User Tools

Site Tools


Central Authentication Service

About CAS

CAS is a Web single sign-on (SSO) system orginally created by Yale University. CAS uses a simple yet robust authentication protocol, the CAS protocol, which is conceptually similar to Kerberos. CAS is widely deployed and is now developed by a small, diverse development team with Apache-style support from Jasig. Virginia Tech has been using CAS since August 2005.

The following resources may be helpful in understanding CAS at a high level:

See the changelog for CAS development history at Virginia Tech.

Using VT CAS


  • Services MUST be secured by SSL/TLS
  • Services MUST be accessed by URLs containing a DNS name when requesting or validating CAS service tickets (e.g. would not be allowed to authenticate to CAS)
  • All services in the DNS namespace may use CAS without registration
  • Third party services (outside DNS namespace) MUST register to use CAS
  • All services may be subject to a security review by the security office

CAS Integration Instructions

Once your have ensured your service meets the policy and technical requirements for CAS integration, you must integrate your application using an available CAS client. The Middleware group maintains detailed CAS client integration instructions for a number of common software platforms. In any case the CAS integration process is straightforward and well documented; for a knowledgeable application developer or systems integrator integration takes no more than a couple days.

CAS Management

See management for more information.

middleware/cas.txt · Last modified: 2015/06/01 12:02 (external edit)