[CITL] [CAS / Shib Upgrade] - Issue Identified CAS QA - Please review
Süreyya Tuncel
sureyya.tuncel at ucr.edu
Tue Jan 23 17:23:39 PST 2024
Dear colleagues,
It has been reported as part of UAT that applications using Cross-Origin
requests (such as iframe) are not supported in the new version of CAS. We
have been informed of several applications that utilize this. If not
remediated, these will break in production once we upgrade CAS on February
25. We are working with the team that reported the issue.
We strongly recommend that you thoroughly test applications in your
portfolio and identify those that use CORS (Cross-Origin Resource Sharing)
and report any issues to us ASAP. It is best practice to utilize a redirect
for the authentication instead of embedding the CAS login page. We are
happy to work with you on identifying possible remediation paths.
Please feel free to reach out to us if you have any questions or concerns.
Thank you,
*Sureyya Tuncel*
Manager, Identity and Access Management
Information Technology Solutions - Information Security Office
University of California, Riverside
*(* (951) 827-1235| *** sureyya.tuncel at ucr.edu
Web <https://its.ucr.edu/> | Twitter <https://twitter.com/IT4UCR> |
Instagram <https://www.instagram.com/it4ucr/>
Pronouns: she/her <https://www.mypronouns.org/she-her>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ucr.edu/pipermail/citl/attachments/20240123/db01cd65/attachment.html>
More information about the CITL
mailing list