Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-74654

Add role parameter, phase out moderatorPW and attendeePW from create, and password from join

    XMLWordPrintable

Details

    • Improvement
    • Status: Waiting for integration review
    • Minor
    • Resolution: Unresolved
    • 4.0.1, 4.1
    • None
    • BigBlueButton

    Description

      Since version 2.4, BBB can use a parameter that defines the role to be used in the BBB session instead of the so called 'password' with is problematic with modern browsers.

      To give a bit of context, the so called `password` used in the URL in plain text is not a real password, but a token or identifier to be used to define the role a user should have in a meeting.

      The URLs used by BBB are in some way protected by a hash calculated using a shared secret. Therefore, `password` would not (should not and could not) be used for authenticating the user.

      The idea is that

      • create would no longer include modPW nor viewerPW,
      • join will use instead of password the designated role, such as role=moderator|viewer

      See https://github.com/bigbluebutton/bigbluebutton/pull/13589

      We will not be removing the password currently, but only adding the role parameter. Phasing out of password use will most likely take place in BBB v2.6

      Attachments

        Issue Links

          Activity

            People

              shamiso.jaravaza Shamiso Jaravaza
              jfederico Jesus Federico
              Laurent DAVID Laurent DAVID
              Jesus Federico, Laurent DAVID
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated: