User Manual

5. Customization

• 5.6. UI Design and Branding — The CAS user interface is easily customized using standard Web technologies such as CSS and HTML templates.
• 5.3. Security Policy — CAS provides a number of configuration points to enforce various aspects of security policy including ticket/token expiration policy, authentication throttling, and cryptographic strength of identifiers.
• 5.5. High Availability Configuration — System configuration, CAS server configuration, and client configuration should be considered together when considering high availability deployments.
• 5.4. General Features — CAS exposes configuration points for a variety of features including SSO session behavior.
• 5.1. Configuration Management — The Maven WAR Overlay process is strongly recommended for maintaining all CAS server customizations.
• 5.2. Authentication — The CAS server authentication configuration is the most obvious and important aspect of deployment.
• 5.7. Service Management — The service management feature supports configuration of service authorization, attribute release, and SSO behavior for services that access the CAS server.

8. Troubleshooting

A general troubleshooting guide is provided as well as a FAQ with solutions to common errors/problems.

4. Installation

This chapter provides instructions for installing a functional CAS environment according to the simplest deployment scenario.

2. Architecture

The CAS architecture can be described in terms of system components including the clients and server that communicate via supported protocols.

6. Client Integration

CAS clients exist for a large number of platforms, application frameworks, and applications.

1. Introduction

CAS is a multiprotocol Web single sign-on (SSO) product composed of a single logical server component that services authentication requests from multiple clients that communicate via one or more supported protocols.

9. Upgrading

This section provides instructions for specific version upgrades.

7. Monitoring and Management

Once a functional CAS has been integrated into the enterprise, monitoring and management functions are required to ensure adequate performance and availability.

• 7.1. Logging — CAS server application logging provides essential data to support availability and performance monitoring.
• 7.3. Enterprise Monitoring Integration — CAS provides several facilities that can be leveraged for integration with enterprise monitoring systems.
• 7.2. Auditing — CAS supports a rich auditing framework that can provide queryable data to support availability and performance monitoring as well as data to support security investigations.

3. Planning and Deployment Considerations

Planning a CAS deployment requires consideration of the application and platform ecosystem, security considerations, availability, and capacity planning.

• 3.1. System Integration — Enterprise deployment planning begins with careful consideration of existing software and systems to be integrated with CAS including applications, identity management and authentication services, and other supporting enterprise services.
• 3.4. Deployment Scenarios — We present some popular deployment scenarios for CAS with commentary on availability and performance characteristics.
• 3.2. Security Considerations — CAS deployment requires consideration of enterprise security concerns such as integration with IDM software, PKI, and security policy.
• 3.3. Availability and Capacity Planning — Every enterprise deployment of CAS should be vitally concerned with availability and performance obtained through careful capacity planning.

10. Extending CAS

CAS supports extensions that provide additional functionality for special needs and environments.