Hi, CAS 4.0 has been released and I'm almost done with the tasks on the Jasig web site.
So it's time to think about the future (I like to say that ;-). Maybe we could organize some conf call to talk about the next features we want to work on? At our last AppSec Working Group conf call, we tried to prioritize what we could expect from a security point of view. From: https://wiki.jasig.org/display/CAS/Proposals+to+mitigate+security+risks, we highlighted: -- global secure flag to enable HTTP on service / proxy (SEC_2b / SEC_1) - SEC_4 + SEC_5 - SEC_7 + SEC_9 - SEC_10. This is of course some starting point for a discussion. I'm looking forward to your feedbacks. Thanks. Best regards, Jérôme -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
