What Is Proxy Server Authentication?
Centralized Authentication Service ( CAS ) is a single sign-on protocol for the World Wide Web. Its purpose is to allow a user to access multiple applications without providing credentials (such as a username and password) once. It also allows web applications to authenticate users without obtaining their security credentials, such as a password. "CAS" also refers to a software package that implements the protocol.
- The CAS protocol involves at least three aspects: the client Web browser, the authentication of Web application requests, and the CAS server . It may also involve a background service (such as a database server) that does not have its own HTTP interface, but communicates with a web application.
- When the client accesses the application and requests authentication, the application is redirected to the CAS. CAS verifies that the client is authorized, usually by checking the username and password in the database (for example
- CAS is made of
- The Apereo CAS server, which is now the CAS protocol reference implementation, supports the following features:
- CAS v1, v2 and v3 protocols
- SAMLv1 and v2 protocols
- OAuth protocol
- OpenID and OpenID connection protocol
- WS-Federation Passive Requester Protocol
- Authentication through JAAS, LDAP, RDBMS, X.509, Radius, SPNEGO, JWT, Remote, Trusted, BASIC, Apache Shiro, MongoDB, Pac4J, etc.
- Authorized to WS-FED, Facebook, Twitter, SAML IdP, OpenID, OpenID Connect, CAS, etc.
- Authorized via ABAC, time / date, REST, grouper for Internet2 and more.
- HA cluster deployment through Hazelcast, Ehcache, JPA, Memcached, Apache Ignite, MongoDB, Redis, Couchbase, etc.
- Application registration is supported by JSON, LDAP, YAML, JPA, Couchbase, MongoDB, etc.
- Multi-factor authentication via Duo Security, YubiKey, RSA, Google Authenticator, etc.
- Management user interface to manage logging, monitoring, statistics, configuration, client registration, etc.
- Global and per-application user interface themes and brands.
- Password management and password policy enforcement. [2]