Kuali Financial System 2.2
The Kuali Financial System (KFS) team is working to create a robust financial system designed specifically for the needs of higher education institutions. It is being designed to be modular and flexible such that it will meet the needs of all Carnegie Class institutions.
This release of KFS is the second in a series of planned releases in an effort to provide a richly featured financial system for use by higher education institutions. KFS will meet GASB and FASB standards, enable a strong control environment, and provide a complete financial system free of any software licensing fees.
See a KFS Demonstration at kualitestdrive.org!
Documentation, System Requirements and Release Notes
License Requirements: KFS Software is Licensed under the: Educational Community License Version 1.0
Acknowledgements: A list of third-party contributions is available here:Kuali Third-party Contributors
Security Considerations: The KFS development team recognizes the importance of security. Solutions for authentication, authorization, and encrypting sensitive data have been provided. It will be up to each implementing institution to provide the necessary setup, configuration, and possibly alternative implementations for these important functions.
Backdoor Functionality: KFS 2.2 is delivered with a testing feature that allows users to enter the application via a "backdoor" in order to become different users in different roles. This allows individual users to test the application acting in various roles with varying permissions. In order to disable this feature for your production deployment, you must set the build.environment property to the same as production.environment.code. ("prd" by default)
Authentication: The version of the Central Authentication Service (CAS) shipped with KFS 2.2 currently does not require passwords. Implementing institutions will need to configure CAS to require passwords in order to activate secure authentication to the application.
Authorization: Security within the application is largely based on workgroups (also maintained by the application. All workgroups should be reviewed for appropriate membership. The KFS 2.2 documentation has a list of the shipping workgroups and their uses.
Sensitive Data Encryption: KFS 2.2 uses a Demonstration Encryption Framework to secure and encrypt sensitive data. Implementing institutions will need to decide whether to use the delivered encryption framework (which is fully functional) or another encryption framework of their choosing. A unique key will need to be established as well as the one delivered with the application is readily available.)
User Service: KFS 2.2 is delivered with the Kuali User Service for looking up users and determining authentication credentials, workgroup membership, and authorization permissions. Implementing institutions may choose to plug the Kuali User Service into a centralized source for user data such as an LDAP directory or institutional user service. This is the preferred approach. Otherwise, user data can be created and maintained within KFS as a stand-alone application.
Web Services: KFS 2.2 utilizes Kuali Enterprise Workflow (KEW) for the routing and approval of financial transaction documents and for managing workgroup memberships. Communications between KFS and KEW may happen via Web Services and XML depending on your configuration. By default, KEW runs embedded within KFS and does not perform any web service calls. This is a concern only if you run KEW on a separate server from KFS.
Before downloading, you must acknowledge that you have read and agree to the licensing and implementation requirements sections above.