Hello Ben, I am also interested in the login by badge mechanism, I am exploring if this feature would help SEN students easier access.
It is true that the major issue with your implementation is the security concern, making it a CAS module definitely helps with the security concern. Another implementation issue would be how the QR code generating mechanism be implemented, since the QR code that need to be distributed to the SEN students need to be generated somewhere. Cheers! Andy On Wednesday, 9 December 2020 at 11:33:43 UTC+8 bwin...@philasd.org wrote: > Hi Lam, > > Thanks for replying! The way we have it working, and how we've envisioned > the module working thus far, follows this basic flow: > > 1. Johnny Student is in Kindergarten. His teacher has given him a QR code > that he can use to log in, instead of typing in his username and password. > 2. When Johnny logs in, instead of typing in his credentials, he clicks a > button that says something like "QR Login". > 3. His webcam turns on, and he holds his QR code in front of the camera. > 4. The webcam reads and interprets the QR code, and sends the information > to the server for decryption. > 5. The credentials are decrypted, and are posted to the login process as > if they had been typed in directly. > 6. Johnny Student is logged in! > > For the Proof of Concept, we were able to insert some simple Javascript > into the main login page to turn on the camera and read the QR code, and > stood up a separate service to decrypt the results and send back the > credentials in plain text. Obviously, there are security concerns with this > (along with logistical concerns), so my hope is to build it as a CAS module > to alleviate these (and make it available for the community!). > > One of our big goals was to bring this ease of use (QR logins) without any > underlying change to how credentials are stored (or what needs to be > stored). To do this, the QR code itself is just a representation of the > user's encrypted login credentials. Because it's not it's own dedicated way > of logging in, only piggy-backing off the already existing credentials, it > should work with any underlying credential storage mechanism. > > I feel like I'm not explaining it as well as I could, and I'd be happy to > put together a little screencast showing how it works if that would be > helpful! > > Ben > > ------------------------------ > *From: *"Nguyen Tran Thanh Lam" <naphalu...@gmail.com> > *To: *"CAS Community" <cas-...@apereo.org> > *Sent: *Tuesday, December 8, 2020 8:33:36 PM > *Subject: *Re: [cas-user] Potential Feature: QR Code as a Login "Badge" > > WARNING: This message originated from outside the School District of > Philadelphia. > DO NOT CLICK links or open attachments unless you recognize the sender > and are expecting the email. > Hi Ben, > QR code is good way to replace typing password by keyboard. > If you can, please share how to integrated CAS and QR code. > In future, I think Facial recognition integrated with CAS should be > considered. > Thank you. > Lam > > Vào Th 4, 9 thg 12, 2020 vào lúc 03:55 Benjamin Winston < > bwin...@philasd.org> đã viết: > >> Hi all! >> >> My name is Ben Winston, and I'm a developer at the School District of >> Philadelphia. We've been happy CAS users for a few years now, and we're >> always looking for new ways to improve the login process for our students. >> >> We've been experimenting with a new login methodology targeted towards >> students who do not have the ability to type in their credentials on a >> typical login form. Instead of using a keyboard, these students will be >> able to present a QR Code (containing their encrypted credentials), which >> is scanned by their device's webcam and automatically logs them in. The >> process is similar in concept to gaining access to a locked room with an >> RFID badge. We have implemented a Proof of Concept for this methodology as >> a separate service that exists alongside our CAS deployment, and we are >> exploring the possibility of writing a module for CAS to bring this >> functionality to the community at large. >> >> What I'm wondering is: is this a feature that would be of interest to the >> community? I would love to hear any feedback you have on this idea, and >> whether you would make use of this feature if it were available. As I >> mentioned, our target user base for this feature would be primarily users >> who have particular difficulty logging in with a typical login form (such >> as young students or students with an IEP), so this may be more interesting >> for K12 school districts than higher ed. I'm also happy to give a demo of >> what we have working if anyone is interested. >> >> Hope you're all staying safe! >> >> Ben >> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to cas-user+u...@apereo.org. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/66efabe7-967a-4d64-9465-b8e360da414fn%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/66efabe7-967a-4d64-9465-b8e360da414fn%40apereo.org?utm_medium=email&utm_source=footer> >> . >> > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to a topic in the > Google Groups "CAS Community" group. > To unsubscribe from this topic, visit > https://groups.google.com/a/apereo.org/d/topic/cas-user/ivJeX8I1l6I/unsubscribe > . > To unsubscribe from this group and all its topics, send an email to > cas-user+u...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAEjUsAjAn4Pd0sj7AJhS4g2VXTipVsTkbw5uZo7wa3ps1XO4xw%40mail.gmail.com > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAEjUsAjAn4Pd0sj7AJhS4g2VXTipVsTkbw5uZo7wa3ps1XO4xw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/0359d0d1-b66b-4567-9559-a47bd5ceb932n%40apereo.org.
