Central Authentication Service (CAS)
At the University of Saskatchewan, we use CAS to simplify how you access our services—with CAS, you only need to log in once to access all CAS-managed services. This is referred to as single sign-on. For example, if you log in to PAWS, you will be able to access services such as Blackboard or wikis without having to log in again.
Using CAS with Websites/Applications
The Apache CAS Authentication module (mod_auth_cas) is available on www, homepage and several other servers. To use CAS on these servers, you can just edit a .htaccess file on your website. For example:
AuthName "Network Services"
For more information on .htaccess files, please see Supported Programming Languages and Tools - www.
Developers can also install mod_auth_cas on their own servers.
The source code is available from: http://www.jasig.org/cas/client-integration.
Apache mod_auth_cas works well for static websites and applications that rely on the web server to handle authentication.
Applications that handle their own authentication need to be modified to work with CAS. Some applications support CAS out of the box, for others a developer would need to modify the application code and use a CAS client library. Please see http://www.jasig.org/cas/client-integration for more information.
Generally speaking, each CAS application keeps track of sessions separately, which raises the question, when people log out of your application do you also log them out of CAS? If you do, then do you leave them on the CAS logout screen or send them to another page?
With CAS, you can do either, by adding either a 'url=' or 'service='
parameter to the CAS logout call. For example:
If you use 'url=' the link you provide is displayed on the CAS logout page. If you use 'service=' people are redirected instead.