->|canvas|

[Tue Jan 14 17:44:07.72289 2025] WeBWorK::Authen::LTIAdvanced::authenticate: custom_canvas_assignment_points_possible->|0|

[Tue Jan 14 17:44:07.72353 2025] WeBWorK::Authen::LTIAdvanced::authenticate: launch_presentation_return_url->|https://k-state.instructure.com/courses/175719/assignments|

[Tue Jan 14 17:44:07.72416 2025] WeBWorK::Authen::LTIAdvanced::authenticate: oauth_signature_method->|HMAC-SHA1|

[Tue Jan 14 17:44:07.72476 2025] WeBWorK::Authen::LTIAdvanced::authenticate: custom_canvas_enrollment_state->|active|

[Tue Jan 14 17:44:07.72538 2025] WeBWorK::Authen::LTIAdvanced::authenticate: tool_consumer_info_version->|cloud|

[Tue Jan 14 17:44:07.72596 2025] WeBWorK::Authen::LTIAdvanced::authenticate: ext_ims_lis_basic_outcome_url->|https://k-state.instructure.com/api/lti/v1/tools/3001/ext_grade_passback|

[Tue Jan 14 17:44:07.72659 2025] WeBWorK::Authen::LTIAdvanced::authenticate: context_label->|Calc 1|

[Tue Jan 14 17:44:07.72718 2025] WeBWorK::Authen::LTIAdvanced::authenticate: resource_link_title->|OL25|

[Tue Jan 14 17:44:07.81748 2025] WeBWorK::Authen::LTIAdvanced::authenticate: OAuth verification SUCCEEDED !!

[Tue Jan 14 17:44:07.88429 2025] WeBWorK::Authen::LTIAdvanced::verify_normal_user: auth_result=|1|

[Tue Jan 14 17:44:07.88942 2025] WeBWorK::Authen::LTIAdvanced::verify_normal_user: session_key=|bKD8n89n2eGbBUdOPKzApsoAh0CBFEay|.

[Tue Jan 14 17:44:07.89285 2025] WeBWorK::Authen::write_log_entry: Writing to login log: 'LOGIN OK user_id=eisele login_type=normal credential_source=LTIAdvanced host=52.206.153.109 port=50326 UA=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36'.

[Tue Jan 14 17:44:07.90268 2025] WeBWorK::Authen::fetchCookie: fetchCookie: Session cookie does not contain valid information. Returning nothing.

[Tue Jan 14 17:44:07.90442 2025] WeBWorK::Authen::maybe_send_cookie: used_cookie='' unused_valid_cookie='' user_requests_cookie='0' session_management_via_cookies ='1'

[Tue Jan 14 17:44:07.90750 2025] WeBWorK::Authen::set_params: params user='eisele' key='bKD8n89n2eGbBUdOPKzApsoAh0CBFEay'

[Tue Jan 14 17:44:07.91001 2025] WeBWorK::Authen::verify: END VERIFY

[Tue Jan 14 17:44:07.91103 2025] WeBWorK::Authen::verify: result 1

[Tue Jan 14 17:44:07.91250 2025] (eval): Hi, eisele, glad you made it.

[Tue Jan 14 17:44:07.92793 2025] (eval): Now we deal with the effective user:

[Tue Jan 14 17:44:07.92985 2025] (eval): userID=eisele eUserID=eisele

[Tue Jan 14 17:44:07.327003 2025] WeBWorK::Authen::store_session: Saving database session. The database session contains

{

"key" => "bKD8n89n2eGbBUdOPKzApsoAh0CBFEay",

"session" => {},

"timestamp" => 1736876647,

"user_id" => "eisele"

}

[Tue Jan 14 17:44:07.332551 2025] WeBWorK::Authen::store_session: The cookie session contains

{

"expiration" => 0,

"key" => "bKD8n89n2eGbBUdOPKzApsoAh0CBFEay",

"timestamp" => 1736876647,

"user_id" => "eisele"

}

[Tue Jan 14 17:44:46.215364 2025] (eval):

===> Begin WeBWorK::dispatch() <===

[Tue Jan 14 17:44:46.216073 2025] (eval): Hi, I'm the new dispatcher!

[Tue Jan 14 17:44:46.217288 2025] (eval): --------------------------------------------------------------------------------

[Tue Jan 14 17:44:46.217846 2025] (eval): Okay, I got some basic information:

[Tue Jan 14 17:44:46.218226 2025] (eval): The site location is /webwork2

[Tue Jan 14 17:44:46.218501 2025] (eval): The request method is GET

[Tue Jan 14 17:44:46.219484 2025] (eval): The URI is /webwork2/Math221s25/OL25/1

[Tue Jan 14 17:44:46.219803 2025] (eval): The argument string is effectiveUser=eisele

[Tue Jan 14 17:44:46.220023 2025] (eval): --------------------------------------------------------------------------------

[Tue Jan 14 17:44:46.220434 2025] (eval): The path is /Math221s25/OL25/1/

[Tue Jan 14 17:44:46.220763 2025] (eval): The current route is problem_detail

[Tue Jan 14 17:44:46.221017 2025] (eval): Here is some information about this route:

[Tue Jan 14 17:44:46.221323 2025] (eval): The display module for this route is WeBWorK::ContentGenerator::Problem

[Tue Jan 14 17:44:46.221495 2025] (eval): This route has the following captures:

[Tue Jan 14 17:44:46.221637 2025] (eval): problemID => 1

[Tue Jan 14 17:44:46.221816 2025] (eval): action => go

[Tue Jan 14 17:44:46.221938 2025] (eval): courseID => Math221s25

[Tue Jan 14 17:44:46.222045 2025] (eval): setID => OL25

[Tue Jan 14 17:44:46.222120 2025] (eval): controller => Problem

[Tue Jan 14 17:44:46.222199 2025] (eval): --------------------------------------------------------------------------------

[Tue Jan 14 17:44:46.222274 2025] (eval): Now we want to look at the parameters we got.

[Tue Jan 14 17:44:46.222341 2025] (eval): The raw params:

[Tue Jan 14 17:44:46.222555 2025] (eval): effectiveUser => "eisele"

[Tue Jan 14 17:44:46.222700 2025] (eval): --------------------------------------------------------------------------------

[Tue Jan 14 17:44:46.222857 2025] (eval): We need to get a course environment (with or without a courseID!)

[Tue Jan 14 17:44:46.233909 2025] (eval): Here's the course environment: WeBWorK::CourseEnvironment=HASH(0x55afab424398)

[Tue Jan 14 17:44:46.290875 2025] (eval): Using authentication module WeBWorK::Authen::LTIAdvanced: WeBWorK::Authen::LTIAdvanced=HASH(0x55afabbde398)

[Tue Jan 14 17:44:46.291238 2025] (eval): We got a courseID from the route, now we can do some stuff:

[Tue Jan 14 17:44:46.291371 2025] (eval): ...we can create a database object...

[Tue Jan 14 17:44:46.355477 2025] (eval): (here's the DB handle: WeBWorK::DB=HASH(0x55afa71fd000))

[Tue Jan 14 17:44:46.356025 2025] WeBWorK::Authen::verify: BEGIN VERIFY

[Tue Jan 14 17:44:46.356330 2025] WeBWorK::Authen::LTIAdvanced::request_has_data_for_this_verification_module: LTIAdvanced has been called for data verification

[Tue Jan 14 17:44:46.356481 2025] WeBWorK::Authen::LTIAdvanced::request_has_data_for_this_verification_module: LTIAdvanced returning that it has insufficent data

[Tue Jan 14 17:44:46.356580 2025] WeBWorK::Authen::LTIAdvanced::request_has_data_for_this_verification_module: (this debug statement added by eisele) params: effectiveUser

[Tue Jan 14 17:44:46.358305 2025] (eval): Bad news: authentication failed!

[Tue Jan 14 17:44:46.358608 2025] (eval): Rendering WeBWorK::ContentGenerator::Login

[Tue Jan 14 17:44:46.423228 2025] WeBWorK::Authen::store_session: The cookie session contains

{

"expiration" => 0,

"key" => "bKD8n89n2eGbBUdOPKzApsoAh0CBFEay",

"timestamp" => 1736876647,

"user_id" => "eisele"

}

Re: Issues with LTI authentication after upgrade

by Glenn Rice - Tuesday, 14 January 2025, 1:43 PM

What do you have set for $authen{user_module} in authen_LTI.conf? It should be set to

$authen{user_module} = [
    { '*' => 'WeBWorK::Authen::LTIAdvantage' },          # first try LTI 1.3
    { '*' => 'WeBWorK::Authen::LTIAdvanced' },           # next try LTI 1.1
    { '*' => 'WeBWorK::Authen::Basic_TheLastOption' }    # fallback authorization method
];

Note that you can comment out the LTIAdvantage module for LTI 1.3 if you are not using that, but make sure the last to lines are NOT commented out.

Also check your localOverrides.conf file, and make sure that variable is not also set in that file, and that there aren't any other conf files included that might be setting that variable.

Re: Issues with LTI authentication after upgrade

by Don Eisele - Tuesday, 14 January 2025, 2:20 PM

Ahhh.. Basic was commented out as well.

I'm sure that somewhere in documentation I read that commenting it out was possible to force never using local passwords. (and it being labelled as fallback implies that it's only necessary if LTI fails, instead of LTI being dependent on it).

Re: Issues with LTI authentication after upgrade

by Glenn Rice - Tuesday, 14 January 2025, 2:53 PM

Yeah, LTI authentication is dependent on the fallback. LTI authentication is only used for initial login. After that the fallback is used for all subsequent requests.

Re: Issues with LTI authentication after upgrade

by Danny Glin - Tuesday, 14 January 2025, 2:21 PM

If it is invoking the authentication module on subsequent pages then there is probably something wrong with accessing the cookie to verify the session.

In my case setting $CookieSecure = 1 in localOverrides.conf helped with this, but there have been lots of issues reported with opening LTI resources in an iframe (i.e. inside the page in your LMS), which are not unique to WeBWorK. Wherever possible we recommend setting LTI links to open in a new window.

Using WeBWorK

Installation

Issues with LTI authentication after upgrade

Issues with LTI authentication after upgrade

Re: Issues with LTI authentication after upgrade

Re: Issues with LTI authentication after upgrade

Re: Issues with LTI authentication after upgrade

Re: Issues with LTI authentication after upgrade

Re: Issues with LTI authentication after upgrade