Central Authentication Service (CAS) is a Single Sign-On solution for web services. CAS allows different web services to authenticate to one authoritative source of trust, as well as permitting a user to access multiple applications while providing their credentials only once. Web applications can authenticate users without having to handle private information, such as passwords. In addition to authentication, CAS is also able to assert user information for the authenticated user in the form of LDAP attributes and values.
A CAS client is required to interface with the CAS server. There are a number of CAS clients available for a wide variety of programming languages, web servers and middleware. For more information on configuring your CAS client, you can reference the Further CAS Assistance links below.
Though well adopted in Higher Education, for more universal Web Single Sign-On solution, we also offer SAML 2.0 via Shibboleth. Visit our section on Shibboleth for more information.
The University’s CAS implementation consists of three main production CAS servers in a high availability configuration. The servers have been distributed among multiple data centers to provide redundancy in the event of a disaster. The diagram below shows the server layout, as well as the basic workflow. For more detailed information on how the CAS protocol works, read the article The CAS Protocol for Application Owners.
Click on this image to view at full size.
Further CAS Assistance
- UConn Single Sign-On Integration
- The CAS Protocol for Application Owners
- Common CAS Client Configuration
Related Articles
Filter by label
There are no items with the selected labels at this time.