in local (university) moodle installation, there is the necessity to separate the authentication process from the possibility to access the e-learning platform.
We (web application manager) use pop account (not managed by us) to authenticate users, and we need to prevent the access to all valid email account.
For example, if we would use gmail as pop server, we don't want to permit the access to all valid gmail users
Now it works in this way:
setup authentication via pop
we add valid user list via csv file
users use their email/password to login:
- if user is added previously by us, she/he login (GOOD)
- if user is unknown by us, she/he is auto-added to the platform (BAD)
Is it already possible to do so or it's necessary a patch to the code?
thank you.