Simple authentication with CAS

Quick CAS Overview

  • Originally developed at Yale and now an Apereo Foundation project.
  • Has client support for many languages, applications, and servers. These include Ruby, Perl, Java, ASP, PHP, uPortal, Apache, Tomcat, and more.
  • The CAS Protocol emulates the central ideas behind the Kerberos protocol.

Content

CAS Protocol

  • CAS Protocol is based on the Kerberos Protocol
  • It uses basic HTTP GET for requests and responses, optionally POST for the response.
  • CAS responses are in XML
  • CAS can be configured to do Single Sign-On (SSO), or Re-Authentication.

Simple Authentication

  • CAS simple authentication provides Single Sign-On (SSO).
  • CAS redirects browsers visiting applications or services to the CAS server for authentication.
  • Upon return from CAS, the application or service must validate the browser data presented.
  • Applications take the ticket that is presented by the browser and then asks the CAS server if the ticket is indeed valid for the service URL on which it arrived. CAS responds with an XML response as show in the following diagram:

Additional Information