CAS Protocol Revision Working Group

Owned by William G. Thompson, Jr.
Last updated: Nov 03, 2013 by Robert OschwaldVersion comment
1 min read

Overview

The CAS Protocol Revision Working Group is collaborating on updating the CAS Protocol such that it:

  • is consistent with current Jasig CAS 3.x server behavior (de facto standard), and adds
  • attributes to CAS payload  (a common customization)

The current status of the 3.0 spec draft can be found in the official GitHub repository at

https://github.com/Jasig/cas/blob/master/cas-server-protocol/3.0/cas_protocol_3_0.md

The working draft is in Google Docs: https://docs.google.com/document/d/1l0o60mLfXF4bkQdwRSH4i6P-IJQki3-v-zyoOAjxDd4/edit

 

Error rendering macro 'jira' : Unable to locate Jira server for this macro. It may be due to Application Link configuration.

Related CAS4.0 issue: Unable to locate Jira server for this macro. It may be due to Application Link configuration.

Participants

Status

The main work of covering all the current (3.x) features is completed, but needs review and discussion.  The following is a brief summary of what was added:

  • /login parameters "METHOD", "rememberMe",
  • /logout parameter "service" with a description of its implication to the behaviour
  • SLO completely added. Also with an on section 4 which briefly describes the Single Log Out feature and security implications.
  • cas attributes in responses
  • /proxyValidate added
  • /samlValidate added (it is currently in 3.5, which this CAS Spec covers. In 4.0, this might be removed - to be discussed) 

Release Process

  • Declare Release Candidate Status - notify cas-dev, cas-user, cas-announce?
  • Community Review/Feedback - April 8th - April 20nd
  • Committer/Contribute Consensus Vote April 22nd - April 26th

Open Issues

  • Process for release (committer vote?)
  • When to release?
  • License - Apache2, Creative Commons
  • Copyright - Apereo?

Next Steps