/
CAS Protocol Revision Working Group

CAS Protocol Revision Working Group

Nov 03, 2013

Overview

The CAS Protocol Revision Working Group is collaborating on updating the CAS Protocol such that it:

  • is consistent with current Jasig CAS 3.x server behavior (de facto standard), and adds

  • attributes to CAS payload  (a common customization)

The current status of the 3.0 spec draft can be found in the official GitHub repository at

https://github.com/Jasig/cas/blob/master/cas-server-protocol/3.0/cas_protocol_3_0.md

The working draft is in Google Docs: https://docs.google.com/document/d/1l0o60mLfXF4bkQdwRSH4i6P-IJQki3-v-zyoOAjxDd4/edit

 

Related CAS4.0 issue:

Participants

  • @Adam Franco

  • @Jérôme LELEU

  • @Misagh Moayyed

  • @Robert Oschwald

  • @William G. Thompson, Jr.

Status

The main work of covering all the current (3.x) features is completed, but needs review and discussion.  The following is a brief summary of what was added:

  • /login parameters "METHOD", "rememberMe",

  • /logout parameter "service" with a description of its implication to the behaviour

  • SLO completely added. Also with an on section 4 which briefly describes the Single Log Out feature and security implications.

  • cas attributes in responses

  • /proxyValidate added

  • /samlValidate added (it is currently in 3.5, which this CAS Spec covers. In 4.0, this might be removed - to be discussed) 

Release Process

  • Declare Release Candidate Status - notify cas-dev, cas-user, cas-announce?

  • Community Review/Feedback - April 8th - April 20nd

  • Committer/Contribute Consensus Vote April 22nd - April 26th

Open Issues

  • Process for release (committer vote?)

  • When to release?

  • License - Apache2, Creative Commons

  • Copyright - Apereo?

Next Steps