SlideShare a Scribd company logo

Latest CAS News 2014

Misagh Moayyed
Misagh Moayyed

This document summarizes a presentation about the latest releases of the Central Authentication Service (CAS). The presentation covers CAS versions 3.4, 3.5, and 4, new security releases, addons and clients, and integrating CAS with Shibboleth. It also introduces the presenter, Misagh Moayyed, and his company Unicon's support for open source CAS projects.

SoftwareTechnologyEducation
1 of 33
Download to read offline
Open Apereo - June 1-4 2014 The Latest about the Central Authentication Service Misagh Moayyed mmoayyed@unicon.net
 Introduction  CAS 3.4/3.5 Security Releases  CAS 4  CAS Addons  CAS Clients  CAS and Shibboleth  Questions and Discussion Open Apereo - June 1-4 2014
This session will summarize the achievements in the latest available Central Authentication Service server product and client library releases and available plugins and enhancements in the community around CAS. Open Apereo - June 1-4 2014
 Sunday: ◦ CAS & Shibboleth for Enterprise WebSSO  Monday: ◦ Latest about the Central Authentication Service ◦ To CAS 3 and beyond: The story of a CAS upgrade  Tuesday: ◦ A tale of two factors: 2FA authentication with CAS ◦ How to CASify PeopleSoft; Integrating CAS and ADFS  Wednesday: ◦ Creating a Customizable Dynamic CAS Theme ◦ CAS implementation at Oakland University Open Apereo - June 1-4 2014
 CAS Committer and PMC member  3 years with Unicon; 5 years with JasigApereo  Technical lead for Unicon’s Open Source Support for CAS Open Apereo - June 1-4 2014 https://twitter.com/misagh84 https://github.com/mmoayyed mmoayyed@unicon.net
 Support, services, training, managed services and custom projects on and around enterprise open source in and around higher education  Identity and Access Management team working with CAS, Shibboleth, Grouper, OpenRegistry, …  Open Source Support for CAS, Shibboleth, Grouper, Sakai, uPortal, uMobile, SSP, … Open Apereo - June 1-4 2014
 Free and open source enterprise single sign-on for the web  Open well-documented protocol  Java server software; plethora of client libraries Open Apereo - June 1-4 2014
Open Apereo - June 1-4 2014
Open Apereo - June 1-4 2014  Recommended method to deploy CAS  Local source control (Git? GitHub?) with only your custom CAS recipe (in pom.xml) and your customizations and configuration  Maven overlay builds this on top of specified CAS server version  https://github.com/Unicon/unicon-cas-overlay
Open Apereo - June 1-4 2014
Open Apereo - June 1-4 2014 CAS Security Releases
 Backward-compatible security releases: v3.5.2.1 and v3.4.12.1  Patch for SAML 2/Google Accounts integration components  You SHOULD upgrade immediately, if you have enabled Google Apps support for CAS Open Apereo - June 1-4 2014
Open Apereo - June 1-4 2014 CAS4
 Current stable major release  Improvements include: ◦ CAS protocol v3 release ◦ Build/Documentation improvements ◦ Greater modularity ◦ Redesigned authentication APIs ◦ Many more…  The release is NOT backward-compatible with 3.5.x! Open Apereo - June 1-4 2014
 First commit on Feb 26th 2013  4 RCs; GA release on May 7th 2014  165 resolved JIRA issues  181 closed pull requests  900 git commits  7 committers; 17 contributors Open Apereo - June 1-4 2014
 New: ◦ User attributes in ticket validation response ◦ Strengthen proxy callback failure response ◦ authenticationDate, memberOf, isFromNewLogin attributes  Improved: ◦ Inclusion of Single Logout ◦ Inclusion of /samlValidate endpoint ◦ Compliant with common community practices Open Apereo - June 1-4 2014
Open Apereo - June 1-4 2014
 Build and Deployment ◦ Using Travis CI for internal builds ◦ Auto-deployment of Javadocs and reports ◦ Maven WAR Overlay for deployments  Documentation ◦ GitHub Pages site: http://jasig.github.io/cas/  Demos on Heroku ◦ CAS WebApp: https://jasigcas.herokuapp.com ◦ Mgmt Webapp: https://jasigcasmgmt.herokuapp.com Open Apereo - June 1-4 2014
 New AuthN API to support MFA  New /p3/serviceValidate endpoint for user attributes  New submodules for SAML, Management, OAuth, …  Dependency upgrades  LDAP AuthN and Password Policy improvements  User Attribute Filters  Front-channel Logout  Disallow Empty Service Registry  English as Default Locale  JS File in Themes  Language Bundle updates  Default Proxy AuthN set to Off  Many more… Open Apereo - June 1-4 2014
Open Apereo - June 1-4 2014  “uid != password”  The default credentials are: casuser/Mellon
Open Apereo - June 1-4 2014  Pick a latest version (4.0.0)  Add your skin/brand  Add your configuration ◦ How do users authenticate? ◦ Where do user attributes come from? ◦ Which applications are allowed to use CAS?  Build, test, deploy
 CAS v4.1: Discussion ongoing ◦ 20+ JIRAs already resolved! ◦ Join the @cas-dev mailing list  CAS AppSec Working Group: ◦ https://wiki.jasig.org/display/CAS/CAS+App Sec+Working+Group  New Committer: Robert Oschwald Open Apereo - June 1-4 2014
Open Apereo - June 1-4 2014 CAS Addons
Open Apereo - June 1-4 2014  Free, open source extensions for CAS  Latest stable release: v1.11.1  Include in Maven Overlays:  Available at: https://github.com/Unicon/cas-addons
Open Apereo - June 1-4 2014  Compatible with CAS v3.5.2.1  HazelcastTicketRegistry  ReadWriteJsonServiceRegistryDao  v2.x in development; support for CAS4  See more at: ◦ https://github.com/Unicon/cas-addons/wiki
Open Apereo - June 1-4 2014 CAS Clients
 Features include: ◦ URL exclusion patterns for the AuthN filter ◦ Support for default ports in service URLs ◦ Return AuthN instant from SAML response ◦ Disallow misconfiguration of forced AuthN ◦ Disallow empty proxy chains for ClearPass  v3.4.0 is in development Open Apereo - June 1-4 2014
 CAS client for Play 2.x framework: ◦ https://github.com/leleuj/play-pac4j ◦ Support for CAS, OAuth, OpenId, HTTP, SAML  CAS support for Ratpack toolkit: ◦ https://github.com/ratpack/ratpack/tree/master/r atpack-pac4j Open Apereo - June 1-4 2014
Open Apereo - June 1-4 2014 CAS and Shibboleth
 CAS AuthN plugin for Shibboleth IdP  Custom CasLoginHandler  Externalized configuration file  Easier to deploy and configure ◦ No session sharing requirement!  Available at: https://github.com/Unicon/shib-cas-authn2 Open Apereo - June 1-4 2014
 Shibboleth IdP v2.4.0 Installer: ◦ Preconfigured with Shib-CAS AuthN v2 ◦ Preconfigured with InCommon Metadata ◦ Preconfigured with TestShib’s SP Metadata  Available at: https://github.com/Unicon/unicon- shibboleth-idp-template Open Apereo - June 1-4 2014
 If you don’t have SSO: ◦ Implement CAS4; available today  If you have CAS: ◦ Upgrade your Maven overlays  If you have Shibboleth: ◦ Integrate using the shib-cas-authn2 module  If you need help: ◦ Unicon OSS program: http://www.unicon.net/support Open Apereo - June 1-4 2014
Open Apereo - June 1-4 2014 https://twitter.com/misagh84 https://github.com/mmoayyed mmoayyed@unicon.net

Recommended

Central Authentication Service
Central Authentication ServiceCentral Authentication Service
Central Authentication Serviceizzln
 
Clustering Multiple Instances in Cold Fusion
Clustering Multiple Instances in Cold FusionClustering Multiple Instances in Cold Fusion
Clustering Multiple Instances in Cold FusionMindfire Solutions
 
Winning the Lottery with Spring: A Microservices Case Study for the Dutch Lot...
Winning the Lottery with Spring: A Microservices Case Study for the Dutch Lot...Winning the Lottery with Spring: A Microservices Case Study for the Dutch Lot...
Winning the Lottery with Spring: A Microservices Case Study for the Dutch Lot...VMware Tanzu
 
Intro to the Alfresco Public API
Intro to the Alfresco Public APIIntro to the Alfresco Public API
Intro to the Alfresco Public APIJeff Potts
 
OWIN (Open Web Interface for .NET)
OWIN (Open Web Interface for .NET)OWIN (Open Web Interface for .NET)
OWIN (Open Web Interface for .NET)Folio3 Software
 
Building microservices sample application
Building microservices sample applicationBuilding microservices sample application
Building microservices sample applicationAnil Allewar
 
Testing Microservices
Testing MicroservicesTesting Microservices
Testing MicroservicesAnil Allewar
 
ASP.NET: Present and future
ASP.NET: Present and futureASP.NET: Present and future
ASP.NET: Present and futureHrvoje Hudoletnjak
 

Recommended

Central Authentication Service
Central Authentication ServiceCentral Authentication Service
Central Authentication Serviceizzln
 
Clustering Multiple Instances in Cold Fusion
Clustering Multiple Instances in Cold FusionClustering Multiple Instances in Cold Fusion
Clustering Multiple Instances in Cold FusionMindfire Solutions
 
Winning the Lottery with Spring: A Microservices Case Study for the Dutch Lot...
Winning the Lottery with Spring: A Microservices Case Study for the Dutch Lot...Winning the Lottery with Spring: A Microservices Case Study for the Dutch Lot...
Winning the Lottery with Spring: A Microservices Case Study for the Dutch Lot...VMware Tanzu
 
Intro to the Alfresco Public API
Intro to the Alfresco Public APIIntro to the Alfresco Public API
Intro to the Alfresco Public APIJeff Potts
 
OWIN (Open Web Interface for .NET)
OWIN (Open Web Interface for .NET)OWIN (Open Web Interface for .NET)
OWIN (Open Web Interface for .NET)Folio3 Software
 
Building microservices sample application
Building microservices sample applicationBuilding microservices sample application
Building microservices sample applicationAnil Allewar
 
Testing Microservices
Testing MicroservicesTesting Microservices
Testing MicroservicesAnil Allewar
 
ASP.NET: Present and future
ASP.NET: Present and futureASP.NET: Present and future
ASP.NET: Present and futureHrvoje Hudoletnjak
 
Web api
Web apiWeb api
Web apiSudhakar Sharma
 
Hidden Gems in ColdFusion 2016
Hidden Gems in ColdFusion 2016Hidden Gems in ColdFusion 2016
Hidden Gems in ColdFusion 2016ColdFusionConference
 
Become a Security Rockstar with ColdFusion 2016
Become a Security Rockstar with ColdFusion 2016Become a Security Rockstar with ColdFusion 2016
Become a Security Rockstar with ColdFusion 2016ColdFusionConference
 
Java Microservices with Spring Boot and Spring Cloud - Denver JUG 2019
Java Microservices with Spring Boot and Spring Cloud - Denver JUG 2019Java Microservices with Spring Boot and Spring Cloud - Denver JUG 2019
Java Microservices with Spring Boot and Spring Cloud - Denver JUG 2019Matt Raible
 
DEV208 - ASP.NET MVC 5 新功能探索
DEV208 - ASP.NET MVC 5 新功能探索DEV208 - ASP.NET MVC 5 新功能探索
DEV208 - ASP.NET MVC 5 新功能探索Will Huang
 
Mini-Training Owin Katana
Mini-Training Owin KatanaMini-Training Owin Katana
Mini-Training Owin KatanaBetclic Everest Group Tech Team
 
Cloud Foundry: Hands-on Deployment Workshop
Cloud Foundry: Hands-on Deployment WorkshopCloud Foundry: Hands-on Deployment Workshop
Cloud Foundry: Hands-on Deployment WorkshopManuel Garcia
 
Alfresco 5.0 Technology Review
Alfresco 5.0 Technology ReviewAlfresco 5.0 Technology Review
Alfresco 5.0 Technology ReviewZia Consulting
 
Hosting a website on IIS Server
Hosting a website on IIS ServerHosting a website on IIS Server
Hosting a website on IIS ServerDinesh Vasamshetty
 
Asec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwnedAsec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwnedDinis Cruz
 
C# ASP.NET WEB API APPLICATION DEVELOPMENT
C# ASP.NET WEB API APPLICATION DEVELOPMENTC# ASP.NET WEB API APPLICATION DEVELOPMENT
C# ASP.NET WEB API APPLICATION DEVELOPMENTDr. Awase Khirni Syed
 
Test first
Test firstTest first
Test firstRyan Riley
 
Single page apps_with_cf_and_angular[1]
Single page apps_with_cf_and_angular[1]Single page apps_with_cf_and_angular[1]
Single page apps_with_cf_and_angular[1]ColdFusionConference
 
Managing an OSGi Framework with Apache Felix Web Console
Managing an OSGi Framework with Apache Felix Web ConsoleManaging an OSGi Framework with Apache Felix Web Console
Managing an OSGi Framework with Apache Felix Web ConsoleFelix Meschberger
 
Build sites on iis
Build sites on iisBuild sites on iis
Build sites on iisPaul Davis
 
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016Chris Gates
 
Is Drupal secure?
Is Drupal secure?Is Drupal secure?
Is Drupal secure?Four Kitchens
 
Vaadin NYC Meetup
Vaadin NYC MeetupVaadin NYC Meetup
Vaadin NYC MeetupMarcus Hellberg
 
Microservices - java ee vs spring boot and spring cloud
Microservices - java ee vs spring boot and spring cloudMicroservices - java ee vs spring boot and spring cloud
Microservices - java ee vs spring boot and spring cloudBen Wilcock
 
Vaadin 7 by Joonas Lehtinen
Vaadin 7 by Joonas LehtinenVaadin 7 by Joonas Lehtinen
Vaadin 7 by Joonas LehtinenCodemotion
 
What's next for Apereo?
What's next for Apereo?What's next for Apereo?
What's next for Apereo?Ian Dolphin
 
Japan Sakai Conference Presentation - March 2011
Japan Sakai Conference Presentation - March 2011Japan Sakai Conference Presentation - March 2011
Japan Sakai Conference Presentation - March 2011Ian Dolphin
 

More Related Content

What's hot

Become a Security Rockstar with ColdFusion 2016
Become a Security Rockstar with ColdFusion 2016Become a Security Rockstar with ColdFusion 2016
Become a Security Rockstar with ColdFusion 2016ColdFusionConference
 
Java Microservices with Spring Boot and Spring Cloud - Denver JUG 2019
Java Microservices with Spring Boot and Spring Cloud - Denver JUG 2019Java Microservices with Spring Boot and Spring Cloud - Denver JUG 2019
Java Microservices with Spring Boot and Spring Cloud - Denver JUG 2019Matt Raible
 
DEV208 - ASP.NET MVC 5 新功能探索
DEV208 - ASP.NET MVC 5 新功能探索DEV208 - ASP.NET MVC 5 新功能探索
DEV208 - ASP.NET MVC 5 新功能探索Will Huang
 
Cloud Foundry: Hands-on Deployment Workshop
Cloud Foundry: Hands-on Deployment WorkshopCloud Foundry: Hands-on Deployment Workshop
Cloud Foundry: Hands-on Deployment WorkshopManuel Garcia
 
Alfresco 5.0 Technology Review
Alfresco 5.0 Technology ReviewAlfresco 5.0 Technology Review
Alfresco 5.0 Technology ReviewZia Consulting
 
Hosting a website on IIS Server
Hosting a website on IIS ServerHosting a website on IIS Server
Hosting a website on IIS ServerDinesh Vasamshetty
 
Asec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwnedAsec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwnedDinis Cruz
 
C# ASP.NET WEB API APPLICATION DEVELOPMENT
C# ASP.NET WEB API APPLICATION DEVELOPMENTC# ASP.NET WEB API APPLICATION DEVELOPMENT
C# ASP.NET WEB API APPLICATION DEVELOPMENTDr. Awase Khirni Syed
 
Single page apps_with_cf_and_angular[1]
Single page apps_with_cf_and_angular[1]Single page apps_with_cf_and_angular[1]
Single page apps_with_cf_and_angular[1]ColdFusionConference
 
Managing an OSGi Framework with Apache Felix Web Console
Managing an OSGi Framework with Apache Felix Web ConsoleManaging an OSGi Framework with Apache Felix Web Console
Managing an OSGi Framework with Apache Felix Web ConsoleFelix Meschberger
 
Build sites on iis
Build sites on iisBuild sites on iis
Build sites on iisPaul Davis
 
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016Chris Gates
 
Microservices - java ee vs spring boot and spring cloud
Microservices - java ee vs spring boot and spring cloudMicroservices - java ee vs spring boot and spring cloud
Microservices - java ee vs spring boot and spring cloudBen Wilcock
 
Vaadin 7 by Joonas Lehtinen
Vaadin 7 by Joonas LehtinenVaadin 7 by Joonas Lehtinen
Vaadin 7 by Joonas LehtinenCodemotion
 

What's hot (20)

Web api
Web apiWeb api
Web api
 
Hidden Gems in ColdFusion 2016
Hidden Gems in ColdFusion 2016Hidden Gems in ColdFusion 2016
Hidden Gems in ColdFusion 2016
 
Become a Security Rockstar with ColdFusion 2016
Become a Security Rockstar with ColdFusion 2016Become a Security Rockstar with ColdFusion 2016
Become a Security Rockstar with ColdFusion 2016
 
Java Microservices with Spring Boot and Spring Cloud - Denver JUG 2019
Java Microservices with Spring Boot and Spring Cloud - Denver JUG 2019Java Microservices with Spring Boot and Spring Cloud - Denver JUG 2019
Java Microservices with Spring Boot and Spring Cloud - Denver JUG 2019
 
DEV208 - ASP.NET MVC 5 新功能探索
DEV208 - ASP.NET MVC 5 新功能探索DEV208 - ASP.NET MVC 5 新功能探索
DEV208 - ASP.NET MVC 5 新功能探索
 
Mini-Training Owin Katana
Mini-Training Owin KatanaMini-Training Owin Katana
Mini-Training Owin Katana
 
Cloud Foundry: Hands-on Deployment Workshop
Cloud Foundry: Hands-on Deployment WorkshopCloud Foundry: Hands-on Deployment Workshop
Cloud Foundry: Hands-on Deployment Workshop
 
Alfresco 5.0 Technology Review
Alfresco 5.0 Technology ReviewAlfresco 5.0 Technology Review
Alfresco 5.0 Technology Review
 
Hosting a website on IIS Server
Hosting a website on IIS ServerHosting a website on IIS Server
Hosting a website on IIS Server
 
Asec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwnedAsec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwned
 
C# ASP.NET WEB API APPLICATION DEVELOPMENT
C# ASP.NET WEB API APPLICATION DEVELOPMENTC# ASP.NET WEB API APPLICATION DEVELOPMENT
C# ASP.NET WEB API APPLICATION DEVELOPMENT
 
Test first
Test firstTest first
Test first
 
Single page apps_with_cf_and_angular[1]
Single page apps_with_cf_and_angular[1]Single page apps_with_cf_and_angular[1]
Single page apps_with_cf_and_angular[1]
 
Managing an OSGi Framework with Apache Felix Web Console
Managing an OSGi Framework with Apache Felix Web ConsoleManaging an OSGi Framework with Apache Felix Web Console
Managing an OSGi Framework with Apache Felix Web Console
 
Build sites on iis
Build sites on iisBuild sites on iis
Build sites on iis
 
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
 
Is Drupal secure?
Is Drupal secure?Is Drupal secure?
Is Drupal secure?
 
Vaadin NYC Meetup
Vaadin NYC MeetupVaadin NYC Meetup
Vaadin NYC Meetup
 
Microservices - java ee vs spring boot and spring cloud
Microservices - java ee vs spring boot and spring cloudMicroservices - java ee vs spring boot and spring cloud
Microservices - java ee vs spring boot and spring cloud
 
Vaadin 7 by Joonas Lehtinen
Vaadin 7 by Joonas LehtinenVaadin 7 by Joonas Lehtinen
Vaadin 7 by Joonas Lehtinen
 

Viewers also liked

What's next for Apereo?
What's next for Apereo?What's next for Apereo?
What's next for Apereo?Ian Dolphin
 
Japan Sakai Conference Presentation - March 2011
Japan Sakai Conference Presentation - March 2011Japan Sakai Conference Presentation - March 2011
Japan Sakai Conference Presentation - March 2011Ian Dolphin
 
Introducing Apereo: Presentation to the PESC Fall Data Summit, September 2013
Introducing Apereo: Presentation to the PESC Fall Data Summit, September 2013Introducing Apereo: Presentation to the PESC Fall Data Summit, September 2013
Introducing Apereo: Presentation to the PESC Fall Data Summit, September 2013Ian Dolphin
 
Apereo CAS: State of the Project
Apereo CAS: State of the ProjectApereo CAS: State of the Project
Apereo CAS: State of the ProjectMisagh Moayyed
 
A tale of two factors: MFA with CAS
A tale of two factors: MFA with CASA tale of two factors: MFA with CAS
A tale of two factors: MFA with CASMisagh Moayyed
 
Getting Started with CAS
Getting Started with CASGetting Started with CAS
Getting Started with CASMisagh Moayyed
 
Improving MySQL performance with Hadoop
Improving MySQL performance with HadoopImproving MySQL performance with Hadoop
Improving MySQL performance with HadoopSagar Jauhari
 

Viewers also liked (8)

What's next for Apereo?
What's next for Apereo?What's next for Apereo?
What's next for Apereo?
 
Japan Sakai Conference Presentation - March 2011
Japan Sakai Conference Presentation - March 2011Japan Sakai Conference Presentation - March 2011
Japan Sakai Conference Presentation - March 2011
 
Introducing Apereo: Presentation to the PESC Fall Data Summit, September 2013
Introducing Apereo: Presentation to the PESC Fall Data Summit, September 2013Introducing Apereo: Presentation to the PESC Fall Data Summit, September 2013
Introducing Apereo: Presentation to the PESC Fall Data Summit, September 2013
 
CAS MFA 2014 Update
CAS MFA 2014 UpdateCAS MFA 2014 Update
CAS MFA 2014 Update
 
Apereo CAS: State of the Project
Apereo CAS: State of the ProjectApereo CAS: State of the Project
Apereo CAS: State of the Project
 
A tale of two factors: MFA with CAS
A tale of two factors: MFA with CASA tale of two factors: MFA with CAS
A tale of two factors: MFA with CAS
 
Getting Started with CAS
Getting Started with CASGetting Started with CAS
Getting Started with CAS
 
Improving MySQL performance with Hadoop
Improving MySQL performance with HadoopImproving MySQL performance with Hadoop
Improving MySQL performance with Hadoop
 

Similar to Latest CAS News 2014

CAS state of the project: Open Apereo 2015
CAS state of the project: Open Apereo 2015CAS state of the project: Open Apereo 2015
CAS state of the project: Open Apereo 2015Misagh Moayyed
 
Unicon Nov 2014 IAM Briefing
Unicon Nov 2014 IAM BriefingUnicon Nov 2014 IAM Briefing
Unicon Nov 2014 IAM BriefingJohn Gasper
 
ELUNA2014: Developing and Testing an open source web application
ELUNA2014: Developing and Testing an open source web applicationELUNA2014: Developing and Testing an open source web application
ELUNA2014: Developing and Testing an open source web applicationMichael Cummings
 
Azure DevOps Deployment Group
Azure DevOps Deployment GroupAzure DevOps Deployment Group
Azure DevOps Deployment GroupRiwut Libinuko
 
"Esup CAS Packaging" : Deploy and customize easily a CAS4 server
"Esup CAS Packaging" : Deploy and customize easily a CAS4 server"Esup CAS Packaging" : Deploy and customize easily a CAS4 server
"Esup CAS Packaging" : Deploy and customize easily a CAS4 serverLudovic A
 
Unicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingUnicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingJohn Gasper
 
REST API 20.2 - Appworks Gateway Integration.pptx
REST API 20.2 - Appworks Gateway Integration.pptxREST API 20.2 - Appworks Gateway Integration.pptx
REST API 20.2 - Appworks Gateway Integration.pptxJason452803
 
Java PaaS Apache Stratos
Java PaaS Apache StratosJava PaaS Apache Stratos
Java PaaS Apache StratosChris Haddad
 
DevOps on AWS: Accelerating Software Delivery with the AWS Developer Tools
DevOps on AWS: Accelerating Software Delivery with the AWS Developer ToolsDevOps on AWS: Accelerating Software Delivery with the AWS Developer Tools
DevOps on AWS: Accelerating Software Delivery with the AWS Developer ToolsAmazon Web Services
 
The Need For Speed - NEBytes
The Need For Speed - NEBytesThe Need For Speed - NEBytes
The Need For Speed - NEBytesPhil Pursglove
 
API Services: Building State-of-the-Art APIs
API Services: Building State-of-the-Art APIsAPI Services: Building State-of-the-Art APIs
API Services: Building State-of-the-Art APIsApigee | Google Cloud
 
Zure Azure PaaS Zero to Hero - DevOps training day
Zure Azure PaaS Zero to Hero - DevOps training dayZure Azure PaaS Zero to Hero - DevOps training day
Zure Azure PaaS Zero to Hero - DevOps training dayOkko Oulasvirta
 
E gov security_tut_session_4_lab
E gov security_tut_session_4_labE gov security_tut_session_4_lab
E gov security_tut_session_4_labMustafa Jarrar
 
20171122 aws usergrp_coretech-spn-cicd-aws-v01
20171122 aws usergrp_coretech-spn-cicd-aws-v0120171122 aws usergrp_coretech-spn-cicd-aws-v01
20171122 aws usergrp_coretech-spn-cicd-aws-v01Scott Miao
 
JCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptxJCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptxGrace Jansen
 
WebCamp HTML5
WebCamp HTML5WebCamp HTML5
WebCamp HTML5davrous
 
WebCamp HTML5
WebCamp HTML5WebCamp HTML5
WebCamp HTML5davrous
 
A Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container PlatformsA Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container PlatformsSalman Baset
 
CloudStack 4.1, 4.2 and beyond
CloudStack 4.1, 4.2 and beyondCloudStack 4.1, 4.2 and beyond
CloudStack 4.1, 4.2 and beyondChip Childers
 
Azure News Slides for October2017 - Azure Nights User Group
Azure News Slides for October2017 - Azure Nights User GroupAzure News Slides for October2017 - Azure Nights User Group
Azure News Slides for October2017 - Azure Nights User GroupMichael Frank
 

Similar to Latest CAS News 2014 (20)

CAS state of the project: Open Apereo 2015
CAS state of the project: Open Apereo 2015CAS state of the project: Open Apereo 2015
CAS state of the project: Open Apereo 2015
 
Unicon Nov 2014 IAM Briefing
Unicon Nov 2014 IAM BriefingUnicon Nov 2014 IAM Briefing
Unicon Nov 2014 IAM Briefing
 
ELUNA2014: Developing and Testing an open source web application
ELUNA2014: Developing and Testing an open source web applicationELUNA2014: Developing and Testing an open source web application
ELUNA2014: Developing and Testing an open source web application
 
Azure DevOps Deployment Group
Azure DevOps Deployment GroupAzure DevOps Deployment Group
Azure DevOps Deployment Group
 
"Esup CAS Packaging" : Deploy and customize easily a CAS4 server
"Esup CAS Packaging" : Deploy and customize easily a CAS4 server"Esup CAS Packaging" : Deploy and customize easily a CAS4 server
"Esup CAS Packaging" : Deploy and customize easily a CAS4 server
 
Unicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingUnicon July 2015 IAM Briefing
Unicon July 2015 IAM Briefing
 
REST API 20.2 - Appworks Gateway Integration.pptx
REST API 20.2 - Appworks Gateway Integration.pptxREST API 20.2 - Appworks Gateway Integration.pptx
REST API 20.2 - Appworks Gateway Integration.pptx
 
Java PaaS Apache Stratos
Java PaaS Apache StratosJava PaaS Apache Stratos
Java PaaS Apache Stratos
 
DevOps on AWS: Accelerating Software Delivery with the AWS Developer Tools
DevOps on AWS: Accelerating Software Delivery with the AWS Developer ToolsDevOps on AWS: Accelerating Software Delivery with the AWS Developer Tools
DevOps on AWS: Accelerating Software Delivery with the AWS Developer Tools
 
The Need For Speed - NEBytes
The Need For Speed - NEBytesThe Need For Speed - NEBytes
The Need For Speed - NEBytes
 
API Services: Building State-of-the-Art APIs
API Services: Building State-of-the-Art APIsAPI Services: Building State-of-the-Art APIs
API Services: Building State-of-the-Art APIs
 
Zure Azure PaaS Zero to Hero - DevOps training day
Zure Azure PaaS Zero to Hero - DevOps training dayZure Azure PaaS Zero to Hero - DevOps training day
Zure Azure PaaS Zero to Hero - DevOps training day
 
E gov security_tut_session_4_lab
E gov security_tut_session_4_labE gov security_tut_session_4_lab
E gov security_tut_session_4_lab
 
20171122 aws usergrp_coretech-spn-cicd-aws-v01
20171122 aws usergrp_coretech-spn-cicd-aws-v0120171122 aws usergrp_coretech-spn-cicd-aws-v01
20171122 aws usergrp_coretech-spn-cicd-aws-v01
 
JCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptxJCON_15FactorWorkshop.pptx
JCON_15FactorWorkshop.pptx
 
WebCamp HTML5
WebCamp HTML5WebCamp HTML5
WebCamp HTML5
 
WebCamp HTML5
WebCamp HTML5WebCamp HTML5
WebCamp HTML5
 
A Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container PlatformsA Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container Platforms
 
CloudStack 4.1, 4.2 and beyond
CloudStack 4.1, 4.2 and beyondCloudStack 4.1, 4.2 and beyond
CloudStack 4.1, 4.2 and beyond
 
Azure News Slides for October2017 - Azure Nights User Group
Azure News Slides for October2017 - Azure Nights User GroupAzure News Slides for October2017 - Azure Nights User Group
Azure News Slides for October2017 - Azure Nights User Group
 

More from Misagh Moayyed

Apereo Foundation Fast Interview with CAS Chairman, Misagh Moayyed
Apereo Foundation Fast Interview with CAS Chairman, Misagh MoayyedApereo Foundation Fast Interview with CAS Chairman, Misagh Moayyed
Apereo Foundation Fast Interview with CAS Chairman, Misagh MoayyedMisagh Moayyed
 
Building Open Source Identity Infrastructures
Building Open Source Identity InfrastructuresBuilding Open Source Identity Infrastructures
Building Open Source Identity InfrastructuresMisagh Moayyed
 
Apereo CAS 2020 - ESUP Days #31
Apereo CAS 2020 - ESUP Days #31Apereo CAS 2020 - ESUP Days #31
Apereo CAS 2020 - ESUP Days #31Misagh Moayyed
 
Apereo 2017 - Lightening Talk
Apereo 2017 - Lightening TalkApereo 2017 - Lightening Talk
Apereo 2017 - Lightening TalkMisagh Moayyed
 
CAS Project Status 2017
CAS Project Status 2017CAS Project Status 2017
CAS Project Status 2017Misagh Moayyed
 
CAS 5 Apereo Workshop 2017
CAS 5 Apereo Workshop 2017CAS 5 Apereo Workshop 2017
CAS 5 Apereo Workshop 2017Misagh Moayyed
 
Apereo CAS: State of the Project 2018
Apereo CAS: State of the Project 2018Apereo CAS: State of the Project 2018
Apereo CAS: State of the Project 2018Misagh Moayyed
 
CAS State of the Project 2016
CAS State of the Project 2016CAS State of the Project 2016
CAS State of the Project 2016Misagh Moayyed
 
What’s new in cas 4.2
What’s new in cas 4.2 What’s new in cas 4.2
What’s new in cas 4.2 Misagh Moayyed
 
OpenId Connect in Shibboleth Identity Provider
OpenId Connect in Shibboleth Identity ProviderOpenId Connect in Shibboleth Identity Provider
OpenId Connect in Shibboleth Identity ProviderMisagh Moayyed
 
February 13th, 2014 - Unicon IAM Webinar Update
February 13th, 2014 - Unicon IAM Webinar UpdateFebruary 13th, 2014 - Unicon IAM Webinar Update
February 13th, 2014 - Unicon IAM Webinar UpdateMisagh Moayyed
 

More from Misagh Moayyed (15)

Apereo Foundation Fast Interview with CAS Chairman, Misagh Moayyed
Apereo Foundation Fast Interview with CAS Chairman, Misagh MoayyedApereo Foundation Fast Interview with CAS Chairman, Misagh Moayyed
Apereo Foundation Fast Interview with CAS Chairman, Misagh Moayyed
 
Building Open Source Identity Infrastructures
Building Open Source Identity InfrastructuresBuilding Open Source Identity Infrastructures
Building Open Source Identity Infrastructures
 
FOSSASIA 2021 - CAS
FOSSASIA 2021 - CASFOSSASIA 2021 - CAS
FOSSASIA 2021 - CAS
 
Apereo CAS 2020 - ESUP Days #31
Apereo CAS 2020 - ESUP Days #31Apereo CAS 2020 - ESUP Days #31
Apereo CAS 2020 - ESUP Days #31
 
Apereo CAS 2019
Apereo CAS 2019Apereo CAS 2019
Apereo CAS 2019
 
Apereo 2017 - Lightening Talk
Apereo 2017 - Lightening TalkApereo 2017 - Lightening Talk
Apereo 2017 - Lightening Talk
 
CAS Project Status 2017
CAS Project Status 2017CAS Project Status 2017
CAS Project Status 2017
 
CAS 5 Apereo Workshop 2017
CAS 5 Apereo Workshop 2017CAS 5 Apereo Workshop 2017
CAS 5 Apereo Workshop 2017
 
Apereo CAS: State of the Project 2018
Apereo CAS: State of the Project 2018Apereo CAS: State of the Project 2018
Apereo CAS: State of the Project 2018
 
CAS State of the Project 2016
CAS State of the Project 2016CAS State of the Project 2016
CAS State of the Project 2016
 
What’s new in cas 4.2
What’s new in cas 4.2 What’s new in cas 4.2
What’s new in cas 4.2
 
OpenId Connect in Shibboleth Identity Provider
OpenId Connect in Shibboleth Identity ProviderOpenId Connect in Shibboleth Identity Provider
OpenId Connect in Shibboleth Identity Provider
 
CAS IU Presentation
CAS IU PresentationCAS IU Presentation
CAS IU Presentation
 
Cas iu-pres
Cas iu-presCas iu-pres
Cas iu-pres
 
February 13th, 2014 - Unicon IAM Webinar Update
February 13th, 2014 - Unicon IAM Webinar UpdateFebruary 13th, 2014 - Unicon IAM Webinar Update
February 13th, 2014 - Unicon IAM Webinar Update
 

Recently uploaded

Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...OnePlan Solutions
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogueitservices996
 
Zer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdfZer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdfmaor17
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingShane Coughlan
 
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...Bert Jan Schrijver
 
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptxThe Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptxRTS corp
 
Mastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptxMastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptxAS Design & AST.
 
What’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesWhat’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesVictoriaMetrics
 
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...kalichargn70th171
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorTier1 app
 
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4jGraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4jNeo4j
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptxVinzoCenzo
 
Best Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITBest Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITmanoharjgpsolutions
 
Keeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository worldKeeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository worldRoberto Pérez Alcolea
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsJean Silva
 
2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shardsChristopher Curtin
 
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonLeveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonApplitools
 
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesAmazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesKrzysztofKkol1
 
SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?Alexandre Beguel
 

Recently uploaded (20)

Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogue
 
Zer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdfZer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdf
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
 
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
 
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptxThe Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
 
Mastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptxMastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptx
 
What’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesWhat’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 Updates
 
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryError
 
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4jGraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
GraphSummit Madrid - Product Vision and Roadmap - Luis Salvador Neo4j
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptx
 
Best Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITBest Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh IT
 
Keeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository worldKeeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository world
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero results
 
2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards
 
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonLeveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
 
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesAmazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
 
SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?
 

Latest CAS News 2014

  • 1. Open Apereo - June 1-4 2014 The Latest about the Central Authentication Service Misagh Moayyed mmoayyed@unicon.net
  • 2.  Introduction  CAS 3.4/3.5 Security Releases  CAS 4  CAS Addons  CAS Clients  CAS and Shibboleth  Questions and Discussion Open Apereo - June 1-4 2014
  • 3. This session will summarize the achievements in the latest available Central Authentication Service server product and client library releases and available plugins and enhancements in the community around CAS. Open Apereo - June 1-4 2014
  • 4.  Sunday: ◦ CAS & Shibboleth for Enterprise WebSSO  Monday: ◦ Latest about the Central Authentication Service ◦ To CAS 3 and beyond: The story of a CAS upgrade  Tuesday: ◦ A tale of two factors: 2FA authentication with CAS ◦ How to CASify PeopleSoft; Integrating CAS and ADFS  Wednesday: ◦ Creating a Customizable Dynamic CAS Theme ◦ CAS implementation at Oakland University Open Apereo - June 1-4 2014
  • 5.  CAS Committer and PMC member  3 years with Unicon; 5 years with JasigApereo  Technical lead for Unicon’s Open Source Support for CAS Open Apereo - June 1-4 2014 https://twitter.com/misagh84 https://github.com/mmoayyed mmoayyed@unicon.net
  • 6.  Support, services, training, managed services and custom projects on and around enterprise open source in and around higher education  Identity and Access Management team working with CAS, Shibboleth, Grouper, OpenRegistry, …  Open Source Support for CAS, Shibboleth, Grouper, Sakai, uPortal, uMobile, SSP, … Open Apereo - June 1-4 2014
  • 7.  Free and open source enterprise single sign-on for the web  Open well-documented protocol  Java server software; plethora of client libraries Open Apereo - June 1-4 2014
  • 8. Open Apereo - June 1-4 2014
  • 9. Open Apereo - June 1-4 2014  Recommended method to deploy CAS  Local source control (Git? GitHub?) with only your custom CAS recipe (in pom.xml) and your customizations and configuration  Maven overlay builds this on top of specified CAS server version  https://github.com/Unicon/unicon-cas-overlay
  • 10. Open Apereo - June 1-4 2014
  • 11. Open Apereo - June 1-4 2014 CAS Security Releases
  • 12.  Backward-compatible security releases: v3.5.2.1 and v3.4.12.1  Patch for SAML 2/Google Accounts integration components  You SHOULD upgrade immediately, if you have enabled Google Apps support for CAS Open Apereo - June 1-4 2014
  • 13. Open Apereo - June 1-4 2014 CAS4
  • 14.  Current stable major release  Improvements include: ◦ CAS protocol v3 release ◦ Build/Documentation improvements ◦ Greater modularity ◦ Redesigned authentication APIs ◦ Many more…  The release is NOT backward-compatible with 3.5.x! Open Apereo - June 1-4 2014
  • 15.  First commit on Feb 26th 2013  4 RCs; GA release on May 7th 2014  165 resolved JIRA issues  181 closed pull requests  900 git commits  7 committers; 17 contributors Open Apereo - June 1-4 2014
  • 16.  New: ◦ User attributes in ticket validation response ◦ Strengthen proxy callback failure response ◦ authenticationDate, memberOf, isFromNewLogin attributes  Improved: ◦ Inclusion of Single Logout ◦ Inclusion of /samlValidate endpoint ◦ Compliant with common community practices Open Apereo - June 1-4 2014
  • 17. Open Apereo - June 1-4 2014
  • 18.  Build and Deployment ◦ Using Travis CI for internal builds ◦ Auto-deployment of Javadocs and reports ◦ Maven WAR Overlay for deployments  Documentation ◦ GitHub Pages site: http://jasig.github.io/cas/  Demos on Heroku ◦ CAS WebApp: https://jasigcas.herokuapp.com ◦ Mgmt Webapp: https://jasigcasmgmt.herokuapp.com Open Apereo - June 1-4 2014
  • 19.  New AuthN API to support MFA  New /p3/serviceValidate endpoint for user attributes  New submodules for SAML, Management, OAuth, …  Dependency upgrades  LDAP AuthN and Password Policy improvements  User Attribute Filters  Front-channel Logout  Disallow Empty Service Registry  English as Default Locale  JS File in Themes  Language Bundle updates  Default Proxy AuthN set to Off  Many more… Open Apereo - June 1-4 2014
  • 20. Open Apereo - June 1-4 2014  “uid != password”  The default credentials are: casuser/Mellon
  • 21. Open Apereo - June 1-4 2014  Pick a latest version (4.0.0)  Add your skin/brand  Add your configuration ◦ How do users authenticate? ◦ Where do user attributes come from? ◦ Which applications are allowed to use CAS?  Build, test, deploy
  • 22.  CAS v4.1: Discussion ongoing ◦ 20+ JIRAs already resolved! ◦ Join the @cas-dev mailing list  CAS AppSec Working Group: ◦ https://wiki.jasig.org/display/CAS/CAS+App Sec+Working+Group  New Committer: Robert Oschwald Open Apereo - June 1-4 2014
  • 23. Open Apereo - June 1-4 2014 CAS Addons
  • 24. Open Apereo - June 1-4 2014  Free, open source extensions for CAS  Latest stable release: v1.11.1  Include in Maven Overlays:  Available at: https://github.com/Unicon/cas-addons
  • 25. Open Apereo - June 1-4 2014  Compatible with CAS v3.5.2.1  HazelcastTicketRegistry  ReadWriteJsonServiceRegistryDao  v2.x in development; support for CAS4  See more at: ◦ https://github.com/Unicon/cas-addons/wiki
  • 26. Open Apereo - June 1-4 2014 CAS Clients
  • 27.  Features include: ◦ URL exclusion patterns for the AuthN filter ◦ Support for default ports in service URLs ◦ Return AuthN instant from SAML response ◦ Disallow misconfiguration of forced AuthN ◦ Disallow empty proxy chains for ClearPass  v3.4.0 is in development Open Apereo - June 1-4 2014
  • 28.  CAS client for Play 2.x framework: ◦ https://github.com/leleuj/play-pac4j ◦ Support for CAS, OAuth, OpenId, HTTP, SAML  CAS support for Ratpack toolkit: ◦ https://github.com/ratpack/ratpack/tree/master/r atpack-pac4j Open Apereo - June 1-4 2014
  • 29. Open Apereo - June 1-4 2014 CAS and Shibboleth
  • 30.  CAS AuthN plugin for Shibboleth IdP  Custom CasLoginHandler  Externalized configuration file  Easier to deploy and configure ◦ No session sharing requirement!  Available at: https://github.com/Unicon/shib-cas-authn2 Open Apereo - June 1-4 2014
  • 31.  Shibboleth IdP v2.4.0 Installer: ◦ Preconfigured with Shib-CAS AuthN v2 ◦ Preconfigured with InCommon Metadata ◦ Preconfigured with TestShib’s SP Metadata  Available at: https://github.com/Unicon/unicon- shibboleth-idp-template Open Apereo - June 1-4 2014
  • 32.  If you don’t have SSO: ◦ Implement CAS4; available today  If you have CAS: ◦ Upgrade your Maven overlays  If you have Shibboleth: ◦ Integrate using the shib-cas-authn2 module  If you need help: ◦ Unicon OSS program: http://www.unicon.net/support Open Apereo - June 1-4 2014
  • 33. Open Apereo - June 1-4 2014 https://twitter.com/misagh84 https://github.com/mmoayyed mmoayyed@unicon.net