Central Authentication Service (CAS)Central Authentication Service (CAS)
What is Central Authentication Service (CAS)?
From Wikipedia (Central Authentication Service):
The Central Authentication Service (CAS) is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their credentials (such as userid and password) only once. It also allows web applications to authenticate users without gaining access to a user's security credentials, such as a password. The name CAS also refers to a software package that implements this protocol.
Georgia Tech implements the CAS service to allow campus members to easily log into campus websites using their GT Account Username and associated password. However, for a website to utilize CAS, it must be set up correctly, which usually means adding a module, plugin, or library, and configuring it to work with Georgia Tech's CAS servers.
- Setting up CAS for Drupal 7 - Georgia Tech Drupal Article
- Setting up CAS for Drupal 8 - Coming Soon
- Setting up CAS for WordPress - Coming Soon
- Setting up CAS for a stand-alone PHP application
- Setting up CAS for a static website on OIT Web Hosting - OIT FAQ Article
CAS and Stand-Alone PHP ApplicationsCAS and Stand-Alone PHP Applications
The most common approach for adding Central Authentication Service (CAS) support to a custom stand-alone PHP application is through the phpCAS Library. As of mid 2017, the most recent version was phpCAS 1.3.5. Note: If you are using an earlier version you should upgrade as soon as possible to obtain the latest security patches.
The basic approach to using the library is to unpack it into a subdirectory of your application, require the library's main file, then add the appropriate calls to it before you application does anything that requires the user's identity to be known. It is preferable to store the user's identity in a session cookie for later accesses, so that you are not authenticating the user against the CAS server on every single page access.
Note: You would not utilize phpCAS in this manner if you are wanting to add CAS authentication to most content management systems (CMSs), such as Drupal or WordPress. Instead, you should look for a CAS module or plugin for your particular CMS, and use it. These modules and plugins are designed to integrate CAS into the CMS's user management system to give you proper security and a good end user experience. Not every CMS will have a CAS module, but most of the popular CMS's will. If you can't find a CAS module for the CMS you are using, you could look at it's module/plugin API and see if you can write your own module or plugin to integrate phpCAS, but this requires a fairly advanced knowledge of PHP programming, the CMS in question, and the CAS protocol.