Bill,
The InCommon Technical Advisory Committee has launched an effort to develop a document that presents the landscape of identity-related projects of particular relevance to the Research and Education (R&E) community, including information about their state, the relationships among them, and gaps among those relationships and between the capabilities they provide and what is needed by this community. This Identity Landscape document is intended to provide information as input to strategic decision making by those providing leadership to the identified projects and to promote increased coordination among them. It will be written with those audiences in mind, though we also expect it to be shared widely with the R&E public.
As a representative of the CAS project, your participation in this effort would be invaluable to us and, we hope, to you as well. In order to give you an idea of what we're looking for, I have included a quick set of questionnaire topics that we are using to collect basic information about each project, as well as answers to that questionnaire for the Grouper project, at the bottom of this message. As you can see, we are looking for very brief summary information, although we may ask to schedule a telephone conversation at a later date to fill in additional information. Simply replying to this note, editing your responses into the Questionnaire Topics below would be greatly appreciated. We could also schedule a telephone interview to go through the questionnaire and draft answers for your review, if that works better for you.
Please let me know if you are willing to participate, or could designate someone else. Don't hesitate to contact me if you have any questions. Thank you for your help.
David Walker
InCommon Technical Advisory Committee
dhwprof@gmail.com
...
CAS 4.0 is the current work in progress an includes the following scope slated for 2013:
- improved authN APIs to support multiple credentials (forces Major release per release strategy)
- new skin and better support for mobile devices
- Improvements to the Ldap Password Policy enforcement that are described here.
- potentially other minor evolutionary improvements that would have been targeted for 3.6.
Approach to Work
How priorities are set, the process for releasing deliverables, collaborative work style, expectations of members, etc.
CAS is loosely run as an Apache style open source project with priorities mostly set by availability of interested developers and committer consensus.
CAS has been a solid and mature product for some time. Improvements and extensions evolve from both a community recognition of priorities and the will of developers to take ownership of particular facets of the CAS product. An active developer list provides the primary collaborative forum for both incremental improvements and proposing and vetting new requirements and features. Multiple releases typically occur during a year and reflect contributions in the interim. The development lifecycle is structured with coding standards (https://wiki.jasig.org/display/CAS4UM/Code+Standards), and review and release management processes.
Strategies for Sustainability
Strategies for funding, inclusion of new members, etc.
CAS has no funding or means for support beyond the umbrella infrastructure provided by Apereo. Typical of a successful open source project, the work of a relatively small community of contributors is leveraged across many consumers. Though CAS adopters need not be involved in any way, the criticality of CAS single sign-on to large-scale adopters keeps the activtiy level of the project very high. This activity is true with respect to the CAS server and integration of the CAS protocol in clients.
A CAS Steering Committee exists to advocate for the project and set any strategic and administrative direction (https://wiki.jasig.org/display/CASST/Home).
CAS relies on Apereo to fund general community infrastructure (mailing lists, website, jira). The project also makes use of free infrastructure from github for source code control. Development and management of the project is mostly resourced directly from the participants. Unicon's Support program also contributes directly to the project based on the number of subscribers to the program. Sustainability is derived from three primary sources:
...
Areas where there is observed interdependence or similarity with other projects.
CAS is perhaps the most widely adopted solution for WebSSO. Although CAS may be seen as performing in a narrower range of the SSO spectrum compare with Shibboleth, the fact is that many enterprises continue to adopt and rely on CAS as both a convenient tried-and-true WebSSO solution. It's adoption in enterprises typically predated that of SAML-based federated solutions and over time CAS has increased in sophistication while a wide ecosystem of open source and proprietary products have established integrations with CAS.
Large well-known projects such as uPortal, Moodle, Liferay, and the Kuali products provide for out-of-the-box integration with CAS due to its prevalence and relative simplicity.
CAS and Shibboleth are similar in that they both can be used for WebSSO. They differ in that Shibboleth has mostly been focused on implementing the SAML specification, whereas CAS is mostly focused on being a great platform for enterprise WebSSO regardess of the protocol. Many deployers have found CAS and Shibboleth to be more complimentary than competitive. See: Shibboleth and CAS - Even More Perfect Together
...
Elements of the identity landscape that do not seem to exist, but are needed to achieve the project's goals.?.
The approach to the identity landscape is often panacean - the entire problem is stood up with the assumption that the right projects can be brought together in one holistic solution.
The identity landscape is apparently searching for large blueprints. There is a large gap between these future goals and a more practical packaging of identity solutions that align with common consumer scenarios. A feedback loop to potential consumers about what they could do today given a particular scenario is missing, particularly as institutions shorten project cycles and look for more agility. In retrospect, CAS' success has come from meeting as many adopter scenarios as possible without breaking any fundamental contracts that would jeopardize security or abandon a large set of current adopters.
Challenges
Potential roadblocks to achieving the project's goals.
- Lack of input from stakeholders outside of the developer community.
- Availability of developer resources.
- Governance/consensus around project direction.
Leadership beyond incremental release functionality.
More Information
URLs where further information about the project is available.
...