We're hoping to do a final release in time for the JA-SIG conference at the end of June. At a minimum, the release with be in RC, just with testing left to complete.
Single Log Out is scheduled to be included in the release. Each TicketGrantingTicket will store with it the services that a user has been logged into using that TGT. When a TGT is explicitly expired it will log the user out of the services. This is done over HTTP via a POST call using the SAML2 LogoutRequest (though it doesn't follow the profile). If you have a need for explicit auditing and statistics, you should probably store them separate than what is stored with the TGT. TGT's expire and are removed from the registry and are not guaranteed to persist. If you merely wish/need to know who is currently logged in, that can be done via checking the tickets in the registry. More explicit statistics (IP address, etc.) would need to be a feature added by you. Its possible to accomplish as there are new extension points related to Services and extracting them from the web tier. -Scott On 5/14/07, Bill Bailey <[EMAIL PROTECTED]> wrote:
Hello, I know I have seen it mentioned on this list, but since dates are always subject to change, I wanted to ask the question again. What is the expected release date for CAS 3.1 production? Will this version include single sign-off as was originally planned? If so, can you describe what this will look like? In particular, we have a need to know who is signed on via CAS to which applications at any given time. I am wondering if a) CAS will maintain an in-memory (or persistent) registry of who has logged into which applications, when they logged in, when they log out, etc. and b) if there will be a way to access this information from other applications (e.g. via a web service call) and c) whether there will be extension points one could use to augment this information (e.g. we need to do an IP-based lookup to add information about the country, state/region, city, lat, long, etc. from which the user is logged in). Basically, I am trying to evaluate whether I can wait on CAS 3.1 or proceed with customizing CAS 3.0.7 to meet our needs, which would include a custom single sign-off solution plus any extensions to meet the above requirements. Any input would be appreciated. Thanks in advance. Bill Bailey Senior Developer / DBA Northland, A Church Distributed _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
-- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
