autenticacion authentication cas central development development.web directory ftpac id identidad identity ldap on open rails ruby securidad security service sign sign-on signon single sso todo type:reference web web_development

My tags:

From Wikipedia, the free encyclopedia

The Central Authentication Service (CAS) is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their credentials (such as userid and password) only once. It also allows web applications to authenticate users without gaining access to a user's security credentials, such as a password. The name CAS also refers to a software package that implements this protocol.

Contents 1 Description 2 History 3 See also 4 External links

[edit] Description

The CAS protocol involves at least three parties: a client web browser, the web application requesting authentication, and the CAS server. It may also involve a back-end service, such as a database server, that does not have its own HTTP interface but communicates with a web application.

When the client visits an application desiring to authenticate it, the application redirects it to CAS. CAS validates the client's authenticity, usually by checking a username and password against a database (such as Kerberos or Active Directory).

If the authentication succeeds, CAS returns the client to the application, passing along a security ticket. The application then validates the ticket by contacting CAS over a secure connection and providing its own service identifier and the ticket. CAS then gives the application trusted information about whether a particular user has successfully authenticated.

CAS allows multitier authentication via proxy. A cooperating back-end service, like a database or mail server, can participate in CAS, validating the authenticity of users via information it receives from web applications. Thus, a webmail client and a webmail server can all implement CAS.

[edit] History

CAS was conceived and developed by Shawn Bayern of Yale University Technology and Planning. It was later maintained by Drew Mazurek at Yale.

CAS 1.0 implemented single-sign-on. CAS 2.0 introduced multitier proxy authentication,.

Several other CAS distributions have been developed with new features.

In December 2004, CAS became a project of the Java Architectures Special Interest Group (press release), which is as of 2008 responsible for its maintenance and development. Formerly called "Yale CAS", CAS is now also known as "JA-SIG CAS".

In December 2006, the Andrew W. Mellon Foundation awarded Yale its First Annual Mellon Award for Technology Collaboration, in the amount of $50000, for Yale's development of CAS.[1] At the time of that award CAS was in use at "hundreds of university campuses (among other beneficiaries)".

[edit] See also

• Open ID
• Shibboleth (Internet2)
• Pubcookie
• JOSSO

[edit] External links

• JA-SIG CAS Home Page
• CAS Clients and Related Documentation
• CAS 1.0 and 2.0 Protocol Specification
• CAS consumer/provider software for web2py
• RubyCAS Server and Client