Detailed Design
Evaluation PlanAppendix
Project Proposal .doc
Data Model .xls
Project Plan .mpp
FileMaker Pro Data .xls
Client Interviews .doc
Princeton Interview .doc
the iars-bears project
Authentication refers to the process by which one party determines the identity of another. Our system uses an established authentication system called CalNet that is managed by UC Berkeley. The CalNet authentication system follows the Kerberos model, implementing a Trusted Third Party model. In this model, the trusted central repository houses all the users' information, and without having to host a separate database of users, can authenticate the identity of the users against the CalNet services. This ensures that the CalStARS application can trust that the students who are logging in are truly who they claim to be.
The implementation of the system requires deployment of a specific package and exact steps. The CalNet Authentication Service also offers a more secure setup that encompasses most of the CalStARS user population. However, this process requires a much more secure setup than the system can accommodate at this point. Furthermore, due to FERPA requirements, the application cannot house some personal information such as student or employee identification numbers or social security numbers.
Since the system only needs to handle an exclusive team of administrators, the system uses a minimal authentication process to verify administrative staff. The user information is only verified against the database of self-registered users, and the only requirements are to have an email address and a password. It is highly recommended that a super administrator review the administrative roster periodically.
Some additional steps that can be implemented to enhance the authentication process include notifying the super administrator once a new user is established. This will allow the super administrator to verify the new user and assign the appropriate access level. Also, if the user forgets his/her password, the password can be sent to his/her corresponding email address, adding an extra layer of security.
An even more advanced method of authentication for the administrators would involve using the CalNet Authentication Service to log in to the system. Once the security of the system has been upgraded and the security requirements are met, the system could obtain all of the essential identifying information from CalNet and would no longer require any further input by the user.
The application will use sessions because they are accepted as one of the most secure and stable methods of maintaining user activity status in Internet technology. After users have been authenticated and routed to the system, sessions are set that can be checked throughout the navigation of the web presentation.
One of the key session attributes is user access level which controls the user's access throughout the system. This session value limits a student-athlete's view to his/her own section of the application. It also allows administrators to navigate throughout the application including the student-athlete section.
Additionally, the session access level is checked on every load of a page. If the viewer does not have a valid session, he or she will be redirected to the index page to initiate the login process. It is imperative that the exact assignments of this code block not be removed. Due to the nature of JSP, the exact placement of the code serves specific purposes. Finally, when a user chooses to exit the system, he/she can "logout", which terminates the entire session.
Forms collect information about a student-athlete. There are 2 types of forms: 1) Input Forms which require student-athletes to enter various types of information and 2) Signature Forms which require student-athletes to sign a form to indicate agreement with and acceptance of the contents of a form.
| Form | Type | Description |
|---|---|---|
| saPermanentInfo.jsp | Input | Permanent information including address, parents, guardian, sport (yellow form 1st page). |
| saEducation.jsp | Input | High school, UC, college attendance and transfer information (yellow form 1st page). |
| saCompensation.jsp | Input | Compensation received by student for professional sports, education expenses, commercial advertising, cash prizes, competition (yellow form 2nd page). |
| saHousing.jsp | Input | Housing information (peach form). |
| saVehicle.jsp | Input | Vehicle information (peach form). |
| saFinancialAid.jsp | Input | Recruitment status, athletic and university scholarships, government aid (gold form 1st page). |
| saEmployment.jsp | Input | Summer or academic employment (gold form 2nd page). |
| saConfirmation.jsp | Signature | Signature page for all forms of type Input. |
| saCalDrugTestConsent.jsp | Signature | Cal consent for drug testing (purple form). |
| saNCAADrugTestConsent.jsp | Signature | NCAA consent for drug testing (green form). |
| saNCAADrugTestResults.jsp | Signature | NCAA drug test results (blue form page 4). |
| saNCAAEligibility.jsp | Signature | NCAA statement of eligibility (blue form page 1). |
| saNCAAFreshmanAffirm.jsp | Signature | NCAA incoming freshman affirmation of valid ACT or SAT score (blue form page 4). |
Reports provide administrators with aggregated views of student-athlete data.
| Report | Description |
|---|---|
| rptSubmissionStatus.jsp | Provides a list of students within a specific sport. For each student Indicates whether a form is submitted |
| rptRecruitVerification.jsp | Provides a list of students whose recruitment status has not yet been verified by an administrator. |
| rptRecruitScholarship.jsp | Provides a list of students with their respective recruitment and scholarship status. |
Support pages provide support functionality for forms. Some provide login, registration, authentication, and password recall support. Others encapsulate header and footer information that is reused throughout all forms.
| Page | Description |
|---|---|
| index.htm | Provides option to authenticate as a student-athlete or administrator. |
| admLogin.jsp | Authenticates administrator and sets session information. |
| admForgot.jsp | Allows administrator to retrieve a forgotten password. |
| admRegister.jsp | Allows administrator to register as a user. |
| admHome.jsp | Allows administrator to generate reports or view student forms. |
| saLoggedIn.jsp | Page that redirects from CalNet authentication and sets session information. |
| saHome.jsp | Allows student-athlete to navigate to different Forms following successful authentication. Also indicates the submission status of each form. |
| saHeader.jsp | Encapsulates header information for all Input Forms. |
| saFooter.jsp | Encapsulates footer information for all Input Forms. |
| saSignHeader.jsp | Encapsulates header information for all Signature Forms. |
| saSignFooter.jsp | Encapsulates footer information for all Signature Forms. |
Stylesheets provide formatting options for Input Forms and Support Pages.
| Stylesheet | Description |
|---|---|
| formLayout.css | Specifies layout for Input and Signature forms. |
| homeLayout.css | Specifies layout for Home pages. |
| indexLayout.css | Specifies layout for admin Support Pages. |
JavaBeans are invoked by Forms and Support Pages to retrieve data from and save data to the database. Each JavaBean has get and set methods to get and set values for the JavaBean. Each JavaBean also has a retrieve method to load the JavaBean with data from the database and a save method to store data from the JavaBean to the database.
| JavaBean | Description | Used By |
|---|---|---|
| Student.java | Processes permanent information. | admHome.jsp
saCalDrugTestConsent.jsp saCompensation.jsp saConfirmation.jsp saEducation.jsp saEmployment.jsp saFinancialAid.jsp saHome.jsp saHousing.jsp saNCAABuckley.jsp saNCAADrugTestConsent.jsp saNCAADrugTestResults.jsp saNCAAEligibility.jsp saNCAAFreshmanAffirm.jsp saPermanentInfo.jsp saVehicle.jsp rptSubmissionStatus.jsp rptRecruitVerification.jsp rptRecruitScholarship.jsp |
| Education.java | Processes education information. | saEducation.jsp |
| Compensation.java | Processes compensation information. | saCompensation.jsp |
| Housing.java | Processes housing information. | saHousing.jsp |
| Vehicle.java | Processes vehicle information. | saVehicle.jsp |
| FinancialAid.java | Processes financial aid information. | saFinancialAid.jsp
rptRecruitVerification.jsp rptRecruitScholarship.jsp |
| Employment.java | Processes employment information. | saEmployment.jsp |
| StudentSport.java | Processes relationship between student and his/her respective sport(s). | saCalDrugTestConsent.jsp
saCompensation.jsp saConfirmation.jsp saEducation.jsp saEmployment.jsp saFinancialAid.jsp saHome.jsp saHousing.jsp saNCAABuckley.jsp saNCAADrugTestConsent.jsp saNCAADrugTestResults.jsp saNCAAEligibility.jsp saNCAAFreshmanAffirm.jsp saPermanentInfo.jsp saVehicle.jsp |
| StudentForm.java | Processes relationship between student and his/her respective Input or Signature Forms. | saCalDrugTestConsent.jsp
saCompensation.jsp saConfirmation.jsp saEducation.jsp saEmployment.jsp saFinancialAid.jsp saHome.jsp saHousing.jsp saNCAABuckley.jsp saNCAADrugTestConsent.jsp saNCAADrugTestResults.jsp saNCAAEligibility.jsp saNCAAFreshmanAffirm.jsp saPermanentInfo.jsp saVehicle.jsp rptSubmissionStatus.jsp |
| SchoolYear.java | Processes school year information. | admHome.jsp
admLogin.jsp saLoggedIn.jsp |
| Authorization.java | Assigns administrator access level. | admLogin.jsp |
| StudentList.java | Retrieves a list of students belonging to a specific sport. | admHome.jsp
rptSubmissionStatus.jsp rptRecruitVerification.jsp rptRecruitScholarship.jsp |
| SportList.java | Retrieves the list of sports. | admHome.jsp
saPermanentInfo.jsp |
| SchoolYearList.java | Retrieves a list of school years with data available for retrieval. | admHome.jsp |
Data correspond to all student-athlete information entered and saved via the Input and Signature forms.
| Table | Description | Used By |
|---|---|---|
| Authorization | Data about the administrator used to perform authentication and assign access level. | Authorization.java |
| Compensation | Compensation received by student for professional sports, education expenses, commercial advertising, cash prizes, competition. | Compensation.java |
| Student | Permanent information including address, parents, and guardian. | Student.java
StudentList.java |
| Education | High school, UC, and college attendance. | Education.java |
| Scholarship | Scholarships from Cal and other sources. | FinancialAid.java |
| Housing | Housing information. | Housing.java |
| Vehicle | Vehicle information. | Vehicle.java |
| FinancialAid | Recruitment status, athletic and government aid. | FinancialAid.java |
| Employment | Summer or academic employment. | Employment.java |
| TransferHistory | Transfer information. | Education.java |
| Sport | List of sports. | SportList.java
StudentList.java StudentSport.java |
| SchoolYear | List of school years. | SchoolYear.java
SchoolYearList.java |
| Form | List of forms. | StudentForm.java |
| StudentForm | Associates students to submitted forms. | StudentForm.java |
| StudentSport | Associates students to their respective sports. | StudentList.java
StudentSport.java |
Detailed Design
Evaluation PlanAppendix
Project Proposal .doc
Data Model .xls
Project Plan .mpp
FileMaker Pro Data .xls
Client Interviews .doc
Princeton Interview .doc