About This Architecture

RMS Proctoring App implements a multi-tier authentication architecture on OCI with WAF, CDN, and Load Balancer protecting candidate and admin browsers. The Auth Layer uses an Identity Provider, JWT Token Service, RBAC Policy Engine, and Session Inheritance Handler to enforce role-based access for Proctor, Reviewer, and Admin user groups. The Application Tier runs Spring Boot backend APIs (Proctoring Service, Review Service, Notification Service) secured by JWT Auth Filter, while the Data Tier persists user sessions in RDS, proctoring events in NoSQL, images in Object Storage, and tokens in Redis cache. This architecture demonstrates zero-trust authentication with session inheritance, audit logging, and observability across candidate and admin workflows. Fork and customize this diagram on Diagrams.so to adapt the auth flow, add additional IdP providers, or modify RBAC policies for your exam platform requirements.

People also ask

How do you implement secure authentication and role-based access control for a multi-user proctoring platform on OCI?

The RMS Proctoring App architecture uses an Identity Provider and JWT Token Service to authenticate candidates and admins, with a RBAC Policy Engine enforcing role-based access for Proctor, Reviewer, and Admin groups. Session Inheritance Handler manages token refresh and user group assignments, while Spring Boot APIs are protected by JWT Auth Filter and audit logging tracks all access events.