Please turn JavaScript on
Fawnoos icon

Fawnoos

Receive updates from Fawnoos for free, starting right now.

We can deliver them by email, via your phone or you can read them from a personalised news page on follow.it.

This way you won't miss any new article from Fawnoos. Unsubscribe at any time.

Site title: Fawnoos || Open-Source Digital Identity and Access Management Consulting Services

Is this your feed? Claim it!

Publisher:  Unclaimed!
Message frequency:  0.3 / day

Message History

SAML2 metadata has always contained more than certificates and endpoints. It can also describe how a service provider expects to interact with an identity provider. Apereo CAS now understands several well-known entity attributes that allow metadata to control response signing, assertion encryption, authentication context selection (including MFA), and even attribute renaming....


Read full story

Managing many SAML2 service provider registrations individually quickly becomes tedious and difficult to maintain. Apereo CAS supports using an entire directory of SAML2 metadata as the source of truth, allowing service providers to be discovered dynamically without creating one registered service per metadata file. Simply drop new metadata into the directory and let CAS do t...


Read full story

There are many ways to test your Apereo CAS deployment. Configuration, components, endpoints, ticket validity, protocol flows, etc. But at some point, after all the unit tests are green and the integration tests are smiling politely, you might still wonder: Can an actual user using a real browser really log in? Apereo CAS Gradle overlays attempt to assist with this q...


Read full story

In the context of OpenID Connect, client secrets (though a discouraged security practice) are useful and usually boring until you lose one, accidentally commit one to GitHub, or somehow leave it inside a shell history file, etc. In OpenID Connect, confidential clients commonly authenticate to the token endpoint using a client secret. That secret may be passed using client_sec...


Read full story

Apereo CAS has used Gradle as its main primary build tool for a long time now, and given the size and complexity of the project and its architectural composure, the build has sort of developed its own personality. Small projects that only carry a few modules and Gradle tasks with some shared covensions and dependency management magic are typically quite fine. Over time and as...


Read full story