Blog from May, 2008

CAS Status and Roadmap
Brian Donnelly posted on May 28, 2008

CAS Status

A recent 24 hour load test of the single server configuration generated 2 million successful authentications at an average rate of 22.6 authentications per second. This far exceeds the performance of Distauth under peak load.

Given the stability of the current CAS service, the robust load test results and the single point of failure associated with Distauth, IET would like to begin promoting the migration of campus applications to CAS after June 19th, 2008. While the service is open for anyone to use, we have a few items on the CAS roadmap that we would like to accomplish prior to broad campus adoption, which we feel can be accomplished by June 19th (primarily to reduce support loads).

CAS Roadmap

  • June 19th
    • A web server/OS compatibility matrix (Complete)
    • A standard feature set for all CAS clients (Complete)
    • Instructions for implementation and use (Complete)
    • A CAS Service Registry (Complete)
  • End of Summer
    • Clustered Configuration for High Availability (IET's practice is to deploy enterprise level services in multi-server pools or clusters to ensure the highest possible uptime). At this time, the DEV clustered environment does not provide the same authentication rate as a single server configuration.
    • Restrict CAS authentication services to those applications registered in the CAS Service Registry
    • Open test environment to the campus technical community

If you have any questions regarding the status of CAS in the future, please contact Hampton Sublett, Middleware Program Manager at hsublett@ucdavis.edu. If you have technical questions, please contact Brian Donnelly, lead CAS developer, at: bdonnelly@ucdavis.edu

CAS Upgrades
Brian Donnelly posted on May 22, 2008
  • New CAS Skin - A new skin for CAS was released on November 15th. This skin was developed in conjunction with University Communications and contains accessibility and usability enhancements. Please click on the thumbnail to view a screenshot of the new skin.
  • CAS 3.1 Upgrade - CAS was upgraded to version 3.1 on November 15th. This revision includes service enhancements, bug fixes and a number of new features:
    • Single Sign Out: CAS 3.1 provides a new feature, tracking service authentications with a callback mechanism to remove authentication credentials from each authenticated service on user logout. Currently only the JA-SIG Java Client incorporates support for this new functionality. Operators of CAS clients who do not need to take advantage of Single Sign Out functionality can continue to use their existing clients.
    • Google Applications: As part of the new SAML framework in CAS, a Google Applications authenticator has been implemented in CAS. This authenticator will be used in the upcoming Gmail pilot project.
    • Service Management: (Not currently in use) The CAS Service Management interface allows CAS administrators to manage what services may authenticate to CAS, and what authentication features are available for each service.