1 / 25

CAS Update Jasig 2011

CAS Update Jasig 2011. Marvin Addison Susan Bramhall Andrew Petro Bill Thompson. CAS Server 3. 3.4 maintenance branch. 3.4.8 tagged, but 3.4.7 latest marketed GA release Bugfix releases LoginTicket restored to protocol compliance. Improve Services Management UI?. CAS 4

bolivar
Télécharger la présentation

CAS Update Jasig 2011

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CAS Update Jasig 2011 Marvin Addison Susan Bramhall Andrew Petro Bill Thompson

  2. CAS Server 3

  3. 3.4 maintenance branch 3.4.8 tagged, but 3.4.7 latest marketed GA release Bugfix releases LoginTicket restored to protocol compliance

  4. Improve Services Management UI?

  5. CAS 4 Goals, Design, and Features Marvin Addison Middleware Services Virginia Tech May 24, 2011

  6. CAS 4 Goals, Design, and Features Goals Multiprotocol support by design CAS protocols SAML 1.1 and SAML 2 OpenID Support important/emerging use cases User messaging (e.g. password expiration) Multi-factor authentication Federation Add extension points with richer APIs

  7. CAS 4 Goals, Design, and Features Change Hurts

  8. CAS 4 Goals, Design, and Features Component Name Changes

  9. CAS 4 Goals, Design, and Features Name Change Rationale Concise, accurate names clarify the API Names distill common features of all (planned) protocols Avoid overloading names (e.g. Ticket) Name implied but important concepts (e.g. Access)

  10. CAS 4 Goals, Design, and Features Richer Component Interfaces Core layers remain same Authentication Ticket (Session) management Service management Layers exchange *Request/*Response messages Factories help tame dependencies

  11. CAS 4 Goals, Design, and Features Login Example SWF CntrAuthSvc LoginRequest POST Credentials LoginResponse AuthenticationRequest AuthenticationResponse AuthenticationManager

  12. CAS 4 Goals, Design, and Features What Can We Do With It?

  13. CAS 4 Goals, Design, and Features Password Expiration Warnings Two key API components collaborate GeneralSecurityExceptionTranslator LoginResponse MicrosoftActiveDirectoryGeneralSecurityExceptionTranslator translates LDAP exception for password expired into CredentialExpiredException LoginResponse#getGeneralSecurityExceptions() available to view layer for user display

  14. CAS 4 Goals, Design, and Features Multifactor Authentication Key enablers are support for multiple credentials in LoginRequest and storage of multiple authn exeptions in LoginResponse The Map<Credential, GeneralSecurityException> is fundamentally important for SWF processing and user interaction Details of user interaction (e.g. how to upgrade existing credential) not well understood

  15. CAS 4 Goals, Design, and Features Work in Progress CAS 4 is undergoing active development We MUST get new APIs right Peer review and collaboration essential to success – is your use case covered? Feedback welcome on cas-dev@lists.jasig.org https://source.jasig.org/cas3/trunk

  16. Client Libraries

  17. CAS Clients – Official Acegi (Spring Security) CAS Client for Java 3.0/3.1 mod_auth_cas (Apache) PhpCAS .NET CAS Client (almost official...) Official Clients Generally being actively developed and maintained. Likely to get support on the cas-user list.

  18. CAS Clients – Unofficial .Net Http module ASP.NET Forms Authentication AuthCAS CAS + Seam Web Applications CASP Adds CAS Logic to an ASP.NET App CAS Proxying with ASP.Net Forms Authentication CherryPy CAS Client ColdFusion CAS Client Component ColdFusion client script Google Web Toolkit - GWT CAS Client jAPS 2.0 CAS Client mod_python auth module Perl Client Prado client Pycas Ruby on Rails CAS Client Seraph as CAS Client Soulwing CAS Client Soulwing Java CAS Client Symfony CAS Client VBScript Virginia Tech CAS Clients WebObjects Client https://wiki.jasig.org/display/CASC/Unofficial+CAS+Clients Unofficial Clients Essentially all of the clients people have let us know about, that may or may not be in active development anymore, and may solve a niche need. You should use these at your own risk. Many are excellent clients, but may no longer be supported any more. Others are purely theoretical examples of of how a client would function.

  19. CAS Clients – Incubating .NET CAS Client (almost official...) CASBar – Toolbar for Firefox 2 Official Clients Incubating Clients are new clients that are under development, and which may become official clients. They're up-and-coming clients that we're paying attention to, have petitioned the Steering Committee to become official clients, and often have active members on cas-user.

  20. CAS Clients – Legacy Yale CAS Client Apache Module PAM PL/SQL Legacy Clients In many cases, no longer actively developed, but still function quite well (i.e. the PAM module). In other cases, they've been superseded by newer clients (i.e. The Jasig CAS Client for Java). You will still find many people on cas-user who are familiar with these modules, but many have migrated to the newer code.

  21. CAS Clients – CASifying Apps Apache OFBiz Joomla 1.5 OpenCms OpenReports SharePoint & ASP.NET Web Sites WebAdvisor Confluence as CAS Client EZPublish Fisheye and Crucible Oracle Calendar web client with mod_cas Oracle Portal Oracle 11i applications qmail-ldap+webmail Mediawiki (with phpCAS) Outlook Web Access 2 PeopleSoft phpBB3 (phpBB v3) phpGroupware Sakai Sun Identity Manager Tomcat Manager Roller weblogger Tomcat uPortal Client WordPress Client Zimbra Zope client https://wiki.jasig.org/display/CASC/CASifying+Applications CASifying Apps Describes some unofficial instructions, many contributed by users, on how to CASify particular applications.

  22. CAS Clients – CASified Apps uPortal Mantis pNews Sympa TikiWiki Mule Claroline Moodle Liferay Portal ILIAS Learning Management Chamilo Simply Voting BlueSocket https://wiki.jasig.org/display/CASC/CASifying+Applications CASified Apps Project / Vendor maintained CAS integration. Works out-out-of-the-box!

  23. Documentation

  24. Your feedback / Discussion / Questions

  25. CAS 4 Goals, Design, and Features Questions

More Related