[cas-dev] the upcoming (but not too soon CAS4) and the CAS clients
Scott Battaglia
scott.battaglia at gmail.com
Mon Oct 20 21:07:31 EDT 2008
We can also look at the Shibboleth SP, which should be SAML compliant and
thus compatible with future CAS versions. I'm not familiar with it though.
Have you looked at it at all?
-Scott
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
On Mon, Oct 20, 2008 at 4:07 PM, Smith, Matthew J. <matt.smith at uconn.edu>wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Being unfamiliar with SAML at the development tier ATM, I am only aware
> of the opensaml C++ libs. Is anyone aware of the library availability
> for the set of languages/platforms being targeted here?
>
> I have to admit -- looking at mod_auth_cas, currently a simple Apache
> module of 1 .c file, performing very basic SSL socket handling and
> minimal XML parsing, and growing to include SAML, PKI, SOAP/REST, etc,
> is rather daunting, from a spec-reading and dev-time perspective.
>
> Of course, Phil,the real C ninja, has done 99% of the m-a-c coding, so
> he may already have this all done ... ;-)
>
>
> Scott Battaglia wrote:
> > From my notes, we're looking at the follows:
> >
> > 1. Single Log Out
> > 2. Web SSO Profile
> > 3. Assertion Query/Request
> > 4. Attribute
> > 5. ECP
> > 5. Proxying (not yet established)
> >
> > I'd prefer to use RESTful APIs vs. SOAP APIs if possible, and as stated
> > before would like to look for some method sharing keys that doesn't
> > require explicit key exchanges and updates on servers. Any thoughts on
> > that would be appreciated.
> >
> > Thanks
> > -Scott
> >
> > -Scott Battaglia
> > PGP Public Key Id: 0x383733AA
> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> >
> >
> > On Mon, Oct 20, 2008 at 8:17 AM, Scott Battaglia
> > <scott.battaglia at gmail.com <mailto:scott.battaglia at gmail.com>> wrote:
> >
> > Matt,
> >
> > There's a few profiles that we're looking at. Eric Pierce and I
> > spent some time at the UnConference looking this stuff over. The
> > notes are on my notebook so when I turn it on later, I'll send the
> > notes out to the list.
> >
> > I want to be very careful about making sure that CAS is still as
> > easy to deploy as before, despite using SAML so I'll be looking for
> > feedback from the CAS client developers on the profiles. I'm also
> > interested in creating RESTful bind points instead of using SOAP,
> > and relying on temporary key exchanges if possible instead of
> > sharing public keys between the IdP and SPs if possible (or some
> > other appropriate method). Any thoughts on that would be
> > appreciated ;-)
> >
> > Off to start up my notebook...
> >
> > -Scott
> >
> > -Scott Battaglia
> > PGP Public Key Id: 0x383733AA
> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> >
> >
> > On Fri, Oct 17, 2008 at 5:19 PM, Matt Smith <matt.smith at uconn.edu
> > <mailto:matt.smith at uconn.edu>> wrote:
> >
> > Scott-
> > Are you looking for CAS clients to support SAML multi-profile
> > support (Artifact, POST, SLO?) for a coordinated roll-out?
> > -Matt
> >
> > On Fri, Oct 17, 2008 at 2:01 PM, Scott Battaglia
> > <scott.battaglia at gmail.com <mailto:scott.battaglia at gmail.com>>
> > wrote:
> > > CAS Client Developers (I'm looking at you phpCAS,
> > mod_auth_cas, etc.),
> > >
> > > If you recently attended the UnConference you're familiar with
> > the fact that
> > > CAS4 will be supporting a few SAML profiles (more details on
> > that later) in
> > > addition to the CAS1 and CAS2 protocols. I've been charged by
> > the steering
> > > committee to construct the finalized CAS4 roadmap based on the
> > existing
> > > vision and roadmap. I'd like to coordinate with the major
> > (and possibly
> > > all) CAS client developers to make sure that the CAS clients
> > are ready for
> > > when CAS4 comes out for those who want to take advantage of
> > the new SAML
> > > features.
> > >
> > > We're currently targeting a Spring '09 release of CAS4.
> > Please let me know
> > > how that correlates to the develop roadmaps for the various
> > CAS clients.
> > >
> > > Thanks!
> > > -Scott
> > >
> > > -Scott Battaglia
> > > PGP Public Key Id: 0x383733AA
> > > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> > >
> > > _______________________________________________
> > > cas-dev mailing list
> > > cas-dev at tp.its.yale.edu <mailto:cas-dev at tp.its.yale.edu>
> > > http://tp.its.yale.edu/mailman/listinfo/cas-dev
> > >
> > >
> >
> >
> >
> > --
> > matt at forsetti.com <mailto:matt at forsetti.com>
> > Key ID:D6EEC5B5
> > _______________________________________________
> > cas-dev mailing list
> > cas-dev at tp.its.yale.edu <mailto:cas-dev at tp.its.yale.edu>
> > http://tp.its.yale.edu/mailman/listinfo/cas-dev
> >
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > cas-dev mailing list
> > cas-dev at tp.its.yale.edu
> > http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
> - --
> Matthew J. Smith
> University of Connecticut ITS
> matt.smith at uconn.edu
> PGP KeyID: 0xE9C5244E
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
>
> iD8DBQFI/OTzGP63pOnFJE4RAm4pAJ9V9JIxl9Y3VYmWtd9Z5LumCzzq4gCdFmmO
> QfgcwM6eImGelft+ZivJHik=
> =0dT8
> -----END PGP SIGNATURE-----
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20081020/c527c4e4/attachment.html
More information about the cas-dev
mailing list