CAS for Deployers

CAS for deployers.

This Wiki page and its child pages are intended for development of polished, conversational CAS documentation along the lines of what is available in the DocBook documentation of such projects as Hibernate and Spring.

Wiki is being used for initial author convenience. Wiki may or may not be the ideal end format of this documentation.

Introduction

Introduction

What is and why is CAS? Abstractly, what is CAS trying to accomplish? The broad architecture of the service.

Using CAS

Deploying

Where to get CAS. The fact that CAS is free and opensource. How to configure SSL so that you can try out your deployed CAS.

CASifying your first application

Making a JSP page use CAS for authentication using the CASFilter. The CAS user experience.

Introduction to Customizing CAS

Skinning and branding CAS. Plugging in an authentication handler specific to your institution's authentication strategy.

Proxy Tickets

Using CAS with uPortal. And of course proxy tickets are useful even outside of portals.

CAS Clients

Acegi, PhPCas, CAS perl modules, oh my! The rich array of available CAS clients. Features of the CAS protocol that CAS clients can use to provide more compelling user experiences - renew, gateway, logout.

The Cutting Edge: extending CAS 3

Clustering

Clustering CAS3 for performance, for failover, and for fun.

Service Registries

Restricting CAS to only authenticate to recognized services and customizing the UI based on the service the user is trying to access.

Alternate protocol views and user attributes

A SAML ticket validation response view. Extending the ticket validation response to contain user attributes.

Appendix

The CAS Community

Wikis, email discussion lists, the Java Architectures Special Interest Group.

What makes CAS secure

Randomness of ticketness. Secure channels. Foiling the Adversary.

Protocol specification

Where to find the CAS 2 protocol specification.