> The replies from here and elsewhere were generally of the type:
> We already used CAS so wanted to keep a consistent look and feel
> You can CASify more apps than you can shibbolise
> CAS gives you a customisable login form (I think the responder missed
> that Tomcat does too)
To which I would add that I have been told that CAS is supposed to have
SPNEGO support (but anecdotal evidence is that IE's fallback from SPNEGO to
username/password is ugly). OTOH you lose some of the more advanced
capabilities that SAML2 brings you if you layer Shib behind CAS.
No matter what my belief (and bear in mind that I come from the R&D, rather
than the deployment side of the house) is that the only reason to put CAS or
Pubcookie in the frame is because it is there already.