Table of Contents
CAS allows a virtual organization to express policy regarding resources distributed across a number of sites. A CAS server issues assertions to the virtual organization users, granting them fine-grained access rights to resources. Servers recognize and enforce the assertions. CAS is designed to be extensible to multiple services and is currently supported by the GridFTP server.
![]() | Note |
---|---|
There currently is no support for CAS-based authorization for web services. |
Features new in GT 4.0
- None
Other Supported Features
- File-level access control for GridFTP
- Issuance of SAML authorization decisions
Deprecated Features
- None
The transport security (HTTPS) mechanism is now assumed as the default security mechanism. CAS service clients will now automatically use this mechanism and will fall back to GSI Secure Message if pointed at an HTTP endpoint.
- Bug 2261: poor default PostgreSQL hostname
- Bug 2262: Make CAS RPs publicly accessible for MDS purposes.
- Bug 2488: Wrong permission on cas-wrap
- Bug 2546: CAS and RFT install overlapping jars
- Bug 2568: incorrect command in "GT 3.9.4 CAS: System Administrator'...
- Bug 2650: Lots of probably unnecessary WARNs at startup
- Bug 2913: cas-proxy-init does not work
- Bug 2918: cas-proxy-init doesn't work in gt3.9.5
- Bug 2944: CAS does not work if just one database connection is available to server
- Bug 3052: CAS enroll does not work
- Bug 3074: Issues with cas-group-admin command
- Bug 3096: Non existent files in filelist
The CAS service depends on the following GT components:
- WS Authentication and Authorization
- Java WS Core
The CAS GridFTP authorization module depends on the following GT components:
- Pre-WS Authentication and Authorization
The CAS service depends on the following 3rd party software:
- OpenSAML
The CAS GridFTP authorization module depends on the following 3rd party software:
- libxml
Tested Platforms for CAS
- Windows XP
- Linux (Red Hat 7.3)
Tested Containers for CAS
- Java WS Core container
- Tomcat 5.0.30
Protocol changes in CAS since GT 3.2
- There is no backward compatibility with 3.2 because of the port from OGSI to WSRF.
API changes since GT 3.2
- None
Exception changes since GT 3.2
- None
Schema changes since GT 3.2
- WSDL reflects the port to WSRF from OGSI.
Click here for more information about this component.