Skip to main content

Week 9

Milestones

  • Environment Setup and CAS Integration:

  • Set up a development environment that includes Sunbird-Learn User-Org Service and CAS security framework.

  • Integrate CAS into the Sunbird-Learn User-Org Service, ensuring seamless authentication and authorization.

  • Develop a sample Java web application representing a user-facing interface for testing.

  • User Registration and Login Flow:

  • Implement user registration and login functionality using CAS for authentication.

  • Ensure secure password handling and storage within the Sunbird-Learn User-Org Service.

  • Test the registration and login flow with various scenarios, including successful and failed login attempts.

  • Password Recovery and Security Features:

  • Implement password recovery mechanisms with CAS, including email-based password reset.

  • Conduct thorough testing of password recovery and security mechanisms.

  • Role-Based Access Control:

  • Implement role-based access control (RBAC) within the Sunbird-Learn User-Org Service using CAS attributes.

  • Define roles and permissions, and ensure proper authorization checks for different user roles.

  • Test RBAC scenarios to verify that users can access appropriate resources based on their roles.

  • Documentation and Integration Guidelines:

  • Document the integration process, including configuration details and code snippets.

  • Create guidelines for future developers or teams looking to integrate CAS with Sunbird-Learn or similar applications.

  • Prepare a comprehensive report summarizing the integration, lessons learned, and recommendations for further enhancements.

Screenshots / Videos

  • Apereo-CAS Security Library Architecture:

Apereo-CAS Security Library Architecture

  • Authentication Token Generation Service Testing using Postman:

Authentication Token-Generation Service Testing using Postman

Contributions

Learnings

  • Understood the intricacies of integrating CAS with a complex application like Sunbird-Learn, including dealing with single sign-on (SSO) configurations and attribute mapping.
  • Gained insights into best practices for user authentication, password management, and security features to protect user accounts effectively.
  • Learned how to implement role-based access control within an application and leverage CAS attributes for authorization.
  • Realized the importance of thorough documentation and knowledge sharing to ensure smooth collaboration among team members and future maintainers of the integration.