Hi,

I am developing a build block ( plugi-in ) that will be hooked in Black board.
In this plug-in, I am using BLITLauncher to launch and send info to the tool
provider. Now the issue is that the parameters are not as per requirement.
We need parameters value to be encrypted. And the encryption is to be done
by the secret key provided in the bb-manifest.xml file. Plus I wana send custom
parameters, I don't irrelevant data to be send.

The LTI specification does not include any options for the data being passed between the servers to be encrypted - the recommendation would be to use an https connection. I've not looked in detail at the Blackboard API for Basic LTI connections, but if it does not provide sufficient flexibility for your needs, adding your own code for implementing the launch process is not too complicated. For example, my Basic LTI Building Block (available from OSCELOT via http://www.spvsoftwareproducts.com/bb/basiclti/) signs the request using the following code (see bottom of lti_props.jsp file):

OAuthMessage oAuthMessage = new OAuthMessage("POST", toolURL, props.entrySet());
OAuthConsumer oAuthConsumer = new OAuthConsumer("about:blank", consumerKey, secret, null);
OAuthAccessor oAuthAccessor = new OAuthAccessor(oAuthConsumer);
List<Map.Entry<String, String>> params = null;
try {
oAuthMessage.addRequiredParameters(oAuthAccessor);
params = oAuthMessage.getParameters();
} catch (Exception e) {
}

Stephen

Thanks Stephen for your reply.

I am also a regular developer of building blocks and agree with Stephen. What you may be doing is following the LTI concept, but not the specification. One thing you might consider is to use LTI to send the data it normally does (assuming HTTPS is sufficient), even if some of this is not needed, and then include an additional custom parameters ("custom_???") for any extra or encrypted values. The closer you follow to the LTI specification, the less work is need by each LMS to support your integration.