Central Authentication Service (CAS)

Central Authentication Service (CAS) is a Single Sign-On solution for web services. CAS allows different web services to authenticate to one authoritative source of trust, as well as permitting a user to access multiple applications while providing their credentials only once. Web applications can authenticate users without having to handle private information, such as passwords. In addition to authentication, CAS is also able to assert user information for the authenticated user in the form of LDAP attributes and values.

A CAS client is required to interface with the CAS server. There are a number of CAS clients available for a wide variety of programming languages, web servers, and middleware. For more information on configuring your CAS client, you can reference the Further CAS Assistance links below.

The University’s CAS implementation consists of 4 main production CAS servers in a high availability configuration. The servers have been distributed among multiple data centers to provide redundancy in the event of a disaster. The diagram below shows the server layout, as well as the basic workflow. For more detailed information on how the CAS protocol works, see The CAS Protocol for Application Owners.

Click on this image to view it at full size.

Further CAS Assistance

Page:

Switching from Text to the Duo Mobile App
Page:

Switching from Google Sign-in to Email and Password Log-in
Page:

Security Keys for the 2FA Service
Page:

Impact of 2FA on Microsoft 365 and Email
Page:

Using 2FA through Remote Desktop
Page:

Setting up a Mobile Phone for 2FA
Page:

Logging in with 2FA
Page:

Setting Up 2FA on a Device
Page:

IT Guide to Telecommuting
Page:

Add a Backup 2FA Device

Further CAS Assistance

Related Articles