JASIG Winter 2004 Presentation

Owned by Andrew Petro
Last updated: Dec 10, 2004Version comment
2 min read

JASIG Winter 2004 Presentation: CAS Roadmap

Title: Central Authentication Service Roadmap

Abstract:

Central Authentication Service Roadmap

This presentation differed from previous Yale CAS JA-SIG presentations in focusing more on what's new with CAS and where CAS is going than on what CAS is. Nonetheless, we started with a review of what CAS is and why schools use CAS. We then reviewed what's new with the CAS Java Client and how that client is used for the new uPortal CAS security context. I also took just a moment to point out the Acegi project as an available client abstraction for CAS authentication.

I then presented a high-level roadmap of where CAS is going, including integration with Shibboleth, use of SAML (optionally including more attributes than just the user's netid), and an entirely new, interface-rich, more pluggable CAS Server implementation with well-defined extension points, giving credit where credit is very much due to Rutgers for their work.

Content outline

What is CAS?

What is CAS: Abbreviated presentation of the CAS idea
What is CAS, what does running it buy you, what does it require.
In broad terms, what is the CAS tapdance.

What's new?

CAS Java Client 2.1.0

  • Java Servlet Filter as preferred client implementation
  • CASReceipt and Filter composition: an approach to extensibility
  • Application: uPortal YaleCASFilteredContext

Acegi:

  • Acegi provides layer of abstraction beyond that provided by CAS Java Client / CASFilter.

Roadmap

Roadmap: SAML as the language for the CAS requests and responses
Taking advantage of the SAML standard for communication of authentication information. CAS as the authentication piece in a Shibboleth installation.
Roadmap: Interface-rich, more pluggable Server implementation
Old model: to customize CAS for you needs you hack CAS servlets, etc.
New model: to customize CAS for your needs you plug in your custom code at well-defined extension points.
Shout out to the JA-SIG community: please communicate desired extension points to help us not to overlook opportunities to design in extensibility.
This means a complete re-implementation of CAS Server. Partnership with Rutgers and their fine work.

Resources

  • New CAS documentation
  • Active mailing list
  • the larger CAS community

Intended audience

CAS beginners looking to know what CAS is and where it is going. CAS veterans looking to know what's new with CAS and where it is going.

How this presentation relates to previous Yale CAS presentations at JA-SIG

The Yale CAS presentation given at previous JA-SIGs has been well attended and received and to all impressions has served the JA-SIG community well in providing an introduction and overview of CAS. Perhaps we shouldn't be messing with something that has worked so well. Nonetheless, this winter's CAS presentation attempts to go into more depth about what is new and where the project is going, including providing a roadmap for the re-implementation of CAS Server.