CAS upgrades

Alex Kauchak

unread,

Jan 20, 2026, 10:16:26 AMJan 20

to CAS Community

Hello, my team has been tasked with upgrading CAS to version 7.3. We are currently on 6.6. We are less familiar with upgrading CAS, and I don't believe anyone on my current team is familiar with upgrading to a new major version. Is it safe to upgrade directly to 7.3, or is it better to upgrade on each minor version(i.e 6.6->7.0->7.1->7.2->7.3)? We are familiar with application framework upgrades that require us to jump to each minor version, which is why I'm asking. Thank you.

Alex Kauchak

Application Developer III

Miami University

AJ

unread,

Jan 20, 2026, 11:03:59 AMJan 20

to cas-...@apereo.org

When we went from 6.x to 7.x, there were quite a few config file changes we had to make. Do you have a test system?

I don't see a reason you cannot jump from 6.6 to 7.3 directly. That's what I would do. Feel free to contact me off list and I can help you out if you need it.

AJ at Mindcrash.com

From: 'Alex Kauchak' via CAS Community <cas-...@apereo.org>
Sent: Tuesday, January 20, 2026 9:57 AM
To: CAS Community <cas-...@apereo.org>
Subject: [cas-user] CAS upgrades

--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/09241d67-400a-485d-a8d6-45e317f3416an%40apereo.org.

Alex Kauchak

unread,

Jan 20, 2026, 12:50:15 PMJan 20

to CAS Community, AJ

Alright, thank you for your answer. Yes, we have a test system. I'll email you some questions directly if we run into any hard snags.

Pablo Vidaurri

unread,

Jan 23, 2026, 1:25:08 PMJan 23

to CAS Community, Alex Kauchak, AJ

Going thru this and here are my notes of what I had to do so far. We have a custom login flow to run business logic after authentication but before TGT is created.

CAS 7 requires JDK 21, so if you are using JDK 17 or lower and you have any custom code such for example but not limited to these imports:

- `javax.persistence.*` → `jakarta.persistence.*`
- `javax.servlet.*` → `jakarta.servlet.*`
- `javax.validation.*` → `jakarta.validation.*`
- `javax.annotation.*` → `jakarta.annotation.*`
- `javax.transaction.*` → `jakarta.transaction.*`
- `javax.inject.*` → `jakarta.inject.*`

Verify these properties are updated if you updating your existing instance versus starting from scratch with 7.x

- **gradle.properties**: `sourceCompatibility=21`, `targetCompatibility=21`
- **.java-version**: `21.0`
- **system.properties**: `java.runtime.version=21`
- **Spring Boot**: Version 3.5.6 (compatible with JDK 21)
- **CAS**: Version 7.3.1 (compatible with JDK 21)

If you have any custom Thymeleaf views, you may need to adust too to conform to their restriction of using request object.

Migrate any custom classes from spring.factories to org.springframework.boot.autoconfigure.AutoConfiguration.imports

If you are connecting to a db for your custom code, you may also need to redefine or create a transaction mananger.