> ---begin brief-ish list---
>
> 1.) What were the key factors in your decision to use CAS?
A. Java-based Web application fit well in our environment (Apache
+Tomcat).
B. Supports diverse clients (PHP, Apache modules, IIS modules, .NET).
C. Easily extensible.
>
> 2.) How many services are using CAS?
About a dozen with a current growth rate of about 1 new service every
2-3 months.
> 3.) Are you aware of anyone planning to deploy CAS who has changed
> course or has decided to replaced it?
No
>
> 4.) What authentication db are you using?
OpenLDAP. We have discussed authenticating against multiple back ends
in the future including AD.
> 5.) How many active users does it contain?
>140K
>
> 6.) Were any modifications to CAS required for use in your
> environment?
A. Implemented single sign-out via browser callbacks.
B. Developed "authorized services" feature so only approved services may
use CAS. ("Native" solutions to both these needs should be available in
CAS 3.1.)
>
> 7.) What was your deployment experience like?
Straightforward
> -Approx. time for deployment of central infrastructure?
6 months, which included development and testing of CAS extensions.
> -Approx. time per service for deployment?
Average time is about 1 week or less, including paperwork and service
registration.
> -Approx. FTEs for deployment of central infrastructure?
1.5
> -Approx. FTEs per service?
Depends on size/scope of service. Ranges from several (SCT Banner) to <
1 for small department services.
>
> 8.) What has been your experience with ongoing support and
> maintenance?
CAS requires little of either.
> -Approx. FTEs for maintenance of central infrastructure?
1
> -Approx. FTEs for maintenance per service?
Depends on size/scope of service.
>
> 9.) What mechanisms do you use for authorization on your campus?
Many services make authorization decisions based on LDAP affiliations.
We are planning a large-scale LDAP authorization groups rollout in the
near future. We plan to return affiliation and group membership data in
CAS response via SAML within a year.
>
> 11.) Were any technologies or systems particularly hard or easy to
> integrate with CAS?
We created some back doors into SCT Banner via PL/SQL that required more
work than usual. Integration with PHP applications is wonderfully
simple.
>
> 12.) Have you been able to adapt CAS use for any vendor applications
> and, if so, how many (and/or which)?
SCT Banner, SciQuest HigherMarkets.
>
> 13.) In your environment, is CAS used for application-to-application
> authentication and in particular for multi-tier applications/systems?
No.
>
> 14.) Have you integrated CAS with Apache servers that serve content
> other than JSP apps?
Yes.
>
> 15.) POST data support: How have you dealt with web applications that
> need to authenticate via CAS on http POST transactions?
No.
>
> 16.) What sort of average and peak load does your authentication
> service experience?
We haven't had any load problems and have not taken the time to measure.
(CAS seemed to hold up well even under the extraordinary load caused by
April 16 events.)
>
> 17.) What has been your experience with the performance of CAS?
Excellent. It's _by far_ the most worry-free application our group
manages.
>
> 18.) How many servers are you currently using to run CAS at your
> institution?
2 load balanced in hot spare configuration.
>
> 19.) What server hardware are you using?
Dell 2650 4GB 2x2.40GHz Xeon
>
> 20.) Does your central authentication system protect:
> -Financial data?
> -Student records?
> -data protected by HIPPA?
> -data protected by FERPA?
Yes, all of them.
>
> 21.) We’re also interested in your experience with the CAS community.
> More specifically, has the CAS community met your expectations in the
> following areas?
> -support
Support is great. Browse through the list archives to see for yourself
the extent to which community members help out problem posters.
> -feature requests
I've had very positive experiences requesting features and seeing bug
reports resolved.
> -contributions
Contributions seem to be carefully screened for code quality,
consistency with the roadmap, and community need.
> ---end list---
Hope that helps,
Marvin Addison
--
Application Developer
Middleware Services
Virginia Tech
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
