...
- Enterprise level single sign on for the web
- A trusted source
A proxy authenticator
Excerpt hidden true CAS is:
- Enterprise level single sign on for the web
- A trusted source
- A proxy authenticator
...
CAS was initially created by Yale University, and has since become a
...
Jasig project codeveloped
...
with Yale and Rutgers
...
universities. The main CAS web site can be found at https:
...
...
...
...
CAS was initially created by Yale University, and has since become a
...
Jasig project codeveloped
...
with Yale and Rutgers
...
universities. The main CAS web site can be found
...
at https:
...
...
...
CAS in action
Panel | ||
---|---|---|
| ||
The end user at the web browser visits the web application. She follows a link or the web application redirects to CAS. So the web application accesses the CAS login URL, presenting the service URL [IETMT:S]. The user interacts with CAS until she convinces it of her identity (e.g., presents a session cookie or posts her username and password into a form). CAS establishes, if not yet established, a secure cookie [IETMT:C] so that CAS can recognize the user on a subsequent request. CAS redirects the user to the web application service URL (S) with the service ticket [IETMT:T] on the URL as the request parameter "ticket". The web application presents the ticket [IETMT:T] to CAS alongside the service identifier [IETMT:S]. CAS responds with the [IETMT:NetID] in the validation response. The application reads this NetID and does whatever it needs to do to establish an application session, service the request. |
...
The following links provide more information about CAS:
httphttps://www.ja-sigapereo.org/productsprojects/cas/overview/cas2_architecture/index.html - Provides an overview of the CAS 2 Architecure, upon which CAS 3 is based. http://www.ja-sig.org/products/cas/overview/protocol/index.html - The CAS Protocol Specification http://www.ja-sig.org/products/cas/overview/proxy_auth/index.html - A description of the CAS Proxy Authentication schemeabout-cas