3rd party vs custom code

Owned by Jérôme LELEU
Last updated: Feb 26, 2013
1 min read

This page references all the custom code used in CAS which can be replaced by the appropriate third-party libraries to improve reliability and security.

 

1) cas-server-support-oauth module

The OAuth server support is done by custom code. A better candidate for handling OAuth server support could be Spring security for OAuth : http://www.springsource.org/spring-security-oauth.

 

2) cas-server-support-saml module

SAML 1.1 and Google SAML 2 supports as well as SLO requests are made through custom code. They can rather rely on the opensaml library : https://wiki.shibboleth.net/confluence/display/OpenSAML/Home.