CAS (Central Authentication Service)

Overview

CAS is a system which provides SSO mainly for web applications. It consists of two components: The CAS Server and the CAS Client. The CAS server authenticates user against a user database and provides this information to the clients. The CAS client is inserted before a web application to make sure, that only authenticated users have access. The client is available for many platforms like PHP and Perl.

The following picture shows how SSO with CAS works:

(1)
(2)
(3)
(4)
(5)
(6)
(7)
(8)

Client Configuration

Building a simple web application using a CAS client consisting of a servlet filter:

Deployment Descriptor:

 

JSP Page:

<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
  <body>
    Hi 
    <c:out value="${sessionScope['edu.yale.its.tp.cas.client.filter.user']}"/>!
  </body>
</html>

Server Configuration

Tomcat

 

Hostname

madagaskar

HTTP Port

80

HTTPS Port

443

LDAP-Server

 

Hostname

zanzibar

Port

10389

Search Base

o=sevenSeas

Attribut with user name

uid

Anonymous Bind

allowed

Configuration of the connection to the ApacheDS Server (<tomcat_home>/webapps/cas/WEB-INF/deployerConfigContext.xml):

 

Resources

  • No labels