CAS: Setting Up a Single-Sign-On Authentication Server Training Course

Course Code

cas

Duration

7 hours (usually 1 day including breaks)

Requirements

  • An understanding of security concepts (authentication, authorization etc.)
  • Familiarity with Linux and the command line

Overview

CAS, or Central Authentication Service, is an open-source, enterprise-level, single-sign-on protocol for the web. CAS gives users access to multiple applications using a single sign-on and allows web applications to authenticate users without giving them access to user passwords. CAS has a Java server component and various client libraries written in PHP, PL/SQL, Java, and more.

In this course, we discuss CAS's architecture and features and practice installing and configuring a CAS server. By the end of the course, participants will have an understanding of CAS's implementation of SSO (Single-Sign-On Authentication) as well as the necessary practice to deploy and manage their own authentication server.

Audience

  • System administrators

Format of the course

  • Part lecture, part discussion, heavy hands-on practice

Course Outline

Introduction

  • The case for SOS (Single-Sign-On-Authentication)
  • CAS vs LDAP vs OpenID

An overview of the CAS architecture

  • System components
  • CAS Server
  • CAS clients
  • Supported protocols
  • Software components
    • Spring MVC/Spring Webflow
    • Ticketing
    • Authentication

Building CAS as an Overlay project

  • Building and deploying with Gradle, Maven and Docker
  • Using custom and third-party source
  • Managing dependencies

Configuring authentication in CAS

  • Orchestrating authentication handlers with authentication manager
  • Choosing authentication handlers and schemes
  • Testing the default authentication scheme
  • Principal Resolution
  • Transforming the user id
  • Setting up "Remember Me" long-term authentication
  • Setting up proxy authentication
  • Multi-factor authentication (MFA)
  • Limiting failed login attempts with login throttling
  • Configuring an SSO session cookie

Attribute resolution and release

  • Principal-Id attribute: receiving authenticated userid
  • Attribute release policy: Releasing attributes to applications
  • Caching attributes: Caching resolved attributes
  • Encrypting attributes: Conditionally encrypting attributes

Summary and Conclusion

Testimonials

★★★★★
★★★★★

Course Discounts Newsletter

We respect the privacy of your email address. We will not pass on or sell your address to others.
You can always change your preferences or unsubscribe completely.

Some of our clients

is growing fast!

We are looking to expand our presence in Jordan!

As a Business Development Manager you will:

  • expand business in Jordan
  • recruit local talent (sales, agents, trainers, consultants)
  • recruit local trainers and consultants

We offer:

  • Artificial Intelligence and Big Data systems to support your local operation
  • high-tech automation
  • continuously upgraded course catalogue and content
  • good fun in international team

If you are interested in running a high-tech, high-quality training and consulting business.

Apply now!