Learn from the perspectives of our industry experts in our series of blog posts.
Check back for new posts on the latest in select open source projects.
Latest Blog Postings
A quick post to publicly share the slides for today's Cooperative Support for CAS Update briefing.
Part of a series on reviewing CAS configuration, this post discusses failed login attempt throttling in CAS.
Adopters should consider whether and which throttling configured how would be appropriate for their CAS implementation.
This is a post about one of the quickest and most important things to check in reviewing CAS configuration: ensure that the demo password handler has been turned off. This post is one of a series on reviewing CAS configuration.
I was helping with a CAS upgrade to CAS 3.5.1 the other day, in the course of which I reviewed the configuration. This blog post begins a series of posts about items in that and other CAS configuration reviews.
These posts won’t be the full report, and will be redacted to anonymize and generalize some of the recommendations.
Why do configuration reviews?
Reviewing CAS server configuration
In which I discuss Unicon-involving progress on Jasig CAS in the last quarter, and a bit about CAS more generally.
Back to school is a harrowing time for almost anyone involved in delivering technology-based services in education. At this time of the year, Unicon often receives calls from business or IT leaders desperate for additional help in resolving a technology-related crisis. Unicon staff has extensive experience resolving application, performance, and infrastructure-related incidents. We have distilled a set of best practices for managing through high risk/high visibility IT incidents.
In which I summarize recent Unicon participation in and contributions to the Jasig CAS open source Java single sign-on product project, for a rather long meaning of “recent”.
So, attached is a quick dirty script I wrote to see if I can connect to an Apache Tomcat instance over HTTPS. This may be useful in the context of a CAS server deployment where ticket validation may fail as a result of an SSL certificate being absent or misconfigured in the keystore.
Using the script, you can validate that HTTPS is enabled and functional quickly without going though Tomcat's startup/shutdown process. Simply change the URL address, recompile and test.