Official Docs can be found here
- Postgres
- Apache DBCP2 (Database Connection Pooling v2)
- Multi-Factor Authentication
- Time-based One Time Passwords (TOTP), e.g. Google Authenticator
- MongoDB authentication backend
- Customized login web flow prompts
- Login, Logout, One Time Password, Verification Key
- OAuth Application Approval
- Login from external form
Roadmap 4.1 OAuth Server Support
- Profile Service specific Attribute Release
- Access Tokens and Refresh Tokens
- Encrypted JSON Web Tokens (JWT)
- Delegated Ticket Expiration (60 minutes for Access Token, never-expire Refresh Token)
- Grant Types
- Authorization Code
- Refresh Token
- Approval Prompt (Auto or Force)
- Revoke Tokens
- User Tokens
- User Application Token
- Application Tokens
- List User Authorized Applications
- Metadata
- Application Service Information (including number of users)
- Login Session Access Token via augmented CAS 3 Protocol (Optional)
- Merging Service Registry Loader
- JSON Service Registry
- Open Science Framework Service Registry (MongoDB & OAuth)
- Startup Server Command
mvn -pl cas-server-webapp/ jetty:run
- Optimized for fast builds
- Request Throttling
- Jetty JPA Shared Sessions
- Open Science Framework
- OAuth Endpoints
- Revoke All User Tokens
- Application User Counts
- User
- Active Login Sessions
- Approved OAuth Applications
- Revoke OAuth Application
- OAuth Endpoints