Hi, I finally proposed to develop SEC_3 : https://issues.jasig.org/browse/CAS-1355 for CAS 4.0 :https://github.com/Jasig/cas/pull/318 and CAS 3.5.3 :https://github.com/Jasig/cas/pull/319.
Hope it gets some agreement... Best regards, Jérôme On Tuesday, September 3, 2013 9:05:36 PM UTC+2, Jérôme LELEU wrote: > > Hi, > > As some of you may already know, a CAS AppSec Working Group has been > created to work on CAS security : > https://wiki.jasig.org/display/CAS/CAS+AppSec+Working+Group. > > We have spent time analysing and discussing potential threats. So we are > now at the point where we have listed security proposals to improve CAS > security : > https://wiki.jasig.org/display/CAS/Proposals+to+mitigate+security+risks. > > I'm looking forward to your feedbacks. > > I'd like to draw attention also on the fact that : > - I'm willing to implement these proposals if an agreement is reached > through this thread > - proposals which are easy and backward compatible can be implemented > quickly for version 4.0. > > Thanks. > Best regards, > Jérôme > > -- > You are currently subscribed to cas-dev@lists.jasig.org as: > cas-dev-garchive-84...@googlegroups.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
