Central Authentication Service
Central Authentication Service (CAS)
CAS is the official single sign-on (SSO) authentication service standard for all web-based applications locally hosted at Rutgers University. It is both an authentication mechanism and an enterprise single sign-on server. Applications that utilize CAS all participate in the same single sign-on session, meaning that once a user successfully authenticates with CAS, they won’t be prompted again for the duration of the session. In addition, CAS allows an application to see who authenticated, but protects the user’s password from individual applications, allowing for a much more secure computing environment.
Why use CAS?
There are numerous benefits to delegating authentication for your application to CAS:
Simplified development as there are numerous CAS client libraries available.
Increased security as client applications never see the password. A compromised client does not compromise the other applications.
Independence from the authentication mechanism. You won’t need to care if certificates, passwords, Safeword, etc. are used to authenticate.
Enhanced user experience as users are provided with a unified view of authentication.
Web service interface for application-to-application authentication.
Consistent and proper handling of credentials is ensured.