Week 9

Milestones

• ☑ Environment Setup and CAS Integration:

• → Set up a development environment that includes Sunbird-Learn User-Org Service and CAS security framework.

• → Integrate CAS into the Sunbird-Learn User-Org Service, ensuring seamless authentication and authorization.

• → Develop a sample Java web application representing a user-facing interface for testing.

• ☑ User Registration and Login Flow:

• → Implement user registration and login functionality using CAS for authentication.

• → Ensure secure password handling and storage within the Sunbird-Learn User-Org Service.

• → Test the registration and login flow with various scenarios, including successful and failed login attempts.

• ☑ Password Recovery and Security Features:

• → Implement password recovery mechanisms with CAS, including email-based password reset.

• → Conduct thorough testing of password recovery and security mechanisms.

• ☑ Role-Based Access Control:

• → Implement role-based access control (RBAC) within the Sunbird-Learn User-Org Service using CAS attributes.

• → Define roles and permissions, and ensure proper authorization checks for different user roles.

• → Test RBAC scenarios to verify that users can access appropriate resources based on their roles.

• ☑ Documentation and Integration Guidelines:

• → Document the integration process, including configuration details and code snippets.

• → Create guidelines for future developers or teams looking to integrate CAS with Sunbird-Learn or similar applications.

• → Prepare a comprehensive report summarizing the integration, lessons learned, and recommendations for further enhancements.

Screenshots / Videos

• Apereo-CAS Security Library Architecture:

• Authentication Token Generation Service Testing using Postman:

Contributions

• Spring Boot JWT-based Authentication
• → The repository is dedicated to a authentication token generation service, which was presented as a working demo during the endpoint evaluation.
• → Repository Link: https://github.com/sanbit876/Spring_Boot_JWT-based-Authentication

Learnings

• Understood the intricacies of integrating CAS with a complex application like Sunbird-Learn, including dealing with single sign-on (SSO) configurations and attribute mapping.
• Gained insights into best practices for user authentication, password management, and security features to protect user accounts effectively.
• Learned how to implement role-based access control within an application and leverage CAS attributes for authorization.
• Realized the importance of thorough documentation and knowledge sharing to ensure smooth collaboration among team members and future maintainers of the integration.