This document summarizes an update briefing on identity and access management (IAM) software including Central Authentication Service (CAS), Shibboleth, and Grouper. It provides information on recent releases and updates to CAS, Shibboleth, and Grouper as well as Unicon's contributions and support for these open source projects. The briefing covered CAS 4, Shibboleth Identity Provider 3, the Multi-Context Broker, and Grouper 2.2. It also discussed Unicon's participation in these projects through code contributions on GitHub and support for subscribers.
1. Unicon IAM Update
CAS, Shibboleth, Grouper
13 February 2014
Mike Grady • Misagh Moayyed
Audio is via Adobe Connect.
There is no phone dial-in.
2. Welcome to this
briefing
• Updates on CAS, Shibboleth and Grouper
• Unicon contributions to CAS, Shibboleth and
Grouper
• Unicon's Open Source Support
• Thanks, Q&A
3. Introduction:
Mike Grady
• IAM, Shibboleth, CAS,
Internet2 Scalable
Privacy
• 36 years at University
of Illinois before Unicon
• Unicon’s Open Source
Support for Shibboleth
technical lead
4. Introduction:
Misagh Moayyed
• IAM, Shibboleth, CAS,
uPortal, uMobile
• 2 years full time with
Unicon
• Unicon’s Open Source
Support for CAS
technical lead
5. This session is being
recorded.
• Will post after:
• Slides
• Notes blog post with
useful hyperlinks
• Slidecast with audio
7. • Identity Week, November 11-15 2013:
REFEDS, CAMP, ACAMP
Burlingame, CA
• Apereo Camp, January 27-30 2014:
CAS, uPortal, OpenRegistry, Sakai
Mesa, AZ
Past Events
8. Upcoming Events
• Shibboleth Workshop Series - March 24-25
Durham, NC
• Internet2 Global Summit - April 6-10
Denver, CO
• Open Apereo 2014 - June 1-4
Miami, FL
• Internet2 Technology Exchange – Oct 26-30
Indianapolis, IN
10. CAS4
• RC3 released. To RC4 and beyond...
• APIs to support MFA use cases
• Password policy improvements
• CAS documentation revamp;
See http://jasig.github.io/cas
13. Shibboleth
• IdP v3 development in progress;
https://wiki.shibboleth.net/confluence/display/DEV/IdP3Details
• Community news at
http://shibboleth.net/community/news
• Latest versions: IdP v2.4.0, SP v2.5.3
14. Identity Provider v3
• Release Goals:
• Support extensions (i.e uApprove) within
profiles
• Improve “rough spots” in the API
• V2 protocol interoperable; API-incompatible
https://wiki.shibboleth.net/confluence/display/IDP30/Software+Design
• Q3 Fall 2014 release is planned
20. Open Source Support
• Support for open source software as
adopted by the community
• Unicon collaborates to maintain the
supported open source software making
it more supportable and valuable to
subscribers
• “Act in the best interests of the subscribers,
of the community, and of Unicon”
29. CAS-Shibboleth:
Integration possibilities
• Shib-CAS-authenticator v2 combined with Multi-
Context broker?
• CAS attributes to supplement the IdP's authentication
context?
• CAS to resolve/release attributes to the IdP?
...reduce duplicate configuration and overhead
31. Future work
• In discussion with developer community
to find more ways to assist
• Finalizing Tomcat7 DTA-SSL
• Particular missing features you need?
36. What we do
• Collaborate to maintain current stable
recommended releases
• Work towards next releases
• Explore extensions and opportunities
• Responsive to inputs from subscriber
experiences
• Explicit requests
• Learn from providing support
• Empathize with your needs and projects
37. Feedback welcome
• Subscribers are welcome encouraged to
get in touch directly if you’d like any of this
information contextualized to your specific
situation. E.g., Should I upgrade to the
next release of shib-cas-authenticator?
• By all means, do get in touch.
38. Let’s do this again.
• Next Unicon IAM Update:
• Thursday June 19th 2014
• 12 PM MST
39. Questions / Discussion
via Adobe Connect
chat?
• Mike Grady,
Support for Shibboleth Technical Lead
mgrady@unicon.net
• Misagh Moayyed,
Support for CAS Technical Lead
mmoayyed@unicon.net
40. (License)
This work is licensed under the Creative
Commons Attribution-NonCommercial 3.0
United States License. To view a copy of this
license, visit
http://creativecommons.org/licenses/by-
nc/3.0/us/.
41. Photo credits
• Personal photos of Mike, and Misagh: all rights
reserved.
• Microphone:
http://www.flickr.com/photos/deanhp/3711222265/
http://creativecommons.org/licenses/by/2.0/deed.en