Central Authentication Service

Central Authentication Service

The Central Authentication Service (CAS) is a single sign-on protocol for the web. Its purpose is to permit a user to log into multiple applications simultaneously and automatically. It also allows untrusted web applications to authenticate users without gaining access to a user's security credentials, such as a password. The name "CAS" also refers to a software package that implements this protocol.

Description

The CAS protocol involves at least three parties: a "client" web browser, the web "application" requesting authentication, and the "CAS server". It may also involve a "back-end service", such as a database server, that does not have its own HTTP interface but communicates with a web application.

When the client visits an application desiring to authenticate it, the application redirects it to CAS. CAS validates the client's authenticity, usually by checking a username and password against a database (such as Kerberos or Active Directory).

If the authentication succeeds, CAS returns the client to the application, passing along a security ticket. The application then validates the ticket by contacting CAS over a secure connection and providing its own service identifier and the ticket. CAS then gives the application trusted information about whether a particular user has successfully authenticated.

CAS allows multitier authentication via proxy. A cooperating "back-end" service, like a database or mail server, can participate in CAS, validating the authenticity of users via information it receives from web applications. Thus, a webmail client and a webmail server can all implement CAS.

History

CAS was conceived and developed by Shawn Bayern of Yale University [http://www.yale.edu/its/tp/ Technology and Planning] . It was later maintained by Drew Mazurek at Yale.

CAS 1.0 implemented single-sign-on. CAS 2.0 introduced multitier proxy authentication,.

Several other CAS distributions have been developed with new features.

In December 2004, CAS became a project of the Java Architectures Special Interest Group ( [http://www.ja-sig.org/cas-press-release.html press release] ), which is as of 2008 responsible for its maintenance and development. Formerly called "Yale CAS", CAS is now also known as "JA-SIG CAS".

In December 2006, the Andrew W. Mellon Foundation awarded Yale its First Annual Mellon Award for Technology Collaboration, in the amount of $50000, for Yale's development of CAS. [http://rit.mellon.org/awards/matcpressrelease.pdf/] At the time of that award CAS was in use at "hundreds of university campuses (among other beneficiaries)".

See also

* Open ID
* Shibboleth (Internet2)

External links

* [http://www.ja-sig.org/products/cas/ JA-SIG CAS Home Page] (http://www.ja-sig.org/wiki/display/CASC/Navigation)
* [http://developer.ja-sig.org/projects/cas/ CAS nightly Maven build]
* [https://mdp.cti.depaul.edu/cas CAS consumer/provider software] for [http://www.web2py.com web2py]
* [http://code.google.com/p/rubycas-server/ RubyCAS Server and Client]


Wikimedia Foundation. 2010.

Игры ⚽ Поможем сделать НИР

Look at other dictionaries:

  • Central Authentication Service — (CAS) ist ein föderiertes Identitätsmanagement, welches ursprünglich von der Yale Universität entwickelt wurde. Mittlerweile ist CAS ein Projekt des JA SIG Konsortiums, welches zum Ziel hat, Universitäten und andere höhere Bildungsinstitute zu… …   Deutsch Wikipedia

  • Central Authentication Service — Le Central Authentication Service (CAS) est un système d authentification unique (SSO) pour le web développé par l Université Yale, partenaire majeur dans le développement de uPortal. Ce logiciel est implanté dans plusieurs universités et… …   Wikipédia en Français

  • WLAN Authentication and Privacy Infrastructure — WAPI (WLAN Authentication and Privacy Infrastructure) is a Chinese National Standard for Wireless LAN (GB 15629.11 2003).Although it was allegedly designed to operate on top of WiFi, compatibility with the security protocol used by the 802.11… …   Wikipedia

  • Service-oriented architecture implementation framework — Service oriented architectures (SOA) are based on the notion of software services, which are high level software components that include web services. Implementation of an SOA requires tools as well as run time infrastructure software. This is… …   Wikipedia

  • Central Drug Research Institute — The Central Drug Research Institute (CDRI) is one of the first laboratories to be established in India right after its independence. CDRI is among the thirty nine laboratories that are functioning under the aegis of the council of scientific and… …   Wikipedia

  • Service delivery platform — The term Service Delivery Platform (SDP) usually refers to a set of components that provide a service’s delivery architecture (such as service creation, session control protocols) for a type of service. There is no standard definition of SDP in… …   Wikipedia

  • Directory service — A directory service is the software system that stores, organizes and provides access to information in a directory. In software engineering, a directory is a map between names and values. It allows the lookup of values given a name, similar to a …   Wikipedia

  • Two-factor authentication — (TFA, T FA or 2FA) is an approach to authentication which requires the presentation of two different kinds of evidence that someone is who they say they are. It is a part of the broader family of multi factor authentication, which is a defense in …   Wikipedia

  • Network Information Service — The Network Information Service, or NIS (originally called Yellow Pages or YP) is a client–server directory service protocol for distributing system configuration data such as user and host names between computers on a computer network. Sun… …   Wikipedia

  • George W. Bush military service controversy — The George W. Bush military service controversy was an issue in the 2000 presidential campaign and in the 2004 presidential campaign. The controversy centered on questions of how George W. Bush, who would later become the 43rd President of the… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”