CAS Enterprise Single Sign-On
Welcome to the home of the Apereo Central Authentication Service project, more commonly referred to as CAS. CAS is an enterprise multilingual single sign-on solution for the web and attempts to be a comprehensive platform for your authentication and authorization needs.
CAS is an open and well-documented authentication protocol. The primary implementation of the protocol is an open-source Java server component by the same name hosted here, with support for a plethora of additional authentication protocols and features.
The following items include a summary of features and technologies presented by the CAS project:
- Spring Webflow/Spring Boot Java server component.
- Pluggable authentication support (LDAP, Database, X.509, SPNEGO, JAAS, JWT, RADIUS, MongoDb, etc)
- Support for multiple protocols (CAS, SAML, WS-Federation, OAuth2, OpenID, OpenID Connect, REST)
- Support for multifactor authentication via a variety of providers (Duo Security, FIDO U2F, YubiKey, Google Authenticator, Authy, Acceptto, etc.)
- Support for delegated authentication to external providers such as ADFS, Facebook, Twitter, SAML2 IdPs, etc.
- Support for attribute release including user consent.
- Monitor and track application behavior, statistics and logs in real time.
- Manage and register client applications and services with specific authentication policies.
- Cross-platform client support (Java, .Net, PHP, Perl, Apache, etc).
- Integrations with InCommon, Box, Office365, ServiceNow, Salesforce, Workday, WebAdvisor, Drupal, Blackboard, Moodle, Google Apps, etc.
To learn how to contribute to the project, please see this guide.
We recommend reading the following documentation in order to plan and execute a CAS deployment.
CAS development is powered by the following tools, projects and services.