Premium Feature — Available in the Professional, Professional Plus, and Enterprise Editions. Learn more or contact LabKey
Apereo Central Authentication Service (CAS) is an open-source authentication server that lets a user sign on to multiple applications while providing their credentials only once to a centralized CAS Server. Enabling CAS authentication lets LabKey Server authenticate users using a CAS server, without users providing their credentials directly to LabKey Server. CAS integration currently supports
CAS Protocol 3.0 and requires an email attribute returned in the validation response XML.
Enable CAS Single Sign On
To enable CAS single sign on:
- Select Admin > Site > Admin Console.
- On the Site Administration page, click Authentication.
- On the Authentication page, next to CAS, click Enable.
To complete the setup for CAS single sign on authentication, you need to provide a
URL to a pre-existing CAS server and
sign on logos. These steps are described below.
Specify a CAS Server
To specify a CAS single sign on server:
- If you are not still on the authentication page, select Admin > Site > Admin Console and click Authentication.
- On the Authentication page, next to CAS, click Configure.
- Next to Apereo CAS Server URL, enter a pre-existing CAS server. The URL should end with "/cas"
- Click Save.
Single Sign On Logo
The logos, which can be displayed on either the header area or on the login page, signals to users that single sign on is available. When the logo is clicked, LabKey Server will attempt to authenticate the user against the CAS server.
To upload logos:
- If you are not still on the authentication page, select Admin > Site > Admin Console and click Authentication.
- On the Authentication page, next to CAS, click Pick Logos.
- Click Choose File to upload header and login page logos.
- Click Save.
Click
Done when you have completed CAS configuration.
