• Browse
  • Pages
  • News
  • Labels
  • Attachments
  • Mail
  • Advanced

  • People Directory
• Log In

1. Dashboard
2. > CAS User Manual
3. > Navigation
4. > Security Policy

• Log In

Security Policy

Added by Marvin Addison, last edited by Marvin Addison on Jul 10, 2009

Table of Contents Home Overall Architecture Building and Deploying Development Introduction Java Versions Releasing Spring Configuration Technical Overview Upgrading Authentication Active Directory Generic JAAS JDBC LDAP Legacy RADIUS SPNEGO Trusted X.509 Certificates Authentication Managers Default AuthenticationManager Direct Mapping AuthenticationManager Security Policy Ticket Expiration Policy Remember Me Throttling Login Attempts TicketRegistry BerkleyDB Default JBOSS TreeCache JDBCTicketRegistry JpaTicketRegistry MemcacheTicketRegistry TicketRegistry Cleaner Testing Apache JMeter Nagios plugins Protocols Add Your Custom Protocol Applications that Require POST Responses CAS OpenID RESTful API SAML 1.1 SAML 2.0 (Google Accounts Integration) Single Sign Out Advanced Features Adding "Public Workstation" vs. "Private Workstation" Timeouts Auditing and Statistics Via Inspektr Internationalization LDAP Password Policy Enforcement Localization Second-Level CAS Server Terracotta Use Javascript Redirection Tutorials and HOWTOs Best Practice - Setting Up CAS Locally using the Maven2 WAR Overlay Method CAS on Windows Quick Setup Guide Clustering CAS Demo Deploying CAS 3.0.x in RHEL 5 with Sun Java HOWTO Configure CAS for LDAP DIGEST-MD5 HOWTO Configure JBoss for HTTPS HOWTO Configure Single Sign On Session Timeout HOWTO Run Canoo Web Tests HOWTO Setup Dual Authentication in CAS - SSL Client Auth and LDAP HOWTO Setup LDAP GSSAPI+Kerberos Authentication in CAS HOWTO Switch to Sun JVM in RHEL Shibboleth-CAS Integration Troubleshooting Logging SSL Troubleshooting and Reference Guide Services Management Adding Attributes Configuring Deleting Editing Extensions ClearPass

Ticket expiration policy is the primary configuration point for CAS security policy. Although there are many other aspects of security policy that can impact overall security policy of an SSO solution, e.g. password expiration, most of those are outside the scope of CAS configuration. Password expiration is probably the most requested security policy feature of CAS on the cas-user list, and there have been some attempts to provide extension to CAS for this feature. LDAP Password Policy Enforcement is one such solution. Ticket Expiration Policy — CAS supports a pluggable and extensible policy framework to control the expiration policy of ticket-granting tickets (TGT) and service tickets (ST). Remember Me — Starting with CAS 3.2.1, CAS has support for long term Ticket Granting Tickets, a feature referred to as "Remember Me." Throttling Login Attempts

Labels parameters

Labels

Enter labels to add to this page:

 

Looking for a label? Just start typing.

Children (3)

  Hide Children  |  View in Hierarchy

Ticket Expiration Policy
Remember Me
Throttling Login Attempts

Powered by a free Atlassian Confluence Open Source Project License granted to Java Architectures Special Interest Group. Evaluate Confluence today.

• Powered by Atlassian Confluence 2.9, the Enterprise Wiki.
• Printed by Atlassian Confluence 2.9, the Enterprise Wiki.
• Bug/feature request –
• Atlassian news –
• Contact administrators