Hi, It looks like we have a good meeting agenda now. Though, I just see Misagh's reply and we talk to each other almost every month at the CAS AppSec Working Group meetings, so I'd like to know if other committers would be available for a conf call or if we should fallback to some discussions on this mailing list. Thanks. Best regards, Jérôme
2014-05-21 19:13 GMT+02:00 Jérôme LELEU <[email protected]>: > Hi, > > I would be interested in: > - front channel SLO > - OAuth server support (new grant types) > - LOA > > Best regards, > Jérôme > > > > 2014-05-20 21:56 GMT+02:00 Misagh Moayyed <[email protected]>: > >> I looked around on Jira to see if I can find any interesting candidates >> that would fit the scope. Most documented issues are rather small in scope >> and we should be able to knock out some as usual, but for the big picture, >> here are a few features and improvements I would like to throw in for >> discussion: >> >> >> >> - Service based authentication (which is also listed at >> Jerome’s link) >> >> - A refactor/redesign of TGT expiration policies (work almost >> done there as an extension for now) >> >> - Management app facelist and support for oauth >> >> - Thinking about dropping the uber-webapp module, and perhaps >> jboss cache? >> >> - SWF session storage at the client side (pending pull; >> working with Marvin to prep a maven dependency) >> >> - JSON service registry? >> >> >> >> *From:* Jérôme LELEU [mailto:[email protected]] >> *Sent:* Tuesday, May 20, 2014 6:53 AM >> *To:* [email protected] >> *Subject:* Re: [cas-dev] CAS 4.1.0 >> >> >> >> Sure. For information, the upgrade is already in progress for the Java >> CAS client... >> >> >> >> 2014-05-20 11:30 GMT+02:00 Stefan Paetow <[email protected]>: >> >> Seconded. >> >> >> >> And while you’re at it, get the various distributions to update theirs >> also. >> >> >> >> Stefan >> >> >> >> >> >> *From:* Ganesh and Sashi Prasad [mailto:[email protected]] >> *Sent:* 19 May 2014 22:06 >> *To:* [email protected] >> *Subject:* Re: [cas-dev] CAS 4.1.0 >> >> >> >> I think the highest priority would be to release the CAS Client versions >> compatible with CAS 4.0 (mod_auth_cas and CAS Client for Java). >> >> >> >> Regards, >> >> Ganesh >> >> >> >> On 19 May 2014 20:31, Jérôme LELEU <[email protected]> wrote: >> >> Hi, >> >> >> >> CAS 4.0 has been released and I'm almost done with the tasks on the Jasig >> web site. >> >> >> >> So it's time to think about the future (I like to say that ;-). Maybe we >> could organize some conf call to talk about the next features we want to >> work on? >> >> >> >> At our last AppSec Working Group conf call, we tried to prioritize what >> we could expect from a security point of view. >> >> From: >> https://wiki.jasig.org/display/CAS/Proposals+to+mitigate+security+risks, >> we highlighted: >> >> -- global secure flag to enable HTTP on service / proxy (SEC_2b / SEC_1) >> >> - SEC_4 + SEC_5 >> >> - SEC_7 + SEC_9 >> >> - SEC_10. >> >> >> >> This is of course some starting point for a discussion. >> >> >> >> I'm looking forward to your feedbacks. >> >> >> >> Thanks. >> >> Best regards, >> >> Jérôme >> >> >> >> -- >> >> You are currently subscribed to [email protected] as: >> [email protected] >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev >> >> >> >> >> >> -- >> >> You are currently subscribed to [email protected] as: >> [email protected] >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev >> >> Janet(UK) is a trading name of Jisc Collections and Janet Limited, a >> >> not-for-profit company which is registered in England under No. 2881024 >> >> and whose Registered Office is at Lumen House, Library Avenue, >> >> Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238 >> >> -- >> >> You are currently subscribed to [email protected] as: [email protected] >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev >> >> >> >> >> >> -- >> >> You are currently subscribed to [email protected] as: >> [email protected] >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev >> >> -- >> You are currently subscribed to [email protected] as: [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev >> >> > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
