CAS 6.0.0 RC3 Feature Release

This post is not official yet and may be heavily edited as CAS development makes progress. Watch for further updates.
The blog is managed and hosted on GitHub. If you wish to update the contents of this post or if you have found an inaccuracy and wish to make corrections, we recommend that you please submit a pull request to this repository.

The official CAS 5.3.0 GA was released on June 29th, 2018. Since then, the project has been moving forward with development of the next feature release that is tagged as 6.0.0. Note that this is a major release of the CAS software which may present significant changes in architecture, configuration or behavior. Please review the release policy to learn more about the scope of the release.

This post intends to highlight some of the improvements and enhancements packed into the third release candidate in the 6.0.0 series.

You can read about the previous release candidate here.

Shake Well Before Use

We strongly recommend that you take advantage of the release candidates as they come out. Waiting for a GA release is only going to set you up for unpleasant surprises. A GA is simply a tag and nothing more. Note that CAS releases are strictly time-based releases; they are not scheduled or based on specific benchmarks, statistics or completion of features. To gain confidence in a particular release, it is strongly recommended that you start early by experimenting with release candidates and/or follow-up snapshots.

In order to start experimenting with release candidates, at any given time, you should be able to append -SNAPSHOT to the CAS version specified in order to take advantage of snapshot builds as changes are made and published.


In the of the overlay, adjust the following setting:



New & Noteworthy

CouchDb Support

Extensive CouchDb support is now provided by CAS to handle storage concerns when it comes to authentication, audit and throttling, multifactor authentication, and more.

SAML2 IdP Single Logout

Basic functionality is now included to have CAS submit SAML2 logout requests to service providers, who currently have a registered session record with CAS.

Small Stuff

  • Delegated authentication is improved to execute the authentication step only once.
  • Service access strategy SAML2 service providers and other service types can now handle the unauthorizedRedirectUrl setting.
  • Radius authentication now attempts to also submit the client IP address to the radius server.
  • Small fixes to the SAML2 callback url pattern.
  • CAS internal Gradle build should continue working against IDEA 2018.3 EAP.
  • SAML2 responses can optionally include a NameID for SubjectConfirmation blocks, on a per-service basis.
  • The background job responsible for cleaning trusted expired MFA records is now scheduled correctly on startup.

Library Upgrades

  • Spring
  • Spring Boot
  • Spring Boot Admin
  • Hazelcast
  • Jackson
  • Mockito
  • Spotbugs
  • Person Directory
  • Pac4j
  • Spring Data
  • Spring Cloud
  • Amazon SDK
  • Micrometer
  • UnboundID
  • Twilio
  • Nexmo
  • Spring Security
  • Google Maps


Get Involved


Big thanks to all who participate in the development of this release to submit patches and contribute improvements. Keep’em coming!

Misagh Moayyed

Related Posts

CAS 6.0.0 RC2 Feature Release which I present an overview of CAS 6.0.0 RC2 release.

Apereo CAS - dotCMS SAML2 Integration

Learn how to integrate dotCMS, a Content Management System and Headless CMS, with Apereo CAS running as a SAML2 identity provider.

Effective Software Troubleshooting Tactics

A collection of what hopefully are obvious troubleshooting tactics when it comes to diagnosing software deployment issues and configuration problems.

Apereo CAS - MaxMind Geo2IP ISP Integration

Learn how you may determine the Internet Service Provider, organization name, and autonomous system organization and number associated with the user's IP address in CAS using MaxMind services and present warnings in the authentication flow for the end-user if an IP address is matched.

Notes from Better by Design 2018

Be interested in humans and human success.

Apereo CAS - Authentication Lifecycle Phases

Tap into the Apereo CAS authentication engine from outside, and design extensions that prevent an unsuccessful authentication attempt or warn the user after-the-fact based on specific policies of your choosing.

CAS 6.0.0 RC1 Feature Release which I present an overview of CAS 6.0.0 RC1 release.

Apereo CAS Delegated Authentication with ADFS

Learn how your Apereo CAS deployment may be configured to delegate authentication to Microsoft ADFS.

Apereo CAS Swag with Swagger

Enable Swagger integration with your Apereo CAS APIs.

Get Productive with Shell Aliases

A collection of useful shell aliases, gathered over the years to help increase one's productivity and developer happiness.