Sure, you can handle it. But should you?
Let our experts manage the tech maintenance while you focus on your business.
Let our experts manage the tech maintenance while you focus on your business.
CAS Authentication with Mindbreeze
Installation and Configuration
CAS Authentication with Mindbreeze
CAS (Central Authentication Service) is an SSO (single sign-on) protocol for web applications. With CAS, the user only needs to provide their login information (user name and password) once to receive access to multiple applications. Versions 2 and 3 are supported.
Configuring CAS in Mindbreeze
You can configure CAS in Mindbreeze with the following steps:
- Add a CAS server URL
- Enable/disable CAS for single services
- Optional: Add principal attributes
The configuration is done in the "Authentication" tab.
Server URL
The server URL is entered in the section "Add New CAS Server Configuration"; click on "Add".
Enabling/Disabling CAS for single services
For Web Client Services, the use of CAS can be enabled and disabled using the checkboxes in the section "Enable / Disable CAS Authentication". For each activated client service, select the corresponding "Authenticator" in the selection box. It is important that related services have the same setting.
CAS principal attributes
All CAS principal attributes are added to the Mindbreeze Identity automatically.
Group memberships (included in Mindbreeze under “Principals”) can also be transferred directly from CAS tickets.
Note: In order to have the attributes available in CAS tickets, CAS 3 (/cas/p3) is the CAS service URL that should be used.
A comma-separated list of CAS attributes is entered into the section "Additional principal attributes"; this list of attributes is taken directly from the CAS ticket and made available as Mindbreeze Principals in the Identity.
