On 1/30/12 12:29 PM, Andrew Petro wrote:
Jason,
Our code isn't currently publicly visible in source form, but that could be
changed if it would help.
Yes, that would help. The first step to making code available as open source
software is to make code available as open source software. :)
It's not the last step, but it's a great initial step for allowing CAS adopters
to get interested and excited about this functionality and to engage with it.
I'll look forward to seeing the code and engaging further in understanding what
this brings to CAS.
Great! I'm now working towards putting the code up on github so you can
review it, submit issues as needed, and you can see how we address
them. Will that work for you?
I need to hear back from legal to make sure we have the right notices
everywhere. In particular, because it's a SBIR funded project, I believe
we have an obligation to include a SBIR data rights notice. We have
planned to open source this all along and BSD3 is our go-to open source
license here at Galois. BSD3 looks like the default license for JA-SIG
too: http://www.jasig.org/cas/license
While I was getting things ready for github I realized that we have a
lot of integration tests that we can't easily share with you just
because they make a lot of assumptions about our internal setup. If you
have your own servers for integration tests we can talk about
translating our integration tests.
I will also include the cas-config that we've been distributing as an
example for the trial deployments. The interesting thing to note there
is that we had to pull the login-webflow from CAS and modify it in the
WAR in order to inject some of our classes. We keep wondering if there
is a better way to do that. Here is the commit log for context:
Added verbatim copies of CAS configuration files from CAS v3.4.10
Obtained via download from github. For example:
$ wget
https://raw.github.com/Jasig/cas/v3.4.10/cas-server-webapp/src/main/webapp/WEB-INF/login-webflow.xml
These files were added in order to allow us to customize the
authentication mechanisms. In particular this was added as part of
adding support for X.509 client certificate authentication, which is
currently necessary in order to use attributes from VOMS.
create mode 100644
grid2-vo/cas-config/src/main/webapp/WEB-INF/cas-servlet.xml
create mode 100644
grid2-vo/cas-config/src/main/webapp/WEB-INF/login-webflow.xml
Thanks,
Jason
I've copied our SBIR data rights notice below just in case you are
curious about it, but I think it really just applies to the "government":
Acknowledgement
This material is based upon work supported by the Department of
Energy under
Award Number DE-SC0002076
Disclaimer
This report was prepared as an account of work sponsored by an
agency of the
United States Government. Neither the United States Government
nor any agency
thereof, nor any of their employees, makes any warranty, express
or implied, or
assumes any legal liability or responsibility for the accuracy,
completeness,
or usefulness of any information, apparatus, product, or process
disclosed, or
represents that its use would not infringe privately owned
rights. Reference
herein to any specific commercial product, process, or service by
trade name,
trademark, manufacturer, or otherwise does not necessarily
constitute or imply
its endorsement, recommendation, or favoring by the United States
Government or
any agency thereof. The views and opinions of authors expressed
herein do not
necessarily state or reflect those of the United States
Government or any
agency thereof.
SBIR/STTR Rights Notice
These SBIR/STTR data are furnished with SBIR/STTR rights under
Grant No.
DE-SC0002076. For a period of four (4) years after acceptance of
all items to
be delivered under this grant, the Government agrees to use these
data for
Government purposes only, and they shall not be disclosed outside the
Government (including disclosure for procurement purposes) during
such period
without permission of the grantee, except that, subject to the
foregoing use
and disclosure prohibitions, such data may be disclosed for use
by support
contractors. After the aforesaid four-year period, the Government
has a
royalty-free license to use, and to authorize others to use on
its behalf,
these data for Government purpose, but is relieved of all disclosure
prohibitions and assumes no liability for unauthorized use of
these data by
third parties. This Notice shall be affixed to any reproductions
of these data
in whole or in part.
--
You are currently subscribed to cas-dev@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
