Introduction
The case for SOS (Single-Sign-On-Authentication)
CAS vs LDAP vs OpenID
An overview of the CAS architecture
System components
CAS Server
CAS clients
Supported protocols
Software components
Spring MVC/Spring Webflow
Ticketing
Authentication
Building CAS as an Overlay project
Building and deploying with Gradle, Maven and Docker
Using custom and third-party source
Managing dependencies
Configuring authentication in CAS
Orchestrating authentication handlers with authentication manager
Choosing authentication handlers and schemes
Testing the default authentication scheme
Principal Resolution
Transforming the user id
Setting up "Remember Me" long-term authentication
Setting up proxy authentication
Multi-factor authentication (MFA)
Limiting failed login attempts with login throttling
Configuring an SSO session cookie
Attribute resolution and release
Principal-Id attribute: receiving authenticated userid
Attribute release policy: Releasing attributes to applications
Caching attributes: Caching resolved attributes
Encrypting attributes: Conditionally encrypting attributes
Summary and Conclusion |