Fork me on GitHub

Module mylutece cas

Introduction

This module provides to the users an authentication with the CAS SSSO.

Prerequisites

In order to follow this tutorial, a knowledge of SSO and in particular of the CAS solution is needed.

Definition of SSO

The SSO (Single Sign On) is a method allowing a user to proceed with only one authentication to access several protected applications

Overview of authentication with CAS

Introduction

CAS means "Central Authentication Service". This SSO System is developed by the Yale University.

CAS is based on exchange of tickets between the client browser, the authentication server and the protected application.

The following schema illustrates how the CAS server manages the SSO authentication.

                1 : The client requests the protected application
                2 : The client is redirected by the application towards the CAS server
                3 : After the client authentication on CAS, it delivers a ticket and redirects the client towards the application
                4 : The application reads the ticket and verifies it on CAS. 
                

Deployment of a Lutece application protected by CAS module

The procedure to deploy an application protected by CAS is the following one :
  • deployment of the plugin mylutece and the module CAS in the application
  • setting of the module CAS : the mylutece-cas.role.name role defines in the properties file of the plugin makes it possible to restrict the access to the pages having this role to the users authenticated with CAS.
  • setting of the server CAS (cf documentation on CAS))