Difference between revisions of "Central Authentication Service - OpenKM 6.2"
(Created page with "The Central Authentication Service (CAS) is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their creden...") |
|||
| Line 1: | Line 1: | ||
The Central Authentication Service (CAS) is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their credentials (such as userid and password) only once. It also allows web applications to authenticate users without gaining access to a user's security credentials, such as a password. The name CAS also refers to a software package that implements this protocol. | The Central Authentication Service (CAS) is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their credentials (such as userid and password) only once. It also allows web applications to authenticate users without gaining access to a user's security credentials, such as a password. The name CAS also refers to a software package that implements this protocol. | ||
| + | |||
| + | First of all you should read about how CAS works. So I recommend to read these articles: | ||
| + | |||
| + | * [https://www.purdue.edu/apps/account/html/cas_presentation_20110407.pdf A detailed walk through a CAS authentication] | ||
| + | * [http://static.springsource.org/spring-security/site/docs/3.1.x/reference/cas.html Spring Security: CAS Authentication] | ||
| + | * And te mother-of-all-documentation at Spring Security 3.1 (Chapter 9). | ||
| + | |||
| + | According to the CAS documentation, it only works in secured HTTPS connections. For this reasong you need to configure HTTPS under Tomcat. Uncomment the "SSL HTTP/1.1 Connector" entry in $TOMCAT_HOME/conf/server.xml. Once you have modified it, start Tomcat and access https://localhost:8443/ to check it works fine. | ||
[[Category: Installation Guide]] | [[Category: Installation Guide]] | ||
Revision as of 09:43, 2 October 2013
The Central Authentication Service (CAS) is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their credentials (such as userid and password) only once. It also allows web applications to authenticate users without gaining access to a user's security credentials, such as a password. The name CAS also refers to a software package that implements this protocol.
First of all you should read about how CAS works. So I recommend to read these articles:
- A detailed walk through a CAS authentication
- Spring Security: CAS Authentication
- And te mother-of-all-documentation at Spring Security 3.1 (Chapter 9).
According to the CAS documentation, it only works in secured HTTPS connections. For this reasong you need to configure HTTPS under Tomcat. Uncomment the "SSL HTTP/1.1 Connector" entry in $TOMCAT_HOME/conf/server.xml. Once you have modified it, start Tomcat and access https://localhost:8443/ to check it works fine.
