-
Improvement
-
Resolution: Duplicate
-
Minor
-
None
-
4.1
-
MOODLE_401_STABLE
Since version 2.4, BBB can use a parameter that defines the role to be used in the BBB session instead of the so called 'password' with is problematic with modern browsers.
To give a bit of context, the so called `password` used in the URL in plain text is not a real password, but a token or identifier to be used to define the role a user should have in a meeting.
The URLs used by BBB are in some way protected by a hash calculated using a shared secret. Therefore, `password` would not (should not and could not) be used for authenticating the user.
The idea is that
- create would no longer include modPW nor viewerPW,
- join will use instead of password the designated role, such as role=moderator|viewer
See https://github.com/bigbluebutton/bigbluebutton/pull/13589
- has been marked as being related by
-
MDL-74654 Add role parameter, phase out moderatorPW and attendeePW from create, and password from join
- Closed