Course Launch Security Check Failed

Topics: Developer Forum, Project Management Forum, User Forum
Feb 6, 2008 at 6:06 PM
Edited Feb 6, 2008 at 6:08 PM
Hello,

I have integrated the functionality of the BasicWebPlayer application with my learning management system. Specifically, I'm using the upload and launch pieces and I'm running into a problem. The upload piece stores the SCORM package contents on a shared SAN directory. I've created a new course in my learning management system, uploaded the SCORM package as its content, and assigned that course to a user. The user enters the learning management system and navigates to his list of available. When he launches the course he receives the following error in the popup window:

The training could not be launched due to the following problem:
A serious error occurred. Please contact your system administrator. More information has been written to the server event log.

The windows event log has the following error that's logged when this occurs:

An exception occurred while creating an attempt:

*Microsoft.LearningComponents.Storage.LearningStoreSecurityException: Security check failed.
at Microsoft.LearningComponents.Storage.LearningStoreJob.Execute()
at Microsoft.LearningComponents.Storage.ExecuteNavigator.CreateExecuteNavigator(LearningStore store, Int64 rootActivityId, Int64 learnerId, LoggingOptions loggingFlags)
at Microsoft.LearningComponents.Storage.StoredLearningSession.CreateAttempt(PackageStore packageStore, UserItemIdentifier learnerId, ActivityPackageItemIdentifier rootActivityId, LoggingOptions loggingOptions)
at Teams.CreatePackageAttempt.CreateAttemptButton_Click(Object sender, EventArgs e)*

Does a package attempt require that the person launching the course be the person that uploaded the course? I doubt that's the case as it would be a severe limitation to the application. Perhaps there is a security setting I'm not considering either on the directory where the content is stored or the PackageItem record referring to the SCORM package?

Thank you for any information you can provide.

Kevin
Feb 6, 2008 at 8:07 PM
I've found that the scalar function "CreateAttemptRight" looks like it is matching on the person who uploaded the package. Is this a function that can be modified without serious ramifications? I would like to grant the attempt right to anyone who tries to launch the package, not just the individual who uploaded the scorm file.

thanks.
Dec 16, 2009 at 6:22 PM

kdowker, did you ever attempt modify the code to multiple users to hit a package owned by a different user?  I am thinking this is part of the addon schema of Basic Web Player, and starting with the bare MLC DLL's would be the best bet.

Dec 30, 2009 at 2:14 PM

bfelda:

I was in fact able to enable this feature as you mentioned.  The function, in its original form, checked the current user against the owner (uploader) of the SCORM package.  If they didn't match then the launch was not allowed.  I removed that check within the body of the function and now any user who has been assigned the content can make an attempt on the package.  Let me know if you have any further questions.

Kevin

Dec 30, 2009 at 8:11 PM

Thanks much for replying Kevin.  I am glad you were able to get this going.  I think I know where where that check is performed, so I will try it out.  Its funny, I was actually just about to see if you ever were able to figure out how to get the sessionview to be Review instead of Complete in another thread you have here.  I am glad to see someone else has tried doing the same things with MLC that I am trying to do.