Your SlideShare is downloading. ×
0
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Unicon CAS Update March 2013
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Unicon CAS Update March 2013

1,278

Published on

Slideware for 2013-03-27 Unicon CAS Update webinar.

Slideware for 2013-03-27 Unicon CAS Update webinar.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,278
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
5
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Unicon CAS Update 27 March 2013 Bill Thompson • Andrew PetroWednesday, March 27, 13
  • 2. Agenda 1. What is this briefing? 2. Highlights and observations 3. Unicon activities since previous update 4. Intentions 5. Next stepsWednesday, March 27, 13
  • 3. Welcome to this briefing • Unicon’s CAS strategy • Sourcing support for open source software • Unicon’s “Cooperative” Support • Thank you to our support subscribersWednesday, March 27, 13
  • 4. Introduction: Andrew Petro • Jasig CAS committer, involved in CAS since before CAS 3 • 7 years with Unicon, most of which in Cooperative Support • Unicon’s Cooperative Support for CAS technical leadWednesday, March 27, 13
  • 5. This session is being recorded. • Will post after: • Slides • Notes blog post with useful hyperlinks • Slidecast with audioWednesday, March 27, 13
  • 6. Observations and HighlightsWednesday, March 27, 13
  • 7. CAS Server 3.5 • Still the current stable release. • What you adopt or upgrade to today.Wednesday, March 27, 13
  • 8. CAS Server 3.5.2 released February 22nd • Security fixes • require proxy chain for accessing /cas/ clearPass • handle exception on bad execution ID (looked like a JavaScript injection vulnerability, but isn’t really) • Improvements: • OAuth, monitoring, loggingWednesday, March 27, 13
  • 9. CAS addons • Free and open source add-ons for CAS server • Trends towards newer, exploratory features • https://github.com/ Unicon/cas-addonsWednesday, March 27, 13
  • 10. cas-addons • JSON, MongoDb Service Registry • MongoDb Service Registry • JSON Person Attribute DAO • JSON CAS ticket validation response • Stormpath Authentication Handler • ...Wednesday, March 27, 13
  • 11. cas-java-clients-addons • Free and open source add-ons for Java CAS clients (Jasig Java CAS Client, Spring Security, Apache Shiro) • Trends towards newer, exploratory features • https://github.com/ Unicon/cas-java-clients- addonsWednesday, March 27, 13
  • 12. Add to your Maven overlay, e.g.Wednesday, March 27, 13
  • 13. CAS 4 • Roadmap: • level of assurance capabilities and attendant protocol evolution • Improved authentication APIs supporting multiple credentials, in part supporting this • Catch up documented protocol to evident practicesWednesday, March 27, 13
  • 14. CAS AppSec Working Group • Public cas-appsec email list • https://wiki.jasig.org/x/goRmAwWednesday, March 27, 13
  • 15. Jasig + Sakai = Apereo • Jasig (the non-profit context for CAS, uPortal, Bedework, SSP, etc.) consolidated with the Sakai Foundation (the non-profit context for Sakai CLE, etc.) • New organization named “Apereo” • http://www.apereo.org/Wednesday, March 27, 13
  • 16. Jasig-Sakai UnConference • Held January 14-16th at ASU Polytechnic campus • discussions including • review of code towards CAS 4 • local customizations and usages of CAS • automating 2fa token onboardingWednesday, March 27, 13
  • 17. Open Apereo 2013 Conference • Registration open! • Early bird until May 3rd • ~ Sunday June 2nd through Thursday June 6th 2013 • San DiegoWednesday, March 27, 13
  • 18. Apereo 2013 http://conf2013.apereo.org/scheduleWednesday, March 27, 13
  • 19. CAS and Shib pre- conference seminar!Wednesday, March 27, 13
  • 20. Unicon development, contribution, participation in CAS since last UpdateWednesday, March 27, 13
  • 21. What is “Cooperative Development”? • Sustaining engineering budget under the Cooperative Support for CAS program • Unicon maintains the supported open source software making it more supportable and valuable to subscribers • What I tell the team: “Act in the best interests of the subscribers, of the community, and of Unicon”Wednesday, March 27, 13
  • 22. Maintain CAS Generally and Unicon-led features • Example: ClearPass enhanced in CAS 3.5.2 to reject bare service tickets (only proxy tickets with a blessed proxy chain allowed)Wednesday, March 27, 13
  • 23. Work towards the next CAS features release (CAS 4) • support custom filters for releasing attributes to a service • improved message bundle handling (prefer an English message over failure) • JavaScript file selection power in themes • richer markup for Login form messagesWednesday, March 27, 13
  • 24. Innovate on Unicon-led features • EhCache ticket registry support for bulk ticket retrievalWednesday, March 27, 13
  • 25. cas-addons • cas-addons 1.1 • Events framework • Assertions convenience class • cas-addons 1.2 • Register per-service whether login initiates a single sign-on sessionWednesday, March 27, 13
  • 26. cas-java-clients-addons • Spring Security extension to integrate with ClearPass • ClearPass proxy ticket validatorWednesday, March 27, 13
  • 27. unicon-shibboleth-idp- template • Template Shibboleth IdP • Demonstrates deferring to CAS for login experience, credentials validationWednesday, March 27, 13
  • 28. What this means for you: tactically • Tighten ClearPass configuration • Upgrade to CAS 3.5.2 • continue to look to cas-addons etc. for extra features you might value, such as nuancing logging in to which services initiates SSOWednesday, March 27, 13
  • 29. What this means for you: strategically • Each CAS release gets a little better • Glitches and defects are addressed • Extra features available for adoption out of cas-addonsWednesday, March 27, 13
  • 30. Intentions for near-term development and participationWednesday, March 27, 13
  • 31. What we do • Maintain CAS 3.5 (current stable recommended release) • Work towards CAS 4 (next release) • Explore extensions and opportunities • Responsive to inputs from subscriber experiences • Explicit requests / votes • Learn from providing support • Empathize with your needs and projectsWednesday, March 27, 13
  • 32. Maintain CAS 3.5 • especially ClearPass and EhCacheTicketRegisty • Example: default ClearPass to encrypt credentials in cache • Example: revisit JSP session creation • Participate in CAS AppSec WGWednesday, March 27, 13
  • 33. Maintain client libraries • Example: more and better ClearPass support in the client librariesWednesday, March 27, 13
  • 34. Work towards CAS 4 • CAS protocol update, now with a Working Group • LPPE evolution beyond LDAP • Multi-factor authentication supportWednesday, March 27, 13
  • 35. Facilitate integrations among FLOSS projects • CAS and Shibboleth IdP integration • CAS and Grouper integration?Wednesday, March 27, 13
  • 36. Next StepsWednesday, March 27, 13
  • 37. This session is being recorded. • Will post after: • Slides • Notes blog post with useful hyperlinks • Slidecast with audioWednesday, March 27, 13
  • 38. Let’s do this again. • Next Unicon CAS Update: • Friday June 28th • 8:30 am Pacific == 11:30 am Eastern • This is a date change.Wednesday, March 27, 13
  • 39. Feedback welcome. • By all means, please do get in touch.Wednesday, March 27, 13
  • 40. Reminder to support subscribers: • You’re welcome encouraged to get in touch directly if you’d like any of this information contextualized to your specific situation. E.g., Does my particular ClearPass configuration need updated to require a proxy chain? • Feedback especially welcome.Wednesday, March 27, 13
  • 41. Call to action • Consider attending Open Apereo 2013 • Likely great CAS content, certainly great colleagues to meet with and conversations to be had. • Kick it off with a pre-conference seminar or two.Wednesday, March 27, 13
  • 42. Contact Information • Bill Thompson, Director of Identity and Access Management wgthom@unicon.net • Andrew Petro, Cooperative Support for CAS Technical Lead apetro@unicon.netWednesday, March 27, 13
  • 43. (License) This work is licensed under the Creative Commons Attribution-NonCommercial 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/ licenses/by-nc/3.0/us/.Wednesday, March 27, 13
  • 44. Photo credits • Personal photos of Jim and Andrew: all rights reserved. • Microphone: http://www.flickr.com/photos/deanhp/3711222265/ http://creativecommons.org/licenses/by/2.0/deed.en • Cactus: http://www.flickr.com/photos/robertrd/2788387337/ http://creativecommons.org/licenses/by-nc-nd/2.0/ • San Diego: http://www.flickr.com/photos/nchill4x4/3430830083/ http://creativecommons.org/licenses/by-nc-nd/2.0/ • Sun Flower: http://www.flickr.com/photos/59773274@N00 http://creativecommons.org/licenses/by/2.0/Wednesday, March 27, 13

×