User Tools
This is an old revision of the document!
Table of Contents
Ticket based authentication : User guide
Ticket Direct Access (to Moodle) plugin introduction
Using a ticket based authentification is implicit:
Tickets access url may be provided as links in notification mails, or as links in some other content addressed to the user. User that have the link url may just browse to this url.
Good practices regarding security
Users should be informed that a ticket access link is personal and contains a direct way to access a moodle session on behalf of the ticket internal encoded username. Thus users should NEVER give those url to third party users, not publish it in a publicly accessible content.
Integrators and administrators should read the additional security discussion in the Integrator Guide for more details about security handling.
Use Case
Dans le cadre de l'utilisation de la boutique, dans le cadre d'une émission de notification de facture au client, le client peut revenir au cours support pour télécharger sa facture sans s'authentifier via le couple login/mot de passe. Le système génère un jeton d'accès crypté temporaire transmis pour une durée de validité temporaire dans le corps du mail émis.
Cette porte d'entrée est potentiellement à utiliser en https pour éviter toute interception.
Credits
- Valéry Frémaux (valery@activeprolearn.com)) Developments
- Florence Labord (florence@activeprolearn.com) Documentation
