Hi All, As we know the default CAS comes with "casuser" and "Mellon" credentials, although it can be removed in build, I just want to summarize if there are any other default security settings like these that needs to be taken care of?, as the CAS documentation is very scattered!, it would be good if we can summarize the default loopholes here.
Also I use these below dependencies, and if anyone come across such loopholes let us know. compile "org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}" compile "org.apereo.cas:cas-server-support-jdbc:${project.'cas.version'}" compile "org.apereo.cas:cas-server-support-saml:${project.'cas.version'}" compile "org.apereo.cas:cas-server-support-pm-webflow:${project.'cas.version'}" compile "org.apereo.cas:cas-server-webapp-config-server:${project.'cas.version'}" compile "org.apereo.cas:cas-server-support-pm-ldap:${project.'cas.version'}" compile "org.apereo.cas:cas-server-support-captcha:${project.'cas.version'}" -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/3d378f4b-9bd1-4a53-ad0b-ec2474838452%40apereo.org.