CampusNexus: A Role-Based Multi-College Campus Management System Using Spring Boot and React

Abstract

CampusNexus is a full-stack, web-based multi-college campus management system designed to unify academic administration across heterogeneous roles and institutions under a single, cohesive platform. Built on Spring Boot 4.0.3 with Java 17 and a React 18 frontend using Vite, the system implements a strict Role-Based Access Control (RBAC) model encompassing five primary roles: Campus Administrator, Principal, Head of Department (HOD), Professor, and Student. The platform integrates 88 RESTful API endpoints organized into seven domain-specific controllers, covering college lifecycle management, event management with Stripe payment integration, student submissions, academic broadcast, timetabling, club governance, seminar hall booking, teacher availability, and student progress tracking. Firebase Storage handles file upload operations while Firebase Cloud Messaging (FCM) enables push notifications. JWT-based stateless authentication with token invalidation ensures secure session management. Empirical evaluation on a local PostgreSQL deployment demonstrates sub-200 ms average API response time for single-user requests and graceful degradation up to 100 concurrent users.

Introduction

CampusNexus is a modern, API-driven campus management platform designed to handle the complexity of multi-college administration through a unified digital system. It addresses limitations in existing ERP solutions, which are often costly, monolithic, or lacking in real-time features, role depth, and integrated workflows.

The system introduces a strict five-tier role hierarchy (CAMPUS_ADMIN, PRINCIPAL, HOD, PROFESSOR, STUDENT) enforced using Spring Security and JWT-based authentication. It is built as a modular Spring Boot backend exposing 88 REST APIs, paired with a React 18 frontend that provides role-specific interfaces and optimized state management. Key integrations include Stripe for payments, Firebase for storage and push notifications, and a finite-state machine for structured club approval workflows.

Existing research highlights gaps in current campus systems, such as weak role hierarchies, lack of integrated payment systems, and fragmented communication tools. CampusNexus addresses these by offering a fully integrated, cloud-based, and open architecture solution.

The platform includes major modules such as college and department management, event and club governance, academic tracking, timetable scheduling, seminar hall booking, broadcast notifications, and submission management. Compared to systems like SAP SLM, Oracle PeopleSoft, Fedena, and OpenSIS, CampusNexus stands out for its multi-tenant design, deep RBAC structure, real-time notifications, payment integration, and extensive REST API coverage.

Conclusion

This paper presented CampusNexus, a full-stack multi-college campus management system that addresses six identified limitations of existing solutions: absence of deep role hierarchies, manual payment workflows, fragmented communication, unstructured club governance, limited progress visibility, and siloed file management. The system implements a five-tier RBAC model across 88 REST endpoints, integrates Stripe for event ticketing, Firebase for storage and push notifications, and JWT for stateless authentication with active token invalidation. Experimental results confirm 100% functional test coverage and sub-200 ms response times for up to 50 concurrent users on a commodity development machine. The mathematical model formalizes the RBAC permission mapping, JWT validity predicate, club FSM, and event capacity constraint—providing a rigorous foundation for security reasoning and future formal verification. Future work will address horizontal scaling using Kubernetes, a React Native mobile application, AI-driven timetable generation, an analytics dashboard for CAMPUS_ADMIN, and a formal security audit and penetration testing to validate the RBAC model.

References

[1] S. Alharbi and A. Yousefi, \"ERP Adoption in Saudi Arabian Universities: A Comparative Study,\" Journal of Education and Information Technology, vol. 28, no. 3, pp. 1145–1168, 2023. [2] L. Zhang, H. Wang, and Y. Liu, \"Cloud-Based Student Information System with JWT Authentication for Mobile Clients,\" IEEE Access, vol. 11, pp. 45612–45625, 2023. [3] R. Soni and A. Yadav, \"Design and Implementation of a College Management System using Spring MVC and MySQL,\" International Journal of Computer Applications, vol. 184, no. 22, pp. 1–6, 2022. [4] A. Kumar and P. Singh, \"Integrating Stripe Payment Gateway in Educational Platforms,\" in Proc. IEEE ICCS, pp. 234–240, 2022. [5] N. Patel, M. Shah, and D. Mehta, \"Firebase Realtime Database vs. Firestore for Educational Notifications,\" IJACSA, vol. 14, no. 1, pp. 512–519, 2023. [6] T. Nguyen and V. Le, \"React-Based SPAs in Academic Environments: A Survey of State Management Libraries,\" Journal of Web Engineering, vol. 21, no. 4, pp. 1001–1030, 2022. [7] B. Hossain and T. Islam, \"Role-Based Access Control in Web Applications: A Systematic Review,\" Computers & Security, vol. 118, article 102726, 2022. [8] M. Kaur and H. Singh, \"Comparative Analysis of Campus Management Systems,\" Journal of Emerging Technologies in Learning, vol. 17, no. 8, pp. 45–62, 2022. [9] R. Fielding, Architectural Styles and the Design of Network-based Software Architectures, PhD Thesis, UC Irvine, 2000. [10] P. Sandhu et al., \"Role-Based Access Control Models,\" IEEE Computer, vol. 29, no. 2, pp. 38–47, 1996. [11] O. Zimmermann, \"Microservices Tenets,\" Computer Science - Research and Development, vol. 32, no. 3, pp. 301–310, 2017. [12] Stripe, \"Stripe API Reference v1.\" [Online]. Available: https://stripe.com/docs/api. [Accessed: May 2026]. [13] Google Firebase, \"Firebase Cloud Messaging Overview.\" [Online]. Available: https://firebase.google.com/docs/cloud-messaging. [Accessed: May 2026]. [14] Spring Security Reference Documentation, \"Spring Security 6.x Reference.\" [Online]. Available: https://docs.spring.io/spring-security/reference/. [Accessed: May 2026]. [15] M. Jones, J. Bradley, and N. Sakimura, \"JSON Web Token (JWT),\" RFC 7519, IETF, May 2015.

Copyright

Copyright © 2026 Atharv Survase, Naik Siddhesh , Piyush Mahale, Gandharv Adsare, Ajit Karanjkar. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.