SlideShare una empresa de Scribd logo

Unicon July 2015 IAM Briefing

Descargar como PPTX, PDF
John Gasper
John Gasper

This document provides updates on CAS, Shibboleth, and Grouper from a briefing held on July 9, 2015. It summarizes recent releases and versions of each, upcoming events, community highlights, trends in identity and access management, and Unicon's contributions and support for the open source projects.

Tecnología
1 de 37
Unicon IAM Update CAS, Shibboleth, Grouper 09 July 2015 Jonathan Johnson • Misagh Moayyed • David Langenberg Audio is via Adobe Connect. There is no phone dial-in.
Welcome to this briefing • Updates on CAS, Shibboleth and Grouper • Unicon contributions to CAS, Shibboleth and Grouper • Unicon's Open Source Support • Q&A
Misagh Moayyed • IAM, Shibboleth, CAS, uPortal • Unicon’s Open Source Support for CAS technical lead
Jonathan (JJ) Johnson • IAM, Shibboleth, CAS, Grouper
David Langenberg • Grouper Developer, Internet2 • Shibboleth Trainer, InCommon LLC • IAM Architect, University of Chicago
Observations and Highlights
• Internet2 Global Summit: 26-30 Apr 2015 Washington D.C. • Educause Security Professionals Conf: 4-6 May Minneapolis, MN • Open Apereo: 31 May-4 June Baltimore, MD Past Events
•InCommon Shibboleth Workshop: 17-18 Sept 2015 Cupertino, CA •Internet2 2015 Technology Exchange: 4-7 Oct 2015 Cleveland, OH •InCommon Shibboleth Workshop: 19-20 Oct 2015 Arlington, TX Upcoming Events
Community Highlights
IAM Trends •MFA for Shibboleth, MFA for CAS, etc ○Device/Location aware features ○Risk-based AuthN •O365/ADFS Integration with CAS/Shibboleth •Grouper and Provisioning
Highlights About CAS
CAS Server Versions ●CAS Server v3.6.0 / v4.0.2 (12 Jun 2015) ■OAuth/OpenID bug fixes ■Localization and UI improvements ■Protocol URL/Parameter sanitizations ●CAS Server v4.0.3 (early next week) ■Security filter upgrade ■LDAP/LPPE bug fixes ■Localization/UTF-8 improvements ●CAS Server v4.1.0 (In development)
CAS 4.1 – Goodies https://youtu.be/P_GTXEAt5oU ● JSON Service Registry / RBAC ● Better Management Interface ● SLO/Logo/Logout url per application ● Password/PGT as attributes ● Many more...
CAS Server Security Filter https://github.com/Jasig/cas-server-security-filter • Suitable for patching-in-place deployments, vulnerable to CAS-protocol-input attacks. • v2.0.3 released 3-Jul-2015.
CAS NextGen https://wiki.jasig.org/display/CAS/CAS+4.2+Roadmap ●SAML SP / ADFS Proxy Support ●Better MFA Support ●SSO Sessions Dashboard ●Surrogate AuthN ●More…
Highlights About Shibboleth
Shibboleth Versions • Latest versions: • IdP v3.1.2 (1 Jul 2015) • SP v2.5.4 (19 Mar 2015) • New adopters are encouraged to use v3 • Current deployers to explore upgrades
• IdP v2.4.4 was released 25 Feb 2015, to address security issue; OpenSAML-J was also updated • IdP v2.4 end of life timeline (assuming you haven’t upgraded): Shibboleth 2.x Lifetime Dec 31, 2015 Plan to upgrade Feb 29, 2016 Done with upgrade Mar 31, 2016 Really done with upgrade July 31, 2016 IdP 2.x full EOL
Multi-Context Broker ● Analysis of Shib IdPv3 and MCB: https://wiki.shibboleth.net/confluence/x/EoEEAQ ● Believed to be generally un-needed in IdP v3; waiting for general guidance to be released.
IdP: OpenID Connect https://github.com/uchicago/shibboleth-oidc ● Community-effort to support OIDC protocol ● Sponsored by University of Chicago ● Developed by Unicon
Highlights About Grouper
Grouper v2.2.1 http://goo.gl/5LrGAR • Released 10 Nov 2014. • 36 patches available (21 since last briefing): • Selective PSP provisioning • Better UTF-8 character support • Lots of bug fixes http://software.internet2.edu/grouper/release/2.2.1/patches/
Highlights About Unicon Participation in CAS, Shibboleth and Grouper
Open Source Support • Support OSS as adopted by the community • Collaboration with community and subscribers • “Act in the best interest of the subscribers, the community, and the project”
CAS-related progress
CAS 4.X Enhancements • JSON Service Registry • Rest API improvements • SSO Sessions / AUP workflows • LDAP/LPPE bug fixes • ...
Other/Ongoing work • CAS WS-Fed module for CAS 4.0 https://github.com/Unicon/cas-adfs-integration • Allow a principal to authN as another https://github.com/UniconLabs/cas-surrogate-principal • Java CAS client: regex in proxy chains https://github.com/Jasig/java-cas-client
CAS Addons 3.5.X: https://github.com/Unicon/cas-addons 4.X: https://github.com/unicon-cas-addons • 3.15 and 3.16 released since last webinar • 4.x compatible versions are available as individual libraries instead of a monolithic library. • HazelcastTicketRegistry updated in April.
CAS MFA https://github.com/Unicon/cas-mfa • MFA Support based on CAS 3.5/3.6 • CAS proxying/Clearpass support • Trigger MFA via list/group membership.
Shibboleth-related progress
Shib-CAS AuthN v3 https://github.com/Unicon/shib-cas-authn3 • v3.0.0 • Shibboleth IdP v3.X support • Fixed encoding on entityId/service parameters. • v2.0.5 should be used with IdP 2.4.x
Other/Ongoing work • Hazelcast Session Storage https://github.com/UniconLabs/shib-hazelcast-storage-service • Duo Support for IdP v3 https://github.com/Unicon/shib-mfa-duo-auth • IdP v3 powered by Docker https://github.com/jtgasper3/docker-shibboleth-idp
Grouper-related progress
Grouper-related • Grouper Bugs: ○GRP-1137: Group copy issue related to hooks (reported and fixed by devs) ○GRP-1139: Grouper API reports non-fatal issues when multiple hook classes are specified (reported and fixed by Unicon) • Grouper-Demo for Docker: https://registry.hub.docker.com/u/unicon/grouper-demo • Grouper ESB AMQP Publisher https://github.com/Unicon/grouper-amqp-esb-publisher
Next Steps
What we do • Collaborate to maintain current stable recommended releases • Work towards next releases • Explore extensions and opportunities • Responsive to inputs from subscriber experiences • Feedback is especially welcome! • Learn from providing support • Empathize with your needs and projects
Questions / Discussion • Misagh Moayyed, Support for CAS Technical Lead mmoayyed@unicon.net • Jonathan (Jj) Johnson, jj@unicon.net • David Langenberg, dlangenberg@unicon.net

Recomendados

Unicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingUnicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingJohn Gasper
 
Python Pune October Meetup 2015
Python Pune October Meetup 2015Python Pune October Meetup 2015
Python Pune October Meetup 2015Abhijeet Kasurde
 
Unicon June 2014 IAM Briefing
Unicon June 2014 IAM BriefingUnicon June 2014 IAM Briefing
Unicon June 2014 IAM BriefingJohn Gasper
 
Introducing GitLab (September 2018)
Introducing GitLab (September 2018)Introducing GitLab (September 2018)
Introducing GitLab (September 2018)Noa Harel
 
The printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN HandbookThe printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN HandbookAarno Aukia
 
The Open Container Initiative (OCI) at 12 months
The Open Container Initiative (OCI) at 12 monthsThe Open Container Initiative (OCI) at 12 months
The Open Container Initiative (OCI) at 12 monthsChris Aniszczyk
 
PdxDevOps presentation - 2015/08/17
PdxDevOps presentation - 2015/08/17PdxDevOps presentation - 2015/08/17
PdxDevOps presentation - 2015/08/17Rex Addiscentis
 
Gerrit Workshop
Gerrit WorkshopGerrit Workshop
Gerrit WorkshopSteffen Gebert
 

Recomendados

Unicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingUnicon July 2015 IAM Briefing
Unicon July 2015 IAM BriefingJohn Gasper
 
Python Pune October Meetup 2015
Python Pune October Meetup 2015Python Pune October Meetup 2015
Python Pune October Meetup 2015Abhijeet Kasurde
 
Unicon June 2014 IAM Briefing
Unicon June 2014 IAM BriefingUnicon June 2014 IAM Briefing
Unicon June 2014 IAM BriefingJohn Gasper
 
Introducing GitLab (September 2018)
Introducing GitLab (September 2018)Introducing GitLab (September 2018)
Introducing GitLab (September 2018)Noa Harel
 
The printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN HandbookThe printing press of 2021 - using GitLab to publish the VSHN Handbook
The printing press of 2021 - using GitLab to publish the VSHN HandbookAarno Aukia
 
The Open Container Initiative (OCI) at 12 months
The Open Container Initiative (OCI) at 12 monthsThe Open Container Initiative (OCI) at 12 months
The Open Container Initiative (OCI) at 12 monthsChris Aniszczyk
 
PdxDevOps presentation - 2015/08/17
PdxDevOps presentation - 2015/08/17PdxDevOps presentation - 2015/08/17
PdxDevOps presentation - 2015/08/17Rex Addiscentis
 
Gerrit Workshop
Gerrit WorkshopGerrit Workshop
Gerrit WorkshopSteffen Gebert
 
Introducing GitLab (September 2018)
Introducing GitLab (September 2018)Introducing GitLab (September 2018)
Introducing GitLab (September 2018)Noa Harel
 
XWiki SAS: An open source company
XWiki SAS: An open source companyXWiki SAS: An open source company
XWiki SAS: An open source companyVincent Massol
 
Introducing GitLab
Introducing GitLabIntroducing GitLab
Introducing GitLabTaisuke Inoue
 
DevSecOps - Security in DevOps
DevSecOps - Security in DevOpsDevSecOps - Security in DevOps
DevSecOps - Security in DevOpsAarno Aukia
 
Flex and .NET Integration
Flex and .NET IntegrationFlex and .NET Integration
Flex and .NET Integrationicaraion
 
Gerrit linuxtag2011
Gerrit linuxtag2011Gerrit linuxtag2011
Gerrit linuxtag2011thkoch
 
Developing XWiki
Developing XWikiDeveloping XWiki
Developing XWikiVincent Massol
 
GitLab: One Tool for Software Development (2018-02-06 @ SEIUM, Braga, Portugal)
GitLab: One Tool for Software Development (2018-02-06 @ SEIUM, Braga, Portugal)GitLab: One Tool for Software Development (2018-02-06 @ SEIUM, Braga, Portugal)
GitLab: One Tool for Software Development (2018-02-06 @ SEIUM, Braga, Portugal)Pedro Moreira da Silva
 
Thomson Reuters, TMS: Workflow in GitLab
Thomson Reuters, TMS: Workflow in GitLabThomson Reuters, TMS: Workflow in GitLab
Thomson Reuters, TMS: Workflow in GitLabMatan Keidar
 
Running a Docker based Backend in the Cloud
Running a Docker based Backend in the CloudRunning a Docker based Backend in the Cloud
Running a Docker based Backend in the CloudFlorian Feigenbutz
 
Slide: Introducing GitLab by ALMtoolbox
Slide: Introducing GitLab by ALMtoolboxSlide: Introducing GitLab by ALMtoolbox
Slide: Introducing GitLab by ALMtoolboxNoa Harel
 
Introducing GitLab (June 2018)
Introducing GitLab (June 2018)Introducing GitLab (June 2018)
Introducing GitLab (June 2018)Noa Harel
 
Introduction to Git
Introduction to GitIntroduction to Git
Introduction to GitOvidiu Dimulescu
 
Deploying Flask web app using OpenShift
Deploying Flask web app using OpenShiftDeploying Flask web app using OpenShift
Deploying Flask web app using OpenShiftAbhijeet Kasurde
 
Drupal 9 and Backwards Compatibility: Why now is the time to upgrade to Drupal 8
Drupal 9 and Backwards Compatibility: Why now is the time to upgrade to Drupal 8Drupal 9 and Backwards Compatibility: Why now is the time to upgrade to Drupal 8
Drupal 9 and Backwards Compatibility: Why now is the time to upgrade to Drupal 8Angela Byron
 
OCTO On-Site Off-Site Update on D8 Roadmap
OCTO On-Site Off-Site Update on D8 RoadmapOCTO On-Site Off-Site Update on D8 Roadmap
OCTO On-Site Off-Site Update on D8 RoadmapAngela Byron
 
XWiki Status - July 2015
XWiki Status - July 2015XWiki Status - July 2015
XWiki Status - July 2015Vincent Massol
 
Open Container Initiative Update
Open Container Initiative UpdateOpen Container Initiative Update
Open Container Initiative UpdateChris Aniszczyk
 
Contributing to Open Source
Contributing to Open SourceContributing to Open Source
Contributing to Open SourceAll Things Open
 
Creating a commercial PaaS offer based on Fiware
Creating a commercial PaaS offer based on Fiware Creating a commercial PaaS offer based on Fiware
Creating a commercial PaaS offer based on Fiware Giovanni Coppa
 
Unicon Nov 2014 IAM Briefing
Unicon Nov 2014 IAM BriefingUnicon Nov 2014 IAM Briefing
Unicon Nov 2014 IAM BriefingJohn Gasper
 
February 13th, 2014 - Unicon IAM Webinar Update
February 13th, 2014 - Unicon IAM Webinar UpdateFebruary 13th, 2014 - Unicon IAM Webinar Update
February 13th, 2014 - Unicon IAM Webinar UpdateMisagh Moayyed
 

Más contenido relacionado

La actualidad más candente

Introducing GitLab (September 2018)
Introducing GitLab (September 2018)Introducing GitLab (September 2018)
Introducing GitLab (September 2018)Noa Harel
 
XWiki SAS: An open source company
XWiki SAS: An open source companyXWiki SAS: An open source company
XWiki SAS: An open source companyVincent Massol
 
DevSecOps - Security in DevOps
DevSecOps - Security in DevOpsDevSecOps - Security in DevOps
DevSecOps - Security in DevOpsAarno Aukia
 
Flex and .NET Integration
Flex and .NET IntegrationFlex and .NET Integration
Flex and .NET Integrationicaraion
 
Gerrit linuxtag2011
Gerrit linuxtag2011Gerrit linuxtag2011
Gerrit linuxtag2011thkoch
 
GitLab: One Tool for Software Development (2018-02-06 @ SEIUM, Braga, Portugal)
GitLab: One Tool for Software Development (2018-02-06 @ SEIUM, Braga, Portugal)GitLab: One Tool for Software Development (2018-02-06 @ SEIUM, Braga, Portugal)
GitLab: One Tool for Software Development (2018-02-06 @ SEIUM, Braga, Portugal)Pedro Moreira da Silva
 
Thomson Reuters, TMS: Workflow in GitLab
Thomson Reuters, TMS: Workflow in GitLabThomson Reuters, TMS: Workflow in GitLab
Thomson Reuters, TMS: Workflow in GitLabMatan Keidar
 
Running a Docker based Backend in the Cloud
Running a Docker based Backend in the CloudRunning a Docker based Backend in the Cloud
Running a Docker based Backend in the CloudFlorian Feigenbutz
 
Slide: Introducing GitLab by ALMtoolbox
Slide: Introducing GitLab by ALMtoolboxSlide: Introducing GitLab by ALMtoolbox
Slide: Introducing GitLab by ALMtoolboxNoa Harel
 
Introducing GitLab (June 2018)
Introducing GitLab (June 2018)Introducing GitLab (June 2018)
Introducing GitLab (June 2018)Noa Harel
 
Deploying Flask web app using OpenShift
Deploying Flask web app using OpenShiftDeploying Flask web app using OpenShift
Deploying Flask web app using OpenShiftAbhijeet Kasurde
 
Drupal 9 and Backwards Compatibility: Why now is the time to upgrade to Drupal 8
Drupal 9 and Backwards Compatibility: Why now is the time to upgrade to Drupal 8Drupal 9 and Backwards Compatibility: Why now is the time to upgrade to Drupal 8
Drupal 9 and Backwards Compatibility: Why now is the time to upgrade to Drupal 8Angela Byron
 
OCTO On-Site Off-Site Update on D8 Roadmap
OCTO On-Site Off-Site Update on D8 RoadmapOCTO On-Site Off-Site Update on D8 Roadmap
OCTO On-Site Off-Site Update on D8 RoadmapAngela Byron
 
XWiki Status - July 2015
XWiki Status - July 2015XWiki Status - July 2015
XWiki Status - July 2015Vincent Massol
 
Open Container Initiative Update
Open Container Initiative UpdateOpen Container Initiative Update
Open Container Initiative UpdateChris Aniszczyk
 
Contributing to Open Source
Contributing to Open SourceContributing to Open Source
Contributing to Open SourceAll Things Open
 
Creating a commercial PaaS offer based on Fiware
Creating a commercial PaaS offer based on Fiware Creating a commercial PaaS offer based on Fiware
Creating a commercial PaaS offer based on Fiware Giovanni Coppa
 

La actualidad más candente (20)

Introducing GitLab (September 2018)
Introducing GitLab (September 2018)Introducing GitLab (September 2018)
Introducing GitLab (September 2018)
 
XWiki SAS: An open source company
XWiki SAS: An open source companyXWiki SAS: An open source company
XWiki SAS: An open source company
 
Introducing GitLab
Introducing GitLabIntroducing GitLab
Introducing GitLab
 
DevSecOps - Security in DevOps
DevSecOps - Security in DevOpsDevSecOps - Security in DevOps
DevSecOps - Security in DevOps
 
Flex and .NET Integration
Flex and .NET IntegrationFlex and .NET Integration
Flex and .NET Integration
 
Gerrit linuxtag2011
Gerrit linuxtag2011Gerrit linuxtag2011
Gerrit linuxtag2011
 
Developing XWiki
Developing XWikiDeveloping XWiki
Developing XWiki
 
GitLab: One Tool for Software Development (2018-02-06 @ SEIUM, Braga, Portugal)
GitLab: One Tool for Software Development (2018-02-06 @ SEIUM, Braga, Portugal)GitLab: One Tool for Software Development (2018-02-06 @ SEIUM, Braga, Portugal)
GitLab: One Tool for Software Development (2018-02-06 @ SEIUM, Braga, Portugal)
 
Thomson Reuters, TMS: Workflow in GitLab
Thomson Reuters, TMS: Workflow in GitLabThomson Reuters, TMS: Workflow in GitLab
Thomson Reuters, TMS: Workflow in GitLab
 
Running a Docker based Backend in the Cloud
Running a Docker based Backend in the CloudRunning a Docker based Backend in the Cloud
Running a Docker based Backend in the Cloud
 
Slide: Introducing GitLab by ALMtoolbox
Slide: Introducing GitLab by ALMtoolboxSlide: Introducing GitLab by ALMtoolbox
Slide: Introducing GitLab by ALMtoolbox
 
Introducing GitLab (June 2018)
Introducing GitLab (June 2018)Introducing GitLab (June 2018)
Introducing GitLab (June 2018)
 
Introduction to Git
Introduction to GitIntroduction to Git
Introduction to Git
 
Deploying Flask web app using OpenShift
Deploying Flask web app using OpenShiftDeploying Flask web app using OpenShift
Deploying Flask web app using OpenShift
 
Drupal 9 and Backwards Compatibility: Why now is the time to upgrade to Drupal 8
Drupal 9 and Backwards Compatibility: Why now is the time to upgrade to Drupal 8Drupal 9 and Backwards Compatibility: Why now is the time to upgrade to Drupal 8
Drupal 9 and Backwards Compatibility: Why now is the time to upgrade to Drupal 8
 
OCTO On-Site Off-Site Update on D8 Roadmap
OCTO On-Site Off-Site Update on D8 RoadmapOCTO On-Site Off-Site Update on D8 Roadmap
OCTO On-Site Off-Site Update on D8 Roadmap
 
XWiki Status - July 2015
XWiki Status - July 2015XWiki Status - July 2015
XWiki Status - July 2015
 
Open Container Initiative Update
Open Container Initiative UpdateOpen Container Initiative Update
Open Container Initiative Update
 
Contributing to Open Source
Contributing to Open SourceContributing to Open Source
Contributing to Open Source
 
Creating a commercial PaaS offer based on Fiware
Creating a commercial PaaS offer based on Fiware Creating a commercial PaaS offer based on Fiware
Creating a commercial PaaS offer based on Fiware
 

Destacado

Unicon Nov 2014 IAM Briefing
Unicon Nov 2014 IAM BriefingUnicon Nov 2014 IAM Briefing
Unicon Nov 2014 IAM BriefingJohn Gasper
 
February 13th, 2014 - Unicon IAM Webinar Update
February 13th, 2014 - Unicon IAM Webinar UpdateFebruary 13th, 2014 - Unicon IAM Webinar Update
February 13th, 2014 - Unicon IAM Webinar UpdateMisagh Moayyed
 
A tale of two factors: MFA with CAS
A tale of two factors: MFA with CASA tale of two factors: MFA with CAS
A tale of two factors: MFA with CASMisagh Moayyed
 
Getting Started with CAS
Getting Started with CASGetting Started with CAS
Getting Started with CASMisagh Moayyed
 
OpenId Connect in Shibboleth Identity Provider
OpenId Connect in Shibboleth Identity ProviderOpenId Connect in Shibboleth Identity Provider
OpenId Connect in Shibboleth Identity ProviderMisagh Moayyed
 
How to CASifying PeopleSoft and Integrating CAS and ADFS
How to CASifying PeopleSoft and Integrating CAS and ADFSHow to CASifying PeopleSoft and Integrating CAS and ADFS
How to CASifying PeopleSoft and Integrating CAS and ADFSJohn Gasper
 
CAS state of the project: Open Apereo 2015
CAS state of the project: Open Apereo 2015CAS state of the project: Open Apereo 2015
CAS state of the project: Open Apereo 2015Misagh Moayyed
 
What’s new in cas 4.2
What’s new in cas 4.2 What’s new in cas 4.2
What’s new in cas 4.2 Misagh Moayyed
 
CAS State of the Project 2016
CAS State of the Project 2016CAS State of the Project 2016
CAS State of the Project 2016Misagh Moayyed
 
Apereo CAS: State of the Project
Apereo CAS: State of the ProjectApereo CAS: State of the Project
Apereo CAS: State of the ProjectMisagh Moayyed
 
2016 09-15 unicon-iam-update
2016 09-15 unicon-iam-update2016 09-15 unicon-iam-update
2016 09-15 unicon-iam-updateLasbrey Nwachukwu
 

Destacado (15)

Unicon Nov 2014 IAM Briefing
Unicon Nov 2014 IAM BriefingUnicon Nov 2014 IAM Briefing
Unicon Nov 2014 IAM Briefing
 
February 13th, 2014 - Unicon IAM Webinar Update
February 13th, 2014 - Unicon IAM Webinar UpdateFebruary 13th, 2014 - Unicon IAM Webinar Update
February 13th, 2014 - Unicon IAM Webinar Update
 
Latest CAS News 2014
Latest CAS News 2014Latest CAS News 2014
Latest CAS News 2014
 
CAS MFA 2014 Update
CAS MFA 2014 UpdateCAS MFA 2014 Update
CAS MFA 2014 Update
 
A tale of two factors: MFA with CAS
A tale of two factors: MFA with CASA tale of two factors: MFA with CAS
A tale of two factors: MFA with CAS
 
Cas iu-pres
Cas iu-presCas iu-pres
Cas iu-pres
 
Getting Started with CAS
Getting Started with CASGetting Started with CAS
Getting Started with CAS
 
OpenId Connect in Shibboleth Identity Provider
OpenId Connect in Shibboleth Identity ProviderOpenId Connect in Shibboleth Identity Provider
OpenId Connect in Shibboleth Identity Provider
 
How to CASifying PeopleSoft and Integrating CAS and ADFS
How to CASifying PeopleSoft and Integrating CAS and ADFSHow to CASifying PeopleSoft and Integrating CAS and ADFS
How to CASifying PeopleSoft and Integrating CAS and ADFS
 
CAS IU Presentation
CAS IU PresentationCAS IU Presentation
CAS IU Presentation
 
CAS state of the project: Open Apereo 2015
CAS state of the project: Open Apereo 2015CAS state of the project: Open Apereo 2015
CAS state of the project: Open Apereo 2015
 
What’s new in cas 4.2
What’s new in cas 4.2 What’s new in cas 4.2
What’s new in cas 4.2
 
CAS State of the Project 2016
CAS State of the Project 2016CAS State of the Project 2016
CAS State of the Project 2016
 
Apereo CAS: State of the Project
Apereo CAS: State of the ProjectApereo CAS: State of the Project
Apereo CAS: State of the Project
 
2016 09-15 unicon-iam-update
2016 09-15 unicon-iam-update2016 09-15 unicon-iam-update
2016 09-15 unicon-iam-update
 

Similar a Unicon July 2015 IAM Briefing

2014 Q4 IAM Open Source Support Program Update
2014 Q4 IAM Open Source Support Program Update2014 Q4 IAM Open Source Support Program Update
2014 Q4 IAM Open Source Support Program UpdateJohn Gasper
 
Identity & Access Management Briefing
Identity & Access Management BriefingIdentity & Access Management Briefing
Identity & Access Management BriefingCharise Arrowood
 
Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...
Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...
Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...Lee Calcote
 
Create great cncf user base from lessons learned from other open source com...
Create great cncf user base from lessons learned from other open source com...Create great cncf user base from lessons learned from other open source com...
Create great cncf user base from lessons learned from other open source com...Krishna-Kumar
 
The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13
The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13
The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13Dominopoint - Italian Lotus User Group
 
Equella Q1 2018 Quarterly Briefing
Equella Q1 2018 Quarterly BriefingEquella Q1 2018 Quarterly Briefing
Equella Q1 2018 Quarterly BriefingChrisBeach22
 
Sakai Technical Future Musings
Sakai Technical Future MusingsSakai Technical Future Musings
Sakai Technical Future MusingsCharles Severance
 
SmartNews's journey into microservices
SmartNews's journey into microservicesSmartNews's journey into microservices
SmartNews's journey into microservicesSmartNews, Inc.
 
Open MPI SC'15 State of the Union BOF
Open MPI SC'15 State of the Union BOFOpen MPI SC'15 State of the Union BOF
Open MPI SC'15 State of the Union BOFJeff Squyres
 
Dd13.2013.milano.open ntf
Dd13.2013.milano.open ntfDd13.2013.milano.open ntf
Dd13.2013.milano.open ntfUlrich Krause
 
From CoreOS to Kubernetes and Concourse CI
From CoreOS to Kubernetes and Concourse CIFrom CoreOS to Kubernetes and Concourse CI
From CoreOS to Kubernetes and Concourse CIDenis Izmaylov
 
How to Contribute to Cloud Native Computing Foundation
How to Contribute to Cloud Native Computing FoundationHow to Contribute to Cloud Native Computing Foundation
How to Contribute to Cloud Native Computing FoundationCodeOps Technologies LLP
 
How to contribute to cloud native computing foundation (CNCF)
How to contribute to cloud native computing foundation (CNCF)How to contribute to cloud native computing foundation (CNCF)
How to contribute to cloud native computing foundation (CNCF)Krishna-Kumar
 
Civil Infrastructure Platform: Industrial Grade SLTS Kernel and Base-layer De...
Civil Infrastructure Platform: Industrial Grade SLTS Kernel and Base-layer De...Civil Infrastructure Platform: Industrial Grade SLTS Kernel and Base-layer De...
Civil Infrastructure Platform: Industrial Grade SLTS Kernel and Base-layer De...Yoshitake Kobayashi
 
Introduction to Civil Infrastructure Platform
Introduction to Civil Infrastructure PlatformIntroduction to Civil Infrastructure Platform
Introduction to Civil Infrastructure PlatformSZ Lin
 
LCA14: George Grey Keynote - LCA14
LCA14: George Grey Keynote - LCA14LCA14: George Grey Keynote - LCA14
LCA14: George Grey Keynote - LCA14Linaro
 
XWiki SAS development practices
XWiki SAS development practicesXWiki SAS development practices
XWiki SAS development practicesVincent Massol
 
OpenNTF - The Lotus Notes and Domino Open Source Organization
OpenNTF - The Lotus Notes and Domino Open Source OrganizationOpenNTF - The Lotus Notes and Domino Open Source Organization
OpenNTF - The Lotus Notes and Domino Open Source OrganizationBruce Elgort
 
DevOps on AWS: Accelerating Software Delivery with the AWS Developer Tools
DevOps on AWS: Accelerating Software Delivery with the AWS Developer ToolsDevOps on AWS: Accelerating Software Delivery with the AWS Developer Tools
DevOps on AWS: Accelerating Software Delivery with the AWS Developer ToolsAmazon Web Services
 
Kibana globalization at the RTP meetup
Kibana globalization at the RTP meetupKibana globalization at the RTP meetup
Kibana globalization at the RTP meetupShikha Srivastava
 

Similar a Unicon July 2015 IAM Briefing (20)

2014 Q4 IAM Open Source Support Program Update
2014 Q4 IAM Open Source Support Program Update2014 Q4 IAM Open Source Support Program Update
2014 Q4 IAM Open Source Support Program Update
 
Identity & Access Management Briefing
Identity & Access Management BriefingIdentity & Access Management Briefing
Identity & Access Management Briefing
 
Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...
Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...
Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...
 
Create great cncf user base from lessons learned from other open source com...
Create great cncf user base from lessons learned from other open source com...Create great cncf user base from lessons learned from other open source com...
Create great cncf user base from lessons learned from other open source com...
 
The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13
The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13
The Latest and Greatest from OpenNTF and the IBM Social Business Toolkit, #dd13
 
Equella Q1 2018 Quarterly Briefing
Equella Q1 2018 Quarterly BriefingEquella Q1 2018 Quarterly Briefing
Equella Q1 2018 Quarterly Briefing
 
Sakai Technical Future Musings
Sakai Technical Future MusingsSakai Technical Future Musings
Sakai Technical Future Musings
 
SmartNews's journey into microservices
SmartNews's journey into microservicesSmartNews's journey into microservices
SmartNews's journey into microservices
 
Open MPI SC'15 State of the Union BOF
Open MPI SC'15 State of the Union BOFOpen MPI SC'15 State of the Union BOF
Open MPI SC'15 State of the Union BOF
 
Dd13.2013.milano.open ntf
Dd13.2013.milano.open ntfDd13.2013.milano.open ntf
Dd13.2013.milano.open ntf
 
From CoreOS to Kubernetes and Concourse CI
From CoreOS to Kubernetes and Concourse CIFrom CoreOS to Kubernetes and Concourse CI
From CoreOS to Kubernetes and Concourse CI
 
How to Contribute to Cloud Native Computing Foundation
How to Contribute to Cloud Native Computing FoundationHow to Contribute to Cloud Native Computing Foundation
How to Contribute to Cloud Native Computing Foundation
 
How to contribute to cloud native computing foundation (CNCF)
How to contribute to cloud native computing foundation (CNCF)How to contribute to cloud native computing foundation (CNCF)
How to contribute to cloud native computing foundation (CNCF)
 
Civil Infrastructure Platform: Industrial Grade SLTS Kernel and Base-layer De...
Civil Infrastructure Platform: Industrial Grade SLTS Kernel and Base-layer De...Civil Infrastructure Platform: Industrial Grade SLTS Kernel and Base-layer De...
Civil Infrastructure Platform: Industrial Grade SLTS Kernel and Base-layer De...
 
Introduction to Civil Infrastructure Platform
Introduction to Civil Infrastructure PlatformIntroduction to Civil Infrastructure Platform
Introduction to Civil Infrastructure Platform
 
LCA14: George Grey Keynote - LCA14
LCA14: George Grey Keynote - LCA14LCA14: George Grey Keynote - LCA14
LCA14: George Grey Keynote - LCA14
 
XWiki SAS development practices
XWiki SAS development practicesXWiki SAS development practices
XWiki SAS development practices
 
OpenNTF - The Lotus Notes and Domino Open Source Organization
OpenNTF - The Lotus Notes and Domino Open Source OrganizationOpenNTF - The Lotus Notes and Domino Open Source Organization
OpenNTF - The Lotus Notes and Domino Open Source Organization
 
DevOps on AWS: Accelerating Software Delivery with the AWS Developer Tools
DevOps on AWS: Accelerating Software Delivery with the AWS Developer ToolsDevOps on AWS: Accelerating Software Delivery with the AWS Developer Tools
DevOps on AWS: Accelerating Software Delivery with the AWS Developer Tools
 
Kibana globalization at the RTP meetup
Kibana globalization at the RTP meetupKibana globalization at the RTP meetup
Kibana globalization at the RTP meetup
 

Último

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 

Último (20)

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 

Unicon July 2015 IAM Briefing

  • 1. Unicon IAM Update CAS, Shibboleth, Grouper 09 July 2015 Jonathan Johnson • Misagh Moayyed • David Langenberg Audio is via Adobe Connect. There is no phone dial-in.
  • 2. Welcome to this briefing • Updates on CAS, Shibboleth and Grouper • Unicon contributions to CAS, Shibboleth and Grouper • Unicon's Open Source Support • Q&A
  • 3. Misagh Moayyed • IAM, Shibboleth, CAS, uPortal • Unicon’s Open Source Support for CAS technical lead
  • 4. Jonathan (JJ) Johnson • IAM, Shibboleth, CAS, Grouper
  • 5. David Langenberg • Grouper Developer, Internet2 • Shibboleth Trainer, InCommon LLC • IAM Architect, University of Chicago
  • 7. • Internet2 Global Summit: 26-30 Apr 2015 Washington D.C. • Educause Security Professionals Conf: 4-6 May Minneapolis, MN • Open Apereo: 31 May-4 June Baltimore, MD Past Events
  • 8. •InCommon Shibboleth Workshop: 17-18 Sept 2015 Cupertino, CA •Internet2 2015 Technology Exchange: 4-7 Oct 2015 Cleveland, OH •InCommon Shibboleth Workshop: 19-20 Oct 2015 Arlington, TX Upcoming Events
  • 10. IAM Trends •MFA for Shibboleth, MFA for CAS, etc ○Device/Location aware features ○Risk-based AuthN •O365/ADFS Integration with CAS/Shibboleth •Grouper and Provisioning
  • 12. CAS Server Versions ●CAS Server v3.6.0 / v4.0.2 (12 Jun 2015) ■OAuth/OpenID bug fixes ■Localization and UI improvements ■Protocol URL/Parameter sanitizations ●CAS Server v4.0.3 (early next week) ■Security filter upgrade ■LDAP/LPPE bug fixes ■Localization/UTF-8 improvements ●CAS Server v4.1.0 (In development)
  • 13. CAS 4.1 – Goodies https://youtu.be/P_GTXEAt5oU ● JSON Service Registry / RBAC ● Better Management Interface ● SLO/Logo/Logout url per application ● Password/PGT as attributes ● Many more...
  • 14. CAS Server Security Filter https://github.com/Jasig/cas-server-security-filter • Suitable for patching-in-place deployments, vulnerable to CAS-protocol-input attacks. • v2.0.3 released 3-Jul-2015.
  • 15. CAS NextGen https://wiki.jasig.org/display/CAS/CAS+4.2+Roadmap ●SAML SP / ADFS Proxy Support ●Better MFA Support ●SSO Sessions Dashboard ●Surrogate AuthN ●More…
  • 17. Shibboleth Versions • Latest versions: • IdP v3.1.2 (1 Jul 2015) • SP v2.5.4 (19 Mar 2015) • New adopters are encouraged to use v3 • Current deployers to explore upgrades
  • 18. • IdP v2.4.4 was released 25 Feb 2015, to address security issue; OpenSAML-J was also updated • IdP v2.4 end of life timeline (assuming you haven’t upgraded): Shibboleth 2.x Lifetime Dec 31, 2015 Plan to upgrade Feb 29, 2016 Done with upgrade Mar 31, 2016 Really done with upgrade July 31, 2016 IdP 2.x full EOL
  • 19. Multi-Context Broker ● Analysis of Shib IdPv3 and MCB: https://wiki.shibboleth.net/confluence/x/EoEEAQ ● Believed to be generally un-needed in IdP v3; waiting for general guidance to be released.
  • 20. IdP: OpenID Connect https://github.com/uchicago/shibboleth-oidc ● Community-effort to support OIDC protocol ● Sponsored by University of Chicago ● Developed by Unicon
  • 22. Grouper v2.2.1 http://goo.gl/5LrGAR • Released 10 Nov 2014. • 36 patches available (21 since last briefing): • Selective PSP provisioning • Better UTF-8 character support • Lots of bug fixes http://software.internet2.edu/grouper/release/2.2.1/patches/
  • 23. Highlights About Unicon Participation in CAS, Shibboleth and Grouper
  • 24. Open Source Support • Support OSS as adopted by the community • Collaboration with community and subscribers • “Act in the best interest of the subscribers, the community, and the project”
  • 26. CAS 4.X Enhancements • JSON Service Registry • Rest API improvements • SSO Sessions / AUP workflows • LDAP/LPPE bug fixes • ...
  • 27. Other/Ongoing work • CAS WS-Fed module for CAS 4.0 https://github.com/Unicon/cas-adfs-integration • Allow a principal to authN as another https://github.com/UniconLabs/cas-surrogate-principal • Java CAS client: regex in proxy chains https://github.com/Jasig/java-cas-client
  • 28. CAS Addons 3.5.X: https://github.com/Unicon/cas-addons 4.X: https://github.com/unicon-cas-addons • 3.15 and 3.16 released since last webinar • 4.x compatible versions are available as individual libraries instead of a monolithic library. • HazelcastTicketRegistry updated in April.
  • 29. CAS MFA https://github.com/Unicon/cas-mfa • MFA Support based on CAS 3.5/3.6 • CAS proxying/Clearpass support • Trigger MFA via list/group membership.
  • 31. Shib-CAS AuthN v3 https://github.com/Unicon/shib-cas-authn3 • v3.0.0 • Shibboleth IdP v3.X support • Fixed encoding on entityId/service parameters. • v2.0.5 should be used with IdP 2.4.x
  • 32. Other/Ongoing work • Hazelcast Session Storage https://github.com/UniconLabs/shib-hazelcast-storage-service • Duo Support for IdP v3 https://github.com/Unicon/shib-mfa-duo-auth • IdP v3 powered by Docker https://github.com/jtgasper3/docker-shibboleth-idp
  • 34. Grouper-related • Grouper Bugs: ○GRP-1137: Group copy issue related to hooks (reported and fixed by devs) ○GRP-1139: Grouper API reports non-fatal issues when multiple hook classes are specified (reported and fixed by Unicon) • Grouper-Demo for Docker: https://registry.hub.docker.com/u/unicon/grouper-demo • Grouper ESB AMQP Publisher https://github.com/Unicon/grouper-amqp-esb-publisher
  • 36. What we do • Collaborate to maintain current stable recommended releases • Work towards next releases • Explore extensions and opportunities • Responsive to inputs from subscriber experiences • Feedback is especially welcome! • Learn from providing support • Empathize with your needs and projects
  • 37. Questions / Discussion • Misagh Moayyed, Support for CAS Technical Lead mmoayyed@unicon.net • Jonathan (Jj) Johnson, jj@unicon.net • David Langenberg, dlangenberg@unicon.net

Notas del editor

  1. Unicon's CAS strategy* Participate directly in CAS* Develop open source software on behalf of clients* Inform maintenance development through supportYou have to source your support somewhere* In-house staff* Goodwill and engagement of the community* Commercial partner (e.g., Unicon)* (Reality Often combination of these)Unicon's "Cooperative" Support* Cooperates with you, your staff, the community* Support experiences yield improved public documentation* Support-inspired and subscriber-needs-guided open source maintenance development** Directly in and available for adoption with the Jasig CAS softwareThank you to our support subscribers!* Support subscriptions make Unicon maintenance development possible* Support experiences and subscriber input guide Unicon maintenance development towards the worthwhile