...
2.1.1 CAS 4 Roadmap Planning (Call for Participation)
We have assembled a draft agenda for the roadmap planning call which is included below for your information. If you are interested in participating but have not yet let me know (benjamin dot oshrin at rutgers dot edu), it is not too late to do so.
1 - Direction & Requirements
...
The CAS community has started CAS4 roadmap planning! A conference call will be held this Friday (July 25, 2008). The draft agenda is as follows:
1 - Direction & Requirements
- Next Steps for the CAS 3.x branch
- What are we looking for in a CAS4? <http://www.ja-sig.org/wiki/display/CAS/CAS+Vision+and+Roadmap>
- Integration with Existing Systems
- Features / Use Cases
- Relationship to Existing Architecture
...
- Comments on/discussion of model
<http://www.ja-sig.org/wiki/display/CAS/Governance+Model>
~benno (Rutgers University)
Its not too late to get in on the conference call. If you are interested in participating, let me know (benjamin dot oshrin at rutgers dot edu).
~benno (Rutgers University)
2.1.2 CAS 3.2.1.1 Release and CAS 3.3-RC2 Release
We've released a minor point release of version 3.2.1.1 which addresses an opportunity to inject HTML into the logout page via the url parameter. You can't hijack CAS sessions or anything with it, but you can create some really interesting HTML pages which could trick your users if they're not paying attention. If you've based your logout page at your local institution off of the "example default" pages then you should update your logout page (just to be safe we also updated the "confirm view"). Thanks to Romain Bourgue for identifying this. There are no other changes in the 3.2.1.1 release.
We've also released CAS 3.3-RC2. If you've been keeping track we last left off at 3.2.2-RC1. We've made some exciting additions such as Terracotta support, Memcache Support, updated RESTful support, and a lot of minor bug fixes. Because of a change to an internal property on the tickets (changing from Atomic Boolean to boolean) and its affect on the JPATicketRegistry, we bumped up the version to 3.3.You can download both releases from its affect on the JPATicketRegistry, we bumped up the version to 3.3.
You can download both releases from http://www.ja-sig.org/products/cas/downloads/
2.1.3 Spring Security 2.0.3
If you've haven't been keeping up with Spring Security, they've recently released their version 2.0.3. Spring Security is a Spring subproject related to authentication and authorization. It includes the most recent JASIG CAS Client for Java. If you're doing anything beyond simple authentication, we recommend you take a look at the more full-featured Spring Security which builds on the JASIG CAS Client for Java foundation. http://static.springframework.org/spring-security/site/index.html
h5 2.1.3 phpCAS
The phpCAS team has been hard at work making phpCAS PEAR-installable, adding Single Sign Out support, and more! Check it out http://www.ja-sig.org/productswiki/casdisplay/downloadsCASC/phpCAS
Contributed by:
Scott Battaglia (Rutgers University), Lead Developer, JA-SIG Central Authentication Service
...