[cas-user] Default security loopholes!

Root Wed, 20 May 2020 17:09:09 -0700

Hi All,

As we know the default CAS comes with "casuser" and "Mellon" credentials, 
although it can be removed in build, I just want to summarize if there are 
any other default security settings like these that needs to be taken care 
of?, as the CAS documentation is very scattered!, it would be good if we 
can summarize the default loopholes here.


Also I use these below dependencies, and if anyone come across such 
loopholes let us know.

        compile 
"org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
        compile 
"org.apereo.cas:cas-server-support-jdbc:${project.'cas.version'}"
        compile 
"org.apereo.cas:cas-server-support-saml:${project.'cas.version'}"
        compile 
"org.apereo.cas:cas-server-support-pm-webflow:${project.'cas.version'}"
        compile 
"org.apereo.cas:cas-server-webapp-config-server:${project.'cas.version'}"
        compile 
"org.apereo.cas:cas-server-support-pm-ldap:${project.'cas.version'}"
        compile 
"org.apereo.cas:cas-server-support-captcha:${project.'cas.version'}"


-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/3d378f4b-9bd1-4a53-ad0b-ec2474838452%40apereo.org.

[cas-user] Default security loopholes!

Reply via email to