Grading

Why do I get a grade passback warning?

If you are getting a warning such as:

This is probably because the activity is in LMS context (type of activity) that does not support grading, such as Canvas LMS Page.

Why after completing graded activity such as quizzes I get error when accessing it again

This applies only for direct LTI integration of Annoto in the LMS

After completing a graded activity, on each reload of the activity we check if the grade still not synced to the LMS and if not we attempt to push it to the LMS before showing the activity. If the grading push fails an error is shown in place of the activity.

The most common cases of grade sync to fail are:

Firewall blocking grade sync attempt

Please check with your IT that requests coming from the following IPs are whitelisted and not blocked:

  • EU region:

    • 16.170.96.99

  • US region

    • 54.227.146.98

If request is blocked, after a timeout you may see an error of 504 Gateway Time-Out error for example:

Misconfigured LMS certificate (missing intermediate certificate)

When we attempt to sync the grade to the LMS the validity of the LMS server certificate is checked to make sure it's safe. It is a similar check every browser does when you are browsing the web.

In case we are not able to validate the certificate, the most common error you will see is Error: unhandled: unable to verify the first certificate

Alternative way to check if the issue you are having is misconfigured LMS certificate is to browse to the LMS site using the Mozilla Firefox Browser, if this is the issue, you will receive a certificate warning that the site is not safe.

Each provider has their manual on how to configure the certificate on your servers. For example: https://support.sectigo.com/articles/Knowledge/Sectigo-Intermediate-Certificates

Why are the grades not syncing to the LMS

This applies only for direct LTI integration of Annoto in the LMS

The most common causes are covered in Why after completing graded activity such as quizzes I get error when accessing it again

The easiest way to test if this is the cause, after completing a graded activity, please refresh the page and visit it again if you experience one of the mentioned errors, this is the cause.

Apache blocks grade pass back in Moodle

In many cases Apache may strip (remove) the Authorization header for "security reasons" from the incoming requests.

In this case, the error message can look like this:

There are many resources on this available on the internet and official dos (can be .htaccess or one of the apache modules).

Moodle is missing the Authorization header, which Annoto sends on each lti outcomes request. Below is a quick way how you can validate that Annoto sends the Authorization header and it is filtered out by Apache on your end.

(or you can skip to suggested solutions below)

Check if the outcome sync Annoto sends contains the Authorization header

Add to common and combined LogFormat \"%{Authorization}i\" so that the Authorization header is printed in the apache access_log.

Load the assignment page to get the error and check the apache access log.

Look for request made to https://[YOUR DOMAIN]/mod/lti/service.php and check if Authorization header is present for the request.

Provide Additional Apache configuration info

Send contact@annoto.net the list of installed modules: apachectl -M

Make sure Authorization header is not filtered by Apache

If your have php setup as module (not CGI), make sure you have the below setup under <directory> for moodle vhost:

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
SetEnvIf Content-Type "(.*)" HTTP_CONTENT_TYPE=$1
SetEnvIf Accept "(.*)" HTTP_ACCEPT=$1Copy

If you have php setup as CGI:

please make sure to set CGIPassAuth on

Additional settings might be needed such as SetEnvIf Authorization “(.*)” HTTP_AUTHORIZATION=$1

and adding to rewriterule E=HTTP_AUTHORIZATION:%{HTTP:Authorization} and/orRewriteCond %{HTTP:Authorization} ^(.*)

Please see additional resources for more details.

Additional resources

Please note, the exact configuration you need depends on if you run php as CGI or module. More info in the attached links:

https://moodle.org/mod/forum/discuss.php?d=389429&parent=1597517

https://stackoverflow.com/questions/40494213/apache-destroying-authorization-header/47031629#47031629

https://www.webhostingforbeginners.net/fix-wordpress-rest-api-authentication-in-apache-bitnami/

Last updated