Peoplesoft ELM - Content Sever Authentication

Hi All,
We are using Peoplesoft ELM.

Here is our setup -  ELM is hosted on http://elm.mt.com and Content is hosted on https://content.mt.com.

Our employees first log into ELM and launch the courses from there. The url will be something like this
https://content.mt.com/abc/ABC011/index_lms.html?AICC_SID=213228%3a1651%3aA001&AICC_URL=https%3a%2f%elm.mantech.com%3a443%2fpsc%elm%2fEMPLOYEE%2fNODE%2fs%2fWEBLIB_LM_LEM.LM_ISCRIPT.FieldFormula.IScript_HACP_COMM

The issue is that the content could be launced using just the url itself without logging into peoplesoft elm.
I like to know how was this handled in yours, how can the content server being secured?.  

Thanks
Raj

3 Replies
Justin Wilcox

Hi Raj and welcome to Heroes! I would contact PeopleSoft about this. Typically you shouldn't be able to view content in an LMS without being logged in and I'm guessing that the reason this worked for you is because you were already logged in. If you emailed yourself that link and tried on a different computer, I am guessing you would not be able to access the content as I couldn't just now.

Raj Ramasamy

Thanks. I think I did not ask the question properly. Our concern is not after they open the course but the process going from the link in ELM of the course to opening the course itself on a secure sever using the same authentication as already provided to ELM. We want to be able to open the course and have the user not authenticate again to a different server but have the course content secured by the peoplesoft authentication and there doesn't seem to be a place to host a course when it is 100+ files per course.

Any direction you can provide would be appreciated.

Justin Wilcox

Hi Raj.

Thanks for the explanation but I'm afraid I don't really have anything to offer. This is something you would need to discuss with your LMS or web server provider. I do know there can be issues with viewing content in a cross domain environment but the content has no authentication or ability to restrict people from viewing it. That is all going to come from your server/LMS configuration which is outside the scope of what we support.