Versions Compared

Old Version 33

changes.mady.by.user Amit Poddar

Saved on

compared with

New Version Current

changes.mady.by.user Amit Poddar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

...

  • Browser is redirected to the CAS login page for authentication. This step would not be impacted, since all popular browsers already support TLS 1.2+.

  • On successful authentication, the server makes a call back to the CAS for validating the ticket. This could be impacted with SSL handshake errors if the application platform does not support, or is not configured to support TLS 1.2+

Please note that this change will only impact applications that authenticate against CAS directly. The applications that integrate with Shibboleth over SAML will not be impacted. The IAM team will make sure that Shibboleth integration with CAS keeps working after this change.

How can I make sure that my application works after this change?

We will be making the change on the test CAS (https://secure-tst.its.yale.edu/cas) on 21st January. Please point your test environment to test CAS and make sure if it works as expected. If you encounter SSL handshake errors, then you will have to delve deeper to figure out if you need to upgrade the application technology stack to support TLS 1.2+ or just need configuration changes.

...