Hi, There is a security issue with the CAS client on which is based the CAS support for Shiro (https://lists.wisc.edu/read/messages?id=33836937).
The solution is to update the jar to version 3.2.2. The following JIRA has been created with the appropriate patch: https://issues.apache.org/jira/browse/SHIRO-518. It should be applied to the 1.2.x branch and the trunk. It would be great to have a new version 1.2.4 fixing this problem. Thanks. Best regards, Jérôme -- View this message in context: http://shiro-developer.582600.n2.nabble.com/Security-update-tp7578464.html Sent from the Shiro Developer mailing list archive at Nabble.com.
