Central Authentication Service (CAS)

Numerous password prompts and different credentials required for each system have created the need for institutions and organizations to adopt a secure Web single sign-on authentication process. Single sign-on provides user convenience, as it protects against both credential proliferation and password exposure, and centralizes the log-in experience.  The open source Apereo Central Authentication Service (CAS) creates a secure way for users to access multiple services with an enterprise single sign-on. CAS has gained wide adoption within higher education institutions and corporations for enterprise authentication.

What is CAS?
CAS is an authentication system originally created by Yale University to provide a trusted way for an application to authenticate a user. It is built on open standards to integrate with many applications and systems. CAS became a Jasig (now Apereo) project in December 2004. CAS provides enterprise single sign on service and is an open and well-documented protocol, an open-source Java server component, a library of clients for Java, .Net, PHP, Perl, Apache, uPortal, and others, integrates with uPortal, BlueSocket, TikiWiki, Mule, Liferay, Moodle and others, offers community documentation and implementation support, and includes an extensive community of adopters.

Whatever the goal of the CAS deployment, Unicon can provide the expertise required to give the confidence that comes with a professional implementation. Please read about Unicon’s services for CAS, in the tabs below.

Associated Services for CAS

CONSULTING SERVICES FOR CAS

CAS is an integral application of the broader identity and access management (IAM) infrastructure. Implementing a sound IAM infrastructure begins with Web single sign-on integration consulting. Unicon offers integration consulting to assist with conversion of applications on a variety of Web platforms to use CAS for authentication. Unicon can also assist in navigating several available options for load balancing and clustering of the CAS server software and executing the approach that will best meet performance, security, and reliability needs.

Consulting services are available to assist in taking full advantage of the powerful CAS proxy authentication technology, which is especially valuable in portals and Web email solutions.

Evaluation
Whether an institution or organization is in the process of implementing, updating, or maintaining CAS, assessing and evaluating options can impact the success of the WebSSO program. Unicon understands the importance of documenting goals, needs, and wants, and offers an evaluation service to institutions and organizations.

The evaluation service is a first-step for providing a snap-shot of where the institution or organization is or to help clarify a need for CAS. An evaluation session can determine and prioritize the conditions and needs required for a new implementation, update, or customization to an existing CAS instance. Unicon’s evaluation service includes surveys, reporting, and analysis, all helping institutions and organizations decide their business needs. Unicon also provides best practices for evaluation based on functionality, finances, support/maintenance, performance, usability, and security.

Mentoring
Mentorship assists in knowledge transfer to grow client’s expertise in CAS-integrating applications and in developing for and maintaining a CAS server. General CAS mentorship affords institutions and organizations access to a Unicon developer/ consultant experienced in working with CAS. Consultants are made available to assist and mentor staff.

Types of mentoring activities include: answering questions, helping staff execute on CAS development, providing guidance on CAS configuration tasks, performing research and producing documentation as requested up to the agreed amount of hours. Mentorship assists in knowledge transfer to grow an institution’s or organization’s staff expertise in the development of CAS and for maintaining the CAS instance.

Return to the article listing page

CUSTOMIZATION FOR CAS

Unicon offers custom development services that design and deliver CAS plug-ins and modifications, adjust credential validation, or change the log in flow. Unicon offers software engineering expertise, to customize CAS to meet the needs of the client. For the enterprise-minded, CAS includes multiple options for high-availability clustered deployments, optionally relying upon database-backed and distributed in-memory cache solutions for sharing state across CAS server instances. CAS supports audit and even restriction of who is accessing which service. Whatever the goal of a CAS deployment, Unicon can provide the expertise required to give clients the confidence that comes with a professional implementation.

Return to the article listing page

Systems Integration Services for CAS

CAS is an open source authentication solution that provides a trusted way for an application to authenticate a user through single sign-on. CAS is a valuable part of an institution’s or organization’s identity and access management strategy. An enterprise Web single sign-on solution is only valuable when applications make use of it, so Unicon offers a systems integration service to assist with conversion of applications to use CAS for authentication.

Unicon can help install CAS into a specific client application. Two applications Unicon has extensive experience installing CAS into are open source solutions uPortal and Sakai. Unicon’s “CASification” service begins with an initial analysis phase during which the Technical Consultant determines which client applications should be or can be “CASified.” Once this initial analysis phase is complete Unicon’s team of experienced consultants will install CAS in the application within the client environment.

Expertise is required to successfully employ a new authentication service across multiple applications. Unicon has demonstrated its CAS expertise for numerous projects, including integrating CAS with open source software such as uPortal and Horde IMP (exercising CAS proxy authentication features), as well as integrations with proprietary applications including CommunigatePro and PeopleSoft.

Return to the article listing page

SOLUTION DELIVERY FOR CAS

It takes skill and expertise to install CAS in a well-defined, usable manner. Unicon has extensive experience deploying CAS. Unicon has developed best practices to help facilitate a successful, stable implementation for clients. Unicon’s expert Project Managers guide clients through each phase of implementation, from brainstorming and planning to maintenance and support. While each of these services may be purchased separately, investing in the full package is ideal to avoid common pitfalls and ensure a seamless execution.

A successful deployment depends on taking advantage of the complete set of services listed below.

Return to the article listing page

SUPPORT FOR CAS

Protect the investment in CAS and gain all of the advantages of this open source software designed specifically for institutions and organizations plus top-quality, professional support from a commercial vendor. Unicon’s Open Source Support program is SLA-driven and backed by an accountable team of open source experts. Take advantage of a flexible, customizable open source support service with direct access to dedicated developers, consultants, and system administrators each possessing deep experience within the select open source projects. Get the backing of technical expertise and professional service all at an affordable price.

Support for CAS can also be found through the Apereo community resources, which include:

  • Free access to all maintenance releases and bug fixes
  • Free access to all security notifications
  • Free access to CAS email lists
  • Free access to community calls, demonstrations, and roadmaps
Return to the article listing page

OTHER SERVICES FOR CAS

Hosting
Unicon can host an institution’s or organization’s instance of CAS. Unicon’s hosting service is designed to maximize productivity, performance, and security, with a state-of-the-art data center and a team of experienced service delivery veterans.

Upgrades
As the open source community continues to make enhancements and adjustments to CAS, new versions are released. These upgrades can be difficult for institutions or organizations to complete without a strong commercial vendor. Unicon’s services offer an ease of migration to the newest release of CAS.

Prior to upgrade, Unicon recommends a thorough review of the client's environment, to determine the scope of the upgrade based on the extent of customization. Services can include integration of existing configuration and/or customizations in one or more client environments.

User Experience
Unicon offers a user experience service to help institutions and organizations deliver a polished, visually appealing application that follows the key principles of user experience design: useful, useable, desirable, findable, accessible, credible, and valuable.

Return to the article listing page
History of CAS

CAS 1.0 was originally developed by Yale University as an easy-to-use single sign-on for the web, and consisted of servlets and JSP pages. Later, Yale introduced its second version, CAS 2.0 that included proxy authentication and was developed for a large user community. In 2004, CAS became a Jasig project. Together with Yale and Rutgers, Jasig produced the open source CAS 3.0 with the goal of making CAS flexible and extendable to meet the varying requirements of other institutions. Today, CAS has proved itself as a trusted intermediary as universities and colleges worldwide have adopted CAS as their authentication service.