Академический Документы
Профессиональный Документы
Культура Документы
The Central Authentication Service (CAS) is a single sign-on protocol for the web applications. It is simple, flexible, and
extensible open source single sign-on for the enterprise applications and web pages. Single sign-on provides user
convenience, as it protects against both credential proliferation and password exposure, and centralizes the institutional
log-in experience. CAS has been deployed at universities, non-profits, non-governmental organizations, governments,
small businesses, and large corporations around the world.CAS client software can be built upon different software
libraries like MySQL, Linux, Apache HTTP Server, XML and much more.
1: Authenticates with CAS first to get the username from database MySQL or LDAP. CAS now retains the sessions and
can automatically respond to other applications with this username without the need to login again.
2: Once CAS gets the username from database, use the service ticket in your MySQL database that is assigned to you to
do a non-anonymous search to get extra access details about the user. CAS Framework is shown below:-
User Scenarios
If the user is able to access the login form ticket granting access is created, this can be checked in cas.log:=============================================================
WHO: [username: aakash]
WHAT: supplied credentials: [username: aakash]
ACTION: AUTHENTICATION_SUCCESS
ACTION: TICKET_GRANTING_TICKET_CREATED
APPLICATION: CAS
WHEN: Thu Dec 04 12:14:18 EST 2014
CLIENT IP ADDRESS: 148.100.163.150
SERVER IP ADDRESS: 10.13.8.182
=============================================================
And if the credentials are wrong, i.e. authentication gets failed no ticket is generated through CAS: =============================================================
WHO: [username: aakash]
WHAT: supplied credentials: [username: aakash] error.authentication.credentials.bad
ACTION: AUTHENTICATION_FAILED
ACTION: TICKET_GRANTING_TICKET_NOT_CREATED
APPLICATION: CAS
WHEN: Thu Dec 04 12:19:14 EST 2014
CLIENT IP ADDRESS: 148.100.163.150
SERVER IP ADDRESS: 10.13.8.182
Component Diagram with States