- Expired tickets will not trigger global logout when removed (note, this only works for registries that use the TicketRegistry Cleaners)
- Improved messages for SAML ticket validation failures
- All service authorization failures are logged at WARN level
- Upgrade to JBoss Cache 2.2.1.GA
- new AuthenticationManager that maps AuthenticationHandlers and CredentialsToPrincipalResolvers such that a successful authentication handler triggers a specific CredentialsToPrincipalResolver (sponsored by Pepperdine University)
- Upgrade to XMLSec 1.4.3
- Improved m2Eclipse support
- Upgrade to Spring Web Flow 1.0.6
- Customizable attribute can be used for Google Apps login
- Upgrade to Spring 2.5.6.SEC01
- Removed whitespace from SAML responses
- Fixed that misconfigured TicketExpirationPolicies can cause stack overflow errors.
- Enhancements to failed login attempt throttling (addition of Inspektr-backed version, in-memory IpAddress+NetId version) (sponsored by Unicon's CAS Cooperative Support Program)
The release is available in the Jasig Maven2 Repositories under the groupId org.jasig.cas
