Jasig CAS Roadmap Scott Battaglia Rutgers, the State University of New Jersey

Who Am I? Software Rutgers University Lead, Jasig Central Authentication Service Chair, Jasig CAS Steering Committee Lead, Jasig OpenRegistry Part of the Jasig Running Club!

What is CAS? JA-SIG CAS is an enterprise-level single sign on service for the Web

What is CAS? A trusted intermediary Proxy Authenticator

History VersionRelease DateNotable Features 3.0.xJune 2005Major re-architecture over Yale CAS xAugust 2007Improved support for distributed CAS servers, other protocols, and “non-interactive” login, Single Log Out. 3.2.xMarch 2008Major library upgrades and bug fixes 3.3.xAugust 2008RESTful API, Memcached, Terracotta Support 3.4.xMarch 2010

Recent Progress CAS (November 2009) Additional Throttling Methods Minor Library Upgrades Improved Dependency Management Improved Logging Expired Tickets trigger logout Improved Error Messages

Recent Progress CAS 3.4 (March 2010) Upgrade to Spring 3.0.1, Spring Web Flow 2.0.8, Spring Security Updates to Inspektr library Switch to Perf4j with additional statistics Experimental Mobile Theme Validation API Distributed Ticket Registry Cleaner

Recent Impacts CAS 3.4 Upgraders: Changes to the Spring Web Flow Updates to how Maven2 WAR Overlay should be used Changes to Inspektr configuration

What We Promised CAS 4 would be out already and the most magical piece of software ever written. REALITY: CAS4 isn’t out. It is quite magical though.

CAS 3.5 Revamped Data Storage More Easily Extensible Modularization Factories More “native” New methods for distribution Support for additional features Updates to Domain Model Rename to be non-CAS protocol specific Encapsulate more the logic Easier Configuration

CAS 3.5 Reconfiguration of existing storage mechanisms (in- memory are mostly shielded) New APIs for future developers to code to Fractured community understanding of common concepts

CAS 3.6 Services Management Tools Self-Registration Tool (Wizard/Workflow) Support for Additional Protocols Separation from Main CAS application Enhanced ability for updates Easier to scale CAS Server Opportunities for tool to grow separately Distribution Opportunities for tool

CAS 3.6 Possible conversion to new database structure Separate configuration for tool Dependency of CAS server on external tool (+/-)

CAS 3.7 Major changes to CentralAuthenticationService and AuthenticationManager to support additional use cases: Message passing to user Better throttling CAPTCHA Password management integration Updated UI Reflect new use cases and recent UI trends Advanced use cases including session id switching

CAS 3.7 Interface impact should be minimal in terms of user changes Could result in major UI changes for deployers

CAS 3.8 Monitoring Expose state information via JMX May include design patterns such as “Circuit Breaker” Expose statistics not only via web UI, but also via JMX Add support hooks, where appropriate, for tools such as Nagios

CAS 3.8 As this becomes more formalized, minor “experimental” statistics, etc. may go away and be replaced.

CAS 3.9 OpenID 2 Support OpenID Authentication 2.0 OpenID Attribute Exchange 1.0 OpenID Provider Authentication Policy Extension 1.0

CAS 4.0 SAML 2 Support Web SSO Profiles ECP Profile Assertion Query/Request Profile Delegation Profile* Single Logout

CAS 4.x and Beyond Additional SAML2 Profiles Additional Up-and-Coming Integration InfoCard Facebook Connect

Other CAS Projects ClearPass Extension Jasig CAS Client for Java Mod_auth_cas phpCAS Jasig CAS Client for.NET

Track Our Progress Jasig Wiki Jasig Issue Tracker Jasig Source Repository Jasig CAS Web Site CAS Mailing Lists See it all at

Conclusion Lots of changes coming up! Stay tuned to the CAS lists to keep up to date Share your use cases and knowledge with the development team!