diff --git a/NOTICE b/NOTICE
index 1011bab..cde5123 100644
--- a/NOTICE
+++ b/NOTICE
@@ -39,6 +39,7 @@ This project includes:
Jasig CAS Client for Java - SAML Protocol Support under Apache License Version 2.0
Jasig CAS Client for Java - Tomcat 6.x Integration under Apache License Version 2.0
Jasig CAS Client for Java - Tomcat 7.x Integration under Apache License Version 2.0
+ Jasig CAS Client for Java - Tomcat 8.x Integration under Apache License Version 2.0
Java Servlet API under CDDL + GPLv2 with classpath exception
JavaBeans Activation Framework (JAF) under Common Development and Distribution License (CDDL) v1.0
JavaMail API under Common Development and Distribution License (CDDL) v1.0
diff --git a/README.md b/README.md
index 29c66b7..637cfd3 100644
--- a/README.md
+++ b/README.md
@@ -102,6 +102,15 @@ files in the modules (`cas-client-integration-jboss` and `cas-client-support-dis
```
+- Tomcat 8 is provided by this dependency:
+
+```xml
+
+ org.jasig.cas
+ cas-client-integration-tomcat-v8
+ ${java.cas.client.version}
+
+```
## Configuration
@@ -821,27 +830,27 @@ If you have any trouble, you can enable the log of cas in `jboss-logging.xml` by
```
-
-## Tomcat 6/7 Integration
+
+## Tomcat 6/7/8 Integration
The client supports container-based CAS authentication and authorization support for the Tomcat servlet container.
Suppose a single Tomcat container hosts multiple Web applications with similar authentication and authorization needs. Prior to Tomcat container support, each application would require a similar configuration of CAS servlet filters and authorization configuration in the `web.xml` servlet descriptor. Using the new container-based authentication/authorization feature, a single CAS configuration can be applied to the container and leveraged by all Web applications hosted by the container.
-CAS authentication support for Tomcat is based on the Tomcat-specific Realm component. The Realm component has a fairly broad surface area and RealmBase is provided as a convenient superclass for custom implementations; the CAS realm implementations derive from `RealmBase`. Unfortunately RealmBase and related components have proven to change over both major and minor number releases, which requires version-specific CAS components for integration. We have provided two packages with similar components with the hope of supporting all 6.x and 7.x versions. **No support for 5.x is provided.**
+CAS authentication support for Tomcat is based on the Tomcat-specific Realm component. The Realm component has a fairly broad surface area and RealmBase is provided as a convenient superclass for custom implementations; the CAS realm implementations derive from `RealmBase`. Unfortunately RealmBase and related components have proven to change over both major and minor number releases, which requires version-specific CAS components for integration. We have provided 3 packages with similar components with the hope of supporting all 6.x, 7.x and 8.x versions. **No support for 5.x is provided.**
### Component Overview
-In the following discussion of components, only the Tomcat 6.x components are mentioned. The Tomcat 7.0.x components have exactly the same name, but **are in the tomcat.v7 package**, e.g. `org.jasig.cas.client.tomcat.v7.Cas20CasAuthenticator`.
+In the following discussion of components, only the Tomcat 8.x components are mentioned. The Tomcat 7.0.x and 6.0.x components have exactly the same name, but **are in the tomcat.v7 and tomcat.v6 packages**, e.g. `org.jasig.cas.client.tomcat.v7.Cas20CasAuthenticator` or `org.jasig.cas.client.tomcat.v6.Cas20CasAuthenticator`.
#### Authenticators
Authenticators are responsible for performing CAS authentication using a particular protocol. All protocols supported by the Jasig Java CAS client are supported: CAS 1.0, CAS 2.0, and SAML 1.1. The following components provide protocol-specific support:
```
-org.jasig.cas.client.tomcat.v6.Cas10CasAuthenticator
-org.jasig.cas.client.tomcat.v6.Cas20CasAuthenticator
-org.jasig.cas.client.tomcat.v6.Cas20ProxyCasAuthenticator
-org.jasig.cas.client.tomcat.v6.Saml11Authenticator
+org.jasig.cas.client.tomcat.v8.Cas10CasAuthenticator
+org.jasig.cas.client.tomcat.v8.Cas20CasAuthenticator
+org.jasig.cas.client.tomcat.v8.Cas20ProxyCasAuthenticator
+org.jasig.cas.client.tomcat.v8.Saml11Authenticator
```
@@ -849,8 +858,8 @@ org.jasig.cas.client.tomcat.v6.Saml11Authenticator
In terms of CAS configuration, Tomcat realms serve as containers for users and role definitions. The roles defined in a Tomcat realm may be referenced in the web.xml servlet descriptor to define authorization constraints on Web applications hosted by the container. Two sources of user/role data are supported:
```
-org.jasig.cas.client.tomcat.v6.PropertiesCasRealm
-org.jasig.cas.client.tomcat.v6.AssertionCasRealm
+org.jasig.cas.client.tomcat.v8.PropertiesCasRealm
+org.jasig.cas.client.tomcat.v8.AssertionCasRealm
```
`PropertiesCasRealm` uses a Java properties file as a source of static user/role information. This component is conceptually similar to the `MemoryRealm` component that ships with Tomcat and defines user/role data via XML configuration. The PropertiesCasRealm is different in that it explicitly lacks support for passwords, which have no use with CAS.
@@ -865,15 +874,15 @@ A number of Tomcat valves are provided to handle functionality outside Realms an
Logout valves provide a way of destroying the CAS authentication state bound to the container for a particular user/session; the destruction of authenticated state is synonymous with logout for the container and its hosted applications. (Note this does not destroy the CAS SSO session.) The implementations provide various strategies to map a URI onto the state-destroying logout function.
```
-org.jasig.cas.client.tomcat.v6.StaticUriLogoutValve
-org.jasig.cas.client.tomcat.v6.RegexUriLogoutValve
+org.jasig.cas.client.tomcat.v8.StaticUriLogoutValve
+org.jasig.cas.client.tomcat.v8.RegexUriLogoutValve
```
##### SingleSignOutValve
-The `org.jasig.cas.client.tomcat.v6.SingleSignOutValve` allows the container to participate in CAS single sign-out. In particular this valve handles the SAML LogoutRequest message sent from the CAS server that is delivered when the CAS SSO session ends.
+The `org.jasig.cas.client.tomcat.v8.SingleSignOutValve` allows the container to participate in CAS single sign-out. In particular this valve handles the SAML LogoutRequest message sent from the CAS server that is delivered when the CAS SSO session ends.
##### ProxyCallbackValve
-The `org.jasig.cas.client.tomcat.v6.ProxyCallbackValve` provides a handler for watching request URIs for requests that contain a proxy callback request in support of the CAS 2.0 protocol proxy feature.
+The `org.jasig.cas.client.tomcat.v8.ProxyCallbackValve` provides a handler for watching request URIs for requests that contain a proxy callback request in support of the CAS 2.0 protocol proxy feature.
### Container Setup
@@ -903,11 +912,11 @@ Alternatively, CAS configuration can be applied to individual Web applications t
This example also configures the container for CAS single sign-out.
-->
@@ -926,11 +935,11 @@ Alternatively, CAS configuration can be applied to individual Web applications t
-->
@@ -948,11 +957,11 @@ The following example shows how to configure a Context for dynamic role data pro
The attribute used for role data is "memberOf".
-->
diff --git a/cas-client-integration-tomcat-v8/NOTICE b/cas-client-integration-tomcat-v8/NOTICE
index f5ce3c0..4348c0c 100644
--- a/cas-client-integration-tomcat-v8/NOTICE
+++ b/cas-client-integration-tomcat-v8/NOTICE
@@ -19,7 +19,7 @@ This project includes:
Jasig CAS Client for Java - Common Tomcat Integration Support under Apache License Version 2.0
Jasig CAS Client for Java - Core under Apache License Version 2.0
Jasig CAS Client for Java - SAML Protocol Support under Apache License Version 2.0
- Jasig CAS Client for Java - Tomcat 7.x Integration under Apache License Version 2.0
+ Jasig CAS Client for Java - Tomcat 8.x Integration under Apache License Version 2.0
Java Servlet API under CDDL + GPLv2 with classpath exception
JCL 1.1.1 implemented over SLF4J under MIT License
Joda-Time under Apache 2