Mindbreeze GmbH, A-4020 Linz, 2017.
All rights reserved. All hardware and software names are brand names and/or trademarks of their respective manufacturers.
These documents are strictly confidential. The submission and presentation of these documents does not confer any rights to our software, our services, and service outcomes, or other protected rights.
The dissemination, publication, or reproduction hereof is prohibited.
For ease of readability, gender differentiation has been waived. Corresponding terms and definitions apply within the meaning and intent of the equal treatment principle for both sexes.
CAS (Central Authentication Service) is an SSO (single sign-on) protocol for web applications. With CAS, the user only needs to provide their login information (user name and password) once to receive access to multiple applications.
You can configure CAS in Mindbreeze with the following steps:
The configuration is done in the "Authentication" tab.
The server URL is entered in the section "Add New CAS Server Configuration"; click on "Add".
For Web Client Services, the use of CAS can be enabled and disabled using the checkboxes in the section "Enable / Disable CAS Authentication". For each activated client service, select the corresponding "Authenticator" in the selection box. It is important that related services have the same setting.
This advanced configuration allows group memberships (included in Mindbreeze under “Principals”) to be transferred directly from CAS tickets.
Note: In order to have the attributes available in CAS tickets, CAS 3 (/cas/p3) is the CAS service URL that should be used.
A comma-separated list of CAS attributes is entered into the section "Additional principal attributes"; this list of attributes is taken directly from the CAS ticket and made available as Mindbreeze Principals in the Identity.