Rensselaer is working toward discontinuing the CAS service. Any new Single Sign On requests will be directed to use Shibboleth which is a SAML2 Identity Provider. Please still submit a ticket and more information will be provided there.
An option for protecting an application/service/project behind Rensselaer's authentication systems is to use the CAS protocol. Rensselaer hosts and maintains a CAS server located at https://cas.auth.rpi.edu.
This service has the option to provide MFA through Duo as well.
In order to implement the CAS protocol it is recommended that you utilize one of the CAS Client libraries. The supported libraries can be found through the CAS Wiki: https://apereo.github.io/cas.
There are requirements in order to utilize Rensselaer's CAS service:
- The application/service/project must be secured with SSL/TLS.
- A ticket needs to be submitted to ITSSC: https://itssc.rpi.edu/hc/en-us. The following must be included in the body ticket:
- The application/service/project URL that will be used
- The email address of the for this application/project/service, including but not limited to, technical, owner and or administrative contacts.
- If there is a dev/test environment please include the service URLs for those as well
The endpoints for Rensselaer's CAS service are the following:
- Login: https://cas.auth.rpi.edu/cas/login
- Validate: https://cas.auth.rpi.edu/cas/serviceValidate
- casServerUrlPrefix: https://cas.auth.rpi.edu/cas
- Logout: https://cas.auth.rpi.edu/cas/logout
Comments
0 comments
Please sign in to leave a comment.