When it comes to deploying a highly available CAS server, one of the chief concerns is to choose a technology that is capable of sharing CAS-generated tickets across multiple server nodes. The task of managing and administering CAS tickets is handled today by a Ticket Registry component that is backed by a variety of technologies able to persist, manage, and distribute ticket objects across the entire CAS cluster.
Latest Blog Posts
midPoint is a comprehensive Identity Governance and Administration (IGA) platform, used by organizations around the world to deal with Identity Provisioning, Identity Governance and Compliance, along with Access Management. As for the identity being a security perimeter, midPoint keeps an organization’s internal network and external resources safe.
The most important features of midPoint are:
The Apereo Foundation has announced the official GA release of CAS 5. This is a major release which is packed with a lot of new features and enhancements, some of which are described here:
Configuration management and setup has been simplified extensively, thanks to the Spring Boot and Spring Cloud projects.The auto-configuration strategy of CAS features is as follows:
IntelliJ IDEA is a Java development tool that comes in two editions: a community edition that can freely be downloaded and used, and an ultimate edition with more advanced features and integration support with a variety of popular programming platforms and frameworks. I have been using IDEA since v12 and although admittedly, the transition was not so comfortable, I have come to enjoy the new environment quite a bit. I have noticed that my productivity has increased and I no longer have to fight with the tool to debug and/or deploy the code.
So, attached is a quick dirty script I wrote to see if I can connect to an Apache Tomcat instance over HTTPS. This may be useful in the context of a CAS server deployment where ticket validation may fail as a result of an SSL certificate being absent or misconfigured in the keystore.
Using the script, you can validate that HTTPS is enabled and functional quickly without going though Tomcat's startup/shutdown process. Simply change the URL address, recompile and test.
If you, like me, are going through a Shibboleth IdP install on a Windows 7 machine, after having configured all the necessary elements you may encounter an Apache Tomcat error that complains it can't bind on port 443.
To diagnose the problem, I ran:
netstat -o -n -a
The output revealed that the process listening on port 443 is has the system id 4, which Task Manager further explained was "NT Kernel & System".
Featured Blogger Misagh
Misagh Moayyed is a software engineer at Unicon Inc., focusing on Identity and Access Management solutions. After graduating with a degree in Applied Computer Science and German Linguistics from Arizona State University, Misagh moved to Sweden to continue with his Master's degree in Software Engineering at Blekinge Institute of Technology, from which he graduated in 2012 and has published his thesis on experimental evaluation of test driven development. Projects in which Misagh has been involved include the Central Authentication Service (CAS) and uPortal.