Upgrading

New CAS documentation site

CAS documentation has moved over to apereo.github.io/cas, starting with CAS version 4.x. The wiki will no longer be maintained. For the most recent version of the documentation, please refer to the aforementioned link.

CAS 3.3.0 to CAS 3.3.1

Database Changes

update RegisteredServiceImpl set evaluation_order = 100;

insert into rs_attributes ( RegisteredServiceImpl_id, a_name, a_id )
select
RegisteredServiceImpl_id,element,allowed_attribute_id from
RegisteredServiceImpl_allowedAttributes;

CAS 3.2.1 to CAS 3.3

NOTE this assumes you're using the Maven WAR overlay method

in cas.properties

  • remove cas.securityContext.casProxyTicketValidator.casValidate and add cas.securityContext.ticketValidator.casServerUrlPrefix

in deployerConfigContext.xml

  • change org.acegisecurity.userdetails.memory.InMemoryDaoImpl to org.springframework.security.userdetails.memory.InMemoryDaoImpl

Database Changes

  • In the Services Management tool, the list of attributes associated with a service has now moved to its own table to resolve some saving issues as well as limits on the size of the original attributes field. We currently don't have a tool to extract that and place it into the new tables.
  • In the JpaTicketRegistry, the TicketGrantingTicket values that used to be AtomicBooleans and thus stored as blobs, etc. are now booleans, so the database tables are incompatible. This change was made support Terracotta. There is currently no script to convert the old data.

Other Changes

  • Any class in the server-core that relied on the Spring LDAP module was moved to the server-support-ldap module so you'll need to include that if you reference those classes.

CAS 3.3.5 to CAS 3.4

NOTE this assumes you're using the Maven WAR overlay method

in cas-servlet.xml

  • You will need to bring in the latest version and apply any changes you had made.

in cas.properties

  • add cas.securityContext.serviceProperties.adminRoles=ROLE_ADMIN
    Names of roles allowed to access the CAS service manager

in deployerConfigContext.xml

  • update the namespaces to reflect the upgrade to Spring 3 and Spring Security 3
  • update the userDetailsService bean to reflect the upgrade to Spring Security 3

CAS 3.4.x to CAS 3.4.10

NOTE this assumes you're using the Maven WAR overlay method

If you have customized views you must update the hidden fields to support the LoginTicket

pre 3.4.10 hidden fields

<input type="hidden" name="lt" value="${flowExecutionKey}" />
<input type="hidden" name="_eventId" value="submit" />

post 3.4.10 hidden fields

<input type="hidden" name="lt" value="${loginTicket}" />
<input type="hidden" name="execution" value="${flowExecutionKey}" />
<input type="hidden" name="_eventId" value="submit" />

 

CAS 3.5.x to CAS 3.5.2

NOTE this assumes you're using the Maven WAR overlay method

One bean changed name from 3.5.1 to 3.5.2:

In src/main/web/WEB-INF/cas-servlet.xml  change :

3.5.1 bean
<bean id="errorHandlerResolver" class="org.jasig.cas.web.NoSuchFlowExecutionExceptionResolver"/>

to

3.5.2 bean
<bean id="errorHandlerResolver" class="org.jasig.cas.web.FlowExecutionExceptionResolver"/>

 

If you use OAuth client support (cas-server-support-oauth module), be aware of the configuration differences by comparing Configuration for the OAuth client support in CAS server version 3.5.0 and Configuration for the OAuth client support in CAS server version >= 3.5.1.

 

CAS 3.x to CAS 4.0 ( as of 4/7/2014 4.0 has not been released )

If you are using restlet:

In src/main/web/WEB-INF/web.xml  change :

3.x
<servlet-class>com.noelios.restlet.ext.spring.RestletFrameworkServlet</servlet-class>

to

4.0
<servlet-class>org.restlet.ext.spring.RestletFrameworkServlet</servlet-class>

 

If you are using SAML:

SAML is no longer provided "out of the box" you will need to enable it for 4.0:  http://jasig.github.io/cas/current/protocol/SAML-Protocol.html

Â