GT4 CAS Release Notes

Table of Contents

1. Component Overview
2. Feature Summary
3. Changes Summary
3.1. Transport security is used by default
4. Internationalization
5. Bug Fixes
6. Known Problems
7. Technology Dependencies
8. Tested Platforms
9. Backward Compatibility Summary
10. For More Information

1. Component Overview

CAS allows a virtual organization to express policy regarding resources distributed across a number of sites. A CAS server issues assertions to the virtual organization users, granting them fine-grained access rights to resources. Servers recognize and enforce the assertions. CAS is designed to be extensible to multiple services and is currently supported by the GridFTP server.

[Note]Note

There currently is no support for CAS-based authorization for web services.

2. Feature Summary

Features new in GT 4.0

  • None

Other Supported Features

  • File-level access control for GridFTP
  • Issuance of SAML authorization decisions

Deprecated Features

  • None

3. Changes Summary

3.1. Transport security is used by default

The transport security (HTTPS) mechanism is now assumed as the default security mechanism. CAS service clients will now automatically use this mechanism and will fall back to GSI Secure Message if pointed at an HTTP endpoint.

4. Internationalization

The CAS service code has been internationalized.

5. Bug Fixes

  • Bug 2261: poor default PostgreSQL hostname
  • Bug 2262: Make CAS RPs publicly accessible for MDS purposes.
  • Bug 2488: Wrong permission on cas-wrap
  • Bug 2546: CAS and RFT install overlapping jars
  • Bug 2568: incorrect command in "GT 3.9.4 CAS: System Administrator'...
  • Bug 2650: Lots of probably unnecessary WARNs at startup
  • Bug 2913: cas-proxy-init does not work
  • Bug 2918: cas-proxy-init doesn't work in gt3.9.5
  • Bug 2944: CAS does not work if just one database connection is available to server
  • Bug 3052: CAS enroll does not work
  • Bug 3074: Issues with cas-group-admin command
  • Bug 3096: Non existent files in filelist

6. Known Problems

7. Technology Dependencies

The CAS service depends on the following GT components:

  • WS Authentication and Authorization
  • Java WS Core

The CAS GridFTP authorization module depends on the following GT components:

  • Pre-WS Authentication and Authorization

The CAS service depends on the following 3rd party software:

  • OpenSAML

The CAS GridFTP authorization module depends on the following 3rd party software:

  • libxml

8. Tested Platforms

Tested Platforms for CAS

  • Windows XP
  • Linux (Red Hat 7.3)

Tested Containers for CAS

  • Java WS Core container
  • Tomcat 5.0.30

9. Backward Compatibility Summary

Protocol changes in CAS since GT 3.2

  • There is no backward compatibility with 3.2 because of the port from OGSI to WSRF.

API changes since GT 3.2

  • None

Exception changes since GT 3.2

  • None

Schema changes since GT 3.2

  • WSDL reflects the port to WSRF from OGSI.

10. For More Information

Click here for more information about this component.