Authentication: Difference between revisions

Latest revision as of 16:53, 13 November 2017

Authentication is the process of allowing a user to log in to a Moodle site with a username and password.

Authentication plugins

Moodle provides a number of ways of managing authentication, called authentication plugins.

Manual accounts - accounts created manually by an administrator
No login - suspend particular user account
Email-based self-registration - for enabling users to create their own accounts
CAS server (SSO) - account details are located on an external CAS server
External database - account details are located on an external database
LDAP server - account details are located on an external LDAP server
LTI - works with the Publish as LTI tool enrolment method to connect courses and activities
Moodle Network authentication - how different Moodle sites can connect and authenticate users
No authentication - for testing purposes or if the Moodle site is not available on the Internet. Do NOT use on public servers!
Shibboleth - account details are located on an external Shibboleth server
Web services authentication
Uniquelogin authentication to limit users to one simultaeous session

@@ Line 1: / Line 1: @@
-== Email-based authentication ==
+{{Managing a Moodle site}}
+Authentication is the process of allowing a user to log in to a Moodle site with a username and password.
-Email confirmation is the default authentication method. When the user signs up, choosing their own new username and password, a confirmation email is sent to the user's email address. This email contains a secure link to a page where the user can confirm their account. Future logins just check the username and password against the stored values in the Moodle database.
+==Authentication plugins==
-== Manual accounts only ==
+Moodle provides a number of ways of [[Managing authentication|managing authentication]], called ''authentication plugins''.
-This method removes any way for users to create their own accounts. All accounts must be manually created by the admin user.
+*[[Manual accounts]] - accounts created manually by an administrator
+*[[No login]] - suspend particular user account
+*[[Email-based self-registration]] - for enabling users to create their own accounts
+*[[CAS server (SSO)]] - account details are located on an external CAS server
+*[[External database authentication|External database]] - account details are located on an external database
+*[[LDAP authentication|LDAP server]] - account details are located on an external LDAP server
+*[[LTI]] - works with the [[Publish as LTI tool]] enrolment method to connect courses and activities
+*[[MNet|Moodle Network authentication]] - how different Moodle sites can connect and authenticate users
+*[[No authentication]] - for testing purposes or if the Moodle site is not available on the Internet. Do NOT use on public servers!
+*[[Shibboleth]] - account details are located on an external Shibboleth server
+* Web services authentication
+*[[Uniquelogin authentication]] to limit users to one simultaeous session
-== No authentication ==
+==See also==
-Users can sign in and create valid accounts immediately, with no authentication against an external server and no confirmation via email. Be careful using this option - think of the security and administration problems this could cause.
+*[[Authentication FAQ]]
-== PAM (Pluggable Authentication Modules) ==
+[[Category:Authentication]]
-This method uses PAM to access the native usernames on this server. You have to install PHP4 PAM Authentication in order to use this module.
+[[eu:Erabiltzaileen_autentifikazioa]]
+[[fr:Authentification]]
-== Shibboleth ==
+[[de:Authentifizierung]]
+[[ja:認証]]
-Using this method users are created and authenticated using Shibboleth.
+[[es:Autenticación]]
-Be sure to read the README for Shibboleth on how to set up your Moodle with Shibboleth.
-== Use a CAS server (SSO) ==
-This method uses a CAS server (Central Authentication Service) to authenticate users in a Single Sign On environment (SSO). You can also use a simple LDAP authentication. If the given username and password are valid according to CAS, Moodle creates a new user entry in its database, taking user attributes from LDAP if required. On following logins only the username and password are checked.
-== Use an LDAP server ==
-This method provides authentication against an external LDAP server. If the given username and password are valid, Moodle creates a new user entry in its database. This module can read user attributes from LDAP and prefill wanted fields in Moodle. For following logins only the username and password are checked.

Documentation

Authentication: Difference between revisions

Latest revision as of 16:53, 13 November 2017

Authentication plugins

See also