Possible action required for website application owners to prepare for CAS changes on December 8

November 10, 2022

Summary

  • This information only applies to those individuals who have configured a web application to use CAS or Shibboleth.
  • Yale ITS will add an authorization component to our Central Authentication Service (CAS) on Thursday, December 8.
  • This component will allow application owners to set and define the level of access for their applications or use a default rule, as explained in the details section.
  • No outage is expected.

Details

Individuals who do not manage website applications may ignore this message.

A default rule will only allow access to anyone who has an active record in one of the authoritative sources (e.g., Banner, Workday, Sponsored Identity).

If your application requires a more refined population or control, you will have the means to make changes via a ServiceNow request to Identity and Access Management (IAM).

Possible action required

Determine your application access:

We understand that most services that use the default global service registry will not be impacted by the default authorization rule.
Applications that use a SAML Shibboleth integration will not be affected; CAS has a default Shibboleth service registry configured, which will prevent the implementation of this default authorization rule. If unsure if your application uses a SAML Shibboleth integration, please submit an inquiry to IAM, including the name and website link to your application.

Service owners who feel that their service may not be satisfied with the use of the default authorization rule should engage with IAM using the ServiceNow CAS Registration Form intake process:  CAS Registration Form.

Need help?

  • Individuals with ITIL access to ServiceNow may view additional details about the CAS Authorization or the ServiceNow request (others may contact the ITS Help Desk with specific questions).
  • For additional assistance completing the ServiceNow request, please request IAM assistance.
Service Quality