Late 2019 Software Community Health Metrics - CAS

Central Authentication Service (CAS)

Status: Graduated Incubation

Changes to Background and Objectives:

  • Apereo membership fees for organizations that subscribe to the CAS project have increased. Given increased project activity and adoption, the project has opted for a more tiered structure to help sustain and improve development and support.
  • CAS is also seeking additional funding from institutions who have deployed, used and benefited from project as free and open-source software also care about its long-term sustainability. Additional funding allows the CAS project to begin considering extra services and features for members; such as early notification of security announcements and details, modest yet dedicated support channels, LTS releases, certifications, etc.

New Technology/ies since last report:
Yubico open-source Java libraries, to be used to support FIDO2/WebAuthN features for passwordless authentication.

Statistics:

Date of First Release Date of Last Release Number of Releases
February 4, 2019 December 29, 2019 29

 

Commits in 2019 Frequency of Commits
1785 Daily

 

Number of Contributors in 2019
100+

 

Number of sites in use (estimated)
10K+ (based on shodan.io)

 

Context:

  • Merge commits where excluded in the above statistics.
  • Majority of contributors are first-time contributors to the project.

 

2019 CAS Highlights:

  • Support for Okta and azure active directory authentication
  • SAML2 identity provider discovery support
  • Password history tracking/audits
  • Redis authentication support
  • Support for trusted devices w/ U2F/FIDO
  • Multifactor provider UI selections
  • Acceptto MFA integration
  • JDK 12/13 binary compatibility
  • Streamlined Dockerized deployments with jib
  • Apache Cassandra support to manage service definitions
  • Git support to manage service definitions
  • Support for OpenID Connect Webfinger

 

Future Plans:

  • FIDO2/WebAuthN
  • Enhancements to SAML2 Metadata Aggregates/InCommon
  • OpenID Connect certifications
  • Binary-compatibility with JDK 14 and above.
  • Better support/documentation for Kubernetes

 

List and link to repositories and downloads:

https://github.com/apereo/cas
https://apereo.github.io/cas

Commercial Support:
Cirrus Identitiy
Tirasa
Unicon