The term Central Authentication Service (CAS) actually explains in its own words about what it is. Central means that it acts as a Center for facilitating the service for many. Authentication involves security in applications. So I guess the term is not that hard to grasp. But on a clear cut definition CAS is single sign-on protocol for the web. CAS is also used to refer to software packages which implement this protocol. So as mentioned above, the task of a Central Authentication Service is to provide a central authentication facility to users accessing a set of web applications. This way, users would not have to provide their security credentials (username and password) each time they access a different web application. They will only be authenticated once making it all the easier for them to make use of applications.
So how does this authentication happen? Once the user provides his username and password in the application it redirects these information to CAS. CAS authenticates that information with the database to check whether it is a valid user. If the user is authenticated, then the CAS sends a security ticket to the application. The application again validates this security ticket with CAS via a secure channel and provides the CAS with its own service identifier and received ticket. And then only CAS provides the application details on whether the client was successfully authenticated or not. When the authentication process is over, user can easily navigate through other applications as well. So this whole process with CAS protocol involves the client's web browser, web application and the CAS server.
Today this process has become the newest method in easy authentication for multiple applications. For example, mobile operators can provide subscribers, easy and secured access to various 3rd party applications through this method.
No comments:
Post a Comment