CAS

  • Upgrade to Spring Security 6.x and Jakarta EE 9 (thanks to @basil).
  • Compatibility with Jenkins 2.476 and higher (requires Java 17).
  • Incompatibility with Jenkins 2.475 and lower, please make sure to upgrade CAS plugin and Jenkins together.

Installation options

Installation options
  • Added explicit dependency on JAXB plugin (JENKINS-68455).

Installation options

Installation options
  • Added option to customize validation URL parameters in advanced protocol configuration.
  • Allow using {{attribute}} placeholders in Full Name and Email Attribute configuration (e.g. {{firstName}} {{lastName}} or {{uid}}@example.com).
  • Fixed handling of empty attributes.

Installation options
  • Compatibility with Jenkins 2.266 and higher (replacement of Acegi Security with Spring Security, see JEP-227).
  • Incompatibility with Jenkins 2.265 and lower (for the reason above), please make sure to upgrade CAS plugin and Jenkins together.
  • Added support for CAS 3.0 JSON protocol format.
  • Added option to control redirection to CAS after logging out of Jenkins.

Installation options

Installation options

Installation options
  • Fixed NullPointerException in SessionUrlAuthenticationSuccessHandler, that could occur when coming back from CAS on some servlet containers (JENKINS-46993).
  • Fixed NullPointerException in Cas10Protocol, when using an empty Groovy role parsing script (JENKINS-45441).

Installation options
  • Fixed security issues related to Groovy script execution in CAS Protocol 1.0 configuration (SECURITY-488, see 2017-04-10 security advisory).

Installation options
Installation options
Installation options
Installation options
Installation options
Installation options
Installation options