[cas-dev] the upcoming (but not too soon CAS4) and the CAS clients

Smith, Matthew J. matt.smith at uconn.edu
Mon Oct 20 16:07:15 EDT 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Being unfamiliar with SAML at the development tier ATM, I am only aware
of the opensaml C++ libs.  Is anyone aware of the library availability
for the set of languages/platforms being targeted here?

I have to admit -- looking at mod_auth_cas, currently a simple Apache
module of 1 .c file, performing very basic SSL socket handling and
minimal XML parsing, and growing to include SAML, PKI, SOAP/REST, etc,
is rather daunting, from a spec-reading and dev-time perspective.

Of course, Phil,the real C ninja, has done 99% of the m-a-c coding, so
he may already have this all done ... ;-)


Scott Battaglia wrote:
> From my notes, we're looking at the follows:
> 
> 1. Single Log Out
> 2. Web SSO Profile
> 3. Assertion Query/Request
> 4. Attribute
> 5. ECP
> 5. Proxying (not yet established)
> 
> I'd prefer to use RESTful APIs vs. SOAP APIs if possible, and as stated
> before would like to look for some method sharing keys that doesn't
> require explicit key exchanges and updates on servers.  Any thoughts on
> that would be appreciated.
> 
> Thanks
> -Scott
> 
> -Scott Battaglia
> PGP Public Key Id: 0x383733AA
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
> 
> 
> On Mon, Oct 20, 2008 at 8:17 AM, Scott Battaglia
> <scott.battaglia at gmail.com <mailto:scott.battaglia at gmail.com>> wrote:
> 
>     Matt,
> 
>     There's a few profiles that we're looking at.  Eric Pierce and I
>     spent some time at the UnConference looking this stuff over.  The
>     notes are on my notebook so when I turn it on later, I'll send the
>     notes out to the list.
> 
>     I want to be very careful about making sure that CAS is still as
>     easy to deploy as before, despite using SAML so I'll be looking for
>     feedback from the CAS client developers on the profiles.  I'm also
>     interested in creating RESTful bind points instead of using SOAP,
>     and relying on temporary key exchanges if possible instead of
>     sharing public keys between the IdP and SPs if possible (or some
>     other appropriate method).  Any thoughts on that would be
>     appreciated ;-)
> 
>     Off to start up my notebook...
> 
>     -Scott
> 
>     -Scott Battaglia
>     PGP Public Key Id: 0x383733AA
>     LinkedIn: http://www.linkedin.com/in/scottbattaglia
> 
> 
>     On Fri, Oct 17, 2008 at 5:19 PM, Matt Smith <matt.smith at uconn.edu
>     <mailto:matt.smith at uconn.edu>> wrote:
> 
>         Scott-
>          Are you looking for CAS clients to support SAML multi-profile
>         support (Artifact, POST, SLO?) for a coordinated roll-out?
>         -Matt
> 
>         On Fri, Oct 17, 2008 at 2:01 PM, Scott Battaglia
>         <scott.battaglia at gmail.com <mailto:scott.battaglia at gmail.com>>
>         wrote:
>         > CAS Client Developers (I'm looking at you phpCAS,
>         mod_auth_cas, etc.),
>         >
>         > If you recently attended the UnConference you're familiar with
>         the fact that
>         > CAS4 will be supporting a few SAML profiles (more details on
>         that later) in
>         > addition to the CAS1 and CAS2 protocols.  I've been charged by
>         the steering
>         > committee to construct the finalized CAS4 roadmap based on the
>         existing
>         > vision and roadmap.  I'd like to coordinate with the major
>         (and possibly
>         > all) CAS client developers to make sure that the CAS clients
>         are ready for
>         > when CAS4 comes out for those who want to take advantage of
>         the new SAML
>         > features.
>         >
>         > We're currently targeting a Spring '09 release of CAS4.
>          Please let me know
>         > how that correlates to the develop roadmaps for the various
>         CAS clients.
>         >
>         > Thanks!
>         > -Scott
>         >
>         > -Scott Battaglia
>         > PGP Public Key Id: 0x383733AA
>         > LinkedIn: http://www.linkedin.com/in/scottbattaglia
>         >
>         > _______________________________________________
>         > cas-dev mailing list
>         > cas-dev at tp.its.yale.edu <mailto:cas-dev at tp.its.yale.edu>
>         > http://tp.its.yale.edu/mailman/listinfo/cas-dev
>         >
>         >
> 
> 
> 
>         --
>         matt at forsetti.com <mailto:matt at forsetti.com>
>         Key ID:D6EEC5B5
>         _______________________________________________
>         cas-dev mailing list
>         cas-dev at tp.its.yale.edu <mailto:cas-dev at tp.its.yale.edu>
>         http://tp.its.yale.edu/mailman/listinfo/cas-dev
> 
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev


- --
Matthew J. Smith
University of Connecticut ITS
matt.smith at uconn.edu
PGP KeyID: 0xE9C5244E
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFI/OTzGP63pOnFJE4RAm4pAJ9V9JIxl9Y3VYmWtd9Z5LumCzzq4gCdFmmO
QfgcwM6eImGelft+ZivJHik=
=0dT8
-----END PGP SIGNATURE-----

More information about the cas-dev mailing list