Skip to main content

Using Casdoor as a CAS Server

Using Casdoor as a CAS Server

Casdoor can now be used as a CAS server. It currently supports CAS 3.0.

Overview

The CAS endpoint prefix in Casdoor is <Casdoor endpoint>/cas/<organization name>/<application name>. Here is an example using the endpoint https://door.casdoor.com with an application named cas-java-app under the organization casbin:

  • /login endpoint: https://door.casdoor.com/cas/casbin/cas-java-app/login
  • /logout endpoint: https://door.casdoor.com/cas/casbin/cas-java-app/logout
  • /serviceValidate endpoint: https://door.casdoor.com/cas/casbin/cas-java-app/serviceValidate
  • /proxyValidate endpoint: https://door.casdoor.com/cas/casbin/cas-java-app/proxyValidate
  • /proxy endpoint: https://door.casdoor.com/cas/casbin/cas-java-app/proxy
  • /validate endpoint: https://door.casdoor.com/cas/casbin/cas-java-app/validate
  • /p3/serviceValidate endpoint: https://door.casdoor.com/cas/casbin/cas-java-app/p3/serviceValidate
  • /p3/proxyValidate endpoint: https://door.casdoor.com/cas/casbin/cas-java-app/p3/proxyValidate
  • /samlValidate endpoint: https://door.casdoor.com/cas/casbin/cas-java-app/samlValidate

For more information about CAS, its different versions, and parameters for these endpoints, refer to the CAS Protocol Specification.

An Example

Here is an official example GitHub Repository that contains a web app and utilizes the official CAS Java client GitHub Repository. By going through this example, you can learn how to connect to Casdoor via CAS.

note

Note: Currently, Casdoor only supports all three versions of CAS: CAS 1.0, 2.0, and 3.0.

The CAS configuration is located in src/main/webapp/WEB-INF/web.yml.

By default, this app uses CAS 3.0, which is specified by the following configurations:

<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter</filter-class>

If you want to protect this web app using CAS 2.0, change the CAS Validation Filter to the following:

<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>

For CAS 1.0, use the following:

<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class>

For all instances of the casServerUrlPrefix parameter, change them to:

<param-name>casServerUrlPrefix</param-name>
<param-value>http://door.casdoor.com/cas/casbin/cas-java-app</param-value>

For all instances of the casServerLoginUrl parameter, change them to:

<param-name>casServerLoginUrl</param-name>
<param-value>http://door.casdoor.com/cas/casbin/cas-java-app/login</param-value>

If you need to customize more configurations, see the Java CAS client GitHub Repository for detailed information.