On Tue, Apr 16, 2013 at 9:32 AM, William G. Thompson, Jr. <[email protected]>wrote:
> Team, > > Unicon has already implemented MFA in CAS for a few clients and we > were just awarded a contract to build a modular extension to the CAS > Server to support multi-factor, and levels of assurance along the > lines of the vision articulated in > https://wiki.jasig.org/display/CAS/Level+Of+Assurance+-+Head+document > > This project requires that the resulting CAS server customizations be > released as free and open source software for adoption with and in CAS > (i.e. as cas-addons or the Jasig distribution). We intend to engage > with the community throughout the implementation. > > This project provides a real world deployment scenario to build upon > the authN API work that Marvin has completed thus far. So I think > this is good news for CAS 4.1/5.0 in that we can be assured that the > work to date on authN API, MFA, and LOA will yield deployable code > even though it didn't ship with 4.0. > > In terms of "big features" for 4.0, I think we've made substantial > progress along a number of paths that lead to a more supple, > extensible and elegant CAS server that is a joy to install, configure > and run[1]. > > * Externalizing SAML as an optional support > * Upgrades to all dependancies > * OAuth support improvements > * Externalized Services Management Webapp > * A bunch of security related improvements including encrypting > clearpass cache by default > * Many other improvements. > I don't see anything here that merits a major release. What's the problem with pushing the release date so the authN API features can be included in 4.0? --Daniel Fisher -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
