User Manual
- Marvin Addison
WORK IN PROGRESS
This is the starting page for the new CAS user manual. It is a work in progress and may or may not accurately describe current production versions of CAS or CAS client software. This page and its subordinates are primarily intended for editors, reviewers, and potential contributors.
6. Client Integration
CAS clients exist for a large number of platforms, application frameworks, and applications.
1. Introduction
CAS is a multiprotocol Web single sign-on (SSO) product composed of a single logical server component that services authentication requests from multiple clients that communicate via one or more supported protocols.
5. Customization
- 5.3. Security Policy — CAS provides a number of configuration points to enforce various aspects of security policy including ticket/token expiration policy, authentication throttling, and cryptographic strength of identifiers.
- 5.5. High Availability Configuration — System configuration, CAS server configuration, and client configuration should be considered together when considering high availability deployments.
- 5.4. General Features — CAS exposes configuration points for a variety of features including SSO session behavior.
- 5.6. UI Design and Branding — The CAS user interface is easily customized using standard Web technologies such as CSS and HTML templates.
- 5.1. Configuration Management — The Maven WAR Overlay process is strongly recommended for maintaining all CAS server customizations.
- 5.2. Authentication — The CAS server authentication configuration is the most obvious and important aspect of deployment.
- 5.7. Service Management — The service management feature supports configuration of service authorization, attribute release, and SSO behavior for services that access the CAS server.
9. Upgrading
This section provides instructions for specific version upgrades.
8. Troubleshooting
A general troubleshooting guide is provided as well as a FAQ with solutions to common errors/problems.
7. Monitoring and Management
Once a functional CAS has been integrated into the enterprise, monitoring and management functions are required to ensure adequate performance and availability.
- 7.1. Logging — CAS server application logging provides essential data to support availability and performance monitoring.
- 7.3. Enterprise Monitoring Integration — CAS provides several facilities that can be leveraged for integration with enterprise monitoring systems.
- 7.2. Auditing — CAS supports a rich auditing framework that can provide queryable data to support availability and performance monitoring as well as data to support security investigations.
3. Planning and Deployment Considerations
Planning a CAS deployment requires consideration of the application and platform ecosystem, security considerations, availability, and capacity planning.
- 3.1. System Integration — Enterprise deployment planning begins with careful consideration of existing software and systems to be integrated with CAS including applications, identity management and authentication services, and other supporting enterprise services.
- 3.2. Security Considerations — CAS deployment requires consideration of enterprise security concerns such as integration with IDM software, PKI, and security policy.
- 3.3. Availability and Capacity Planning — Every enterprise deployment of CAS should be vitally concerned with availability and performance obtained through careful capacity planning.
- 3.4. Deployment Scenarios — We present some popular deployment scenarios for CAS with commentary on availability and performance characteristics.
4. Installation
This chapter provides instructions for installing a functional CAS environment according to the simplest deployment scenario.
2. Architecture
The CAS architecture can be described in terms of system components including the clients and server that communicate via supported protocols.
10. Extending CAS
CAS supports extensions that provide additional functionality for special needs and environments.