Moodle, SEB and SSO getting 403 response

Moodle, SEB and SSO getting 403 response

Devin Monroe發表於
Number of replies: 6

Hello,

I am posting this there in case this issue is something with Moodle while I continue to investigate SEB and SSO as being the source of this issue as well.

There is a specific use case where we keep receiving a 403 error inside SEB. The scenario is this:

  1. user logs into the Moodle installation using OAuth/SSO.
  2. user navigates to quiz and clicks "Launch Safe Exam Browser"
  3. user is presented with Moodle main login screen
  4. user clicks SSO login option and receives a 403 error

In the Moodle logs it shows the error:

The user with id ‘307’ has been prevented from accessing quiz with id ‘34’ by the Safe Exam Browser access plugin. The reason was ‘Invalid SEB config key’. Expected config key: ‘35abe092c8754fb2faf8128326e28c93f41883288df42d6cd5500bee4f8f9b80’. Received config key: ‘’. Received browser exam key: ‘’.

Things to note:

This does not happen when not using SSO to login.

This does not happen if we use the option to "Download configuration" and open the configuration file.

I was not able to see any other errors in the logs that related to this.

I am not sure if the issue is with Moodle, SSO or SEB.

It is my understanding that the "Launch Safe Exam Browser" button should work on it's own as long as you are using the correct versions of SEB. I have tried on both Mac and PC and we have tried with SE 3.3 and 3.5 so far.

Any advice, suggestions or help would be greatly appreciated. Please let me know if any further information needs to be provided or if I should be looking someone else for help.

評比平均分數: -
In reply to Devin Monroe

Re: Moodle, SEB and SSO getting 403 response

Charles Johnson發表於
Hi Devin,

Did you ever find a solution for this?

My users are experiencing a very similar issue. We use MS365 and OneLogin for MFA, I don't know if that is an issue though as like with you, when downloading the test's config file, everything works as it should. The student still has to re-enter their credentials within Safe Exam Browser. When a user clicks on the Launch Safe Exam Browser button when logged into the course with thier standard browser, SEB launches, and shows a 403 error before the login page is even presented.

Our provider recently updated our site to Moodle 4.1.18, but it didn't resolve the issue, not that I was expeciting it to.

I don't know what is going on that the SEB config key isn't being correctly presented to the SEB when clicking on the Launch SEB button, and it is getting a blank key from Moodle.

Thanks,

Chuck
評比平均分數:Useful (1)
In reply to Charles Johnson

Re: Moodle, SEB and SSO getting 403 response

Devin Monroe發表於
Hi Chuck,

No not yet. We have put this on hold for now, due to more pressing priorities but expect to pick up the investigation again in the future (hopefully sooner rather than later). For now I believe out support team is directing users to download the file and launch it manually.

If I do find solution for the 403 error, I will try to remember to follow-up here.

評比平均分數: -
In reply to Devin Monroe

Re: Moodle, SEB and SSO getting 403 response

Charles Johnson發表於
Thanks, Devin!

What I find odd, although I haven't 100% confirmed it yet, is that it sometimes works for the students who click on the Launch Safe Exam Browser button, and for others it doesn't. What seems to be happening in our case is that the student isn't even presented with the request for credentials within SEB, it just throws the 403 error, or a blank white screen.

They so far have had a 100% success rate when downloading the config file and launching SEB directly.

Take your time, I look forward to hearing from you. If I find a solution, I'll let you know.

Thanks,

Chuck
評比平均分數: -
In reply to Devin Monroe

Re: Moodle, SEB and SSO getting 403 response

Visvanath Ratnaweera發表於
Particularly helpful Moodlers的相片 Translators的相片
How does its https://safeexambrowser.org/windows/win_usermanual_en.html#ExamPane look like?
評比平均分數: -
In reply to Visvanath Ratnaweera

Re: Moodle, SEB and SSO getting 403 response

Devin Monroe發表於
I will get back to you on this I don't have time at the moment to look at this due to other priorities taking precedence but I am interested in solving this problem. Perhaps Chuck and I both can post these and compare and find a common denominator that is causing an issue.
評比平均分數: -
In reply to Devin Monroe

Re: Moodle, SEB and SSO getting 403 response

Visvanath Ratnaweera發表於
Particularly helpful Moodlers的相片 Translators的相片
OK. What I was thinking is that the SEB config file is configured to check for the Config key but the SEB just logged in through SSO doesn't send it. Sounds like a "late binding" (the key is available only after the SSO is established. The same exam works for Moodle's local users, right?
評比平均分數: -