I am keeping track of proposals here: https://wiki.jasig.org/display/CAS/CAS+4.1+Roadmap+DRAFT
Feel free to add/remove/clarify. From: J??r??me LELEU [mailto:lel...@gmail.com] Sent: Thursday, May 29, 2014 11:34 PM To: cas-dev@lists.jasig.org Subject: Re: [cas-dev] CAS 4.1.0 Hi, It looks like we have a good meeting agenda now. Though, I just see Misagh's reply and we talk to each other almost every month at the CAS AppSec Working Group meetings, so I'd like to know if other committers would be available for a conf call or if we should fallback to some discussions on this mailing list. Thanks. Best regards, J??r??me 2014-05-21 19:13 GMT+02:00 J??r??me LELEU <lel...@gmail.com>: Hi, I would be interested in: - front channel SLO - OAuth server support (new grant types) - LOA Best regards, J??r??me 2014-05-20 21:56 GMT+02:00 Misagh Moayyed <mmoay...@unicon.net>: I looked around on Jira to see if I can find any interesting candidates that would fit the scope. Most documented issues are rather small in scope and we should be able to knock out some as usual, but for the big picture, here are a few features and improvements I would like to throw in for discussion: - Service based authentication (which is also listed at Jerome???s link) - A refactor/redesign of TGT expiration policies (work almost done there as an extension for now) - Management app facelist and support for oauth - Thinking about dropping the uber-webapp module, and perhaps jboss cache? - SWF session storage at the client side (pending pull; working with Marvin to prep a maven dependency) - JSON service registry? From: J??r??me LELEU [mailto:lel...@gmail.com] Sent: Tuesday, May 20, 2014 6:53 AM To: cas-dev@lists.jasig.org Subject: Re: [cas-dev] CAS 4.1.0 Sure. For information, the upgrade is already in progress for the Java CAS client... 2014-05-20 11:30 GMT+02:00 Stefan Paetow <stefan.pae...@ja.net>: Seconded. And while you???re at it, get the various distributions to update theirs also. Stefan From: Ganesh and Sashi Prasad [mailto:g.c.pra...@gmail.com] Sent: 19 May 2014 22:06 To: cas-dev@lists.jasig.org Subject: Re: [cas-dev] CAS 4.1.0 I think the highest priority would be to release the CAS Client versions compatible with CAS 4.0 (mod_auth_cas and CAS Client for Java). Regards, Ganesh On 19 May 2014 20:31, J??r??me LELEU <lel...@gmail.com> wrote: Hi, CAS 4.0 has been released and I'm almost done with the tasks on the Jasig web site. So it's time to think about the future (I like to say that ;-). Maybe we could organize some conf call to talk about the next features we want to work on? At our last AppSec Working Group conf call, we tried to prioritize what we could expect from a security point of view. From: https://wiki.jasig.org/display/CAS/Proposals+to+mitigate+security+risks, we highlighted: -- global secure flag to enable HTTP on service / proxy (SEC_2b / SEC_1) - SEC_4 + SEC_5 - SEC_7 + SEC_9 - SEC_10. This is of course some starting point for a discussion. I'm looking forward to your feedbacks. Thanks. Best regards, J??r??me -- You are currently subscribed to cas-dev@lists.jasig.org as: g.c.pra...@gmail.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to cas-dev@lists.jasig.org as: stefan.pae...@ja.net To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev Janet(UK) is a trading name of Jisc Collections and Janet Limited, a not-for-profit company which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238 -- You are currently subscribed to cas-dev@lists.jasig.org as: lel...@gmail.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to cas-dev@lists.jasig.org as: mmoay...@unicon.net To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to cas-dev@lists.jasig.org as: lel...@gmail.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to cas-dev@lists.jasig.org as: mmoay...@unicon.net To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
