5 reasons why CAS Support is now included with Jadu Continuum platform

Jadu Platform can use any kind of authentication service - but we've created some neat integration with CAS which will really help our customers in Higher Education.

CAS

A change in the matrix.

We've just released Jadu Continuum CMS #18 - the latest iterative release of Jadu CMS with a powerful, under the bonnet feature. Developers can now integrate any CAS enabled service or app with Jadu Platform to enable Single Sign On. That sounds pretty dull for most users, but actually, it's incredibly useful. Imagine replacing Internet, Intranet and Portal solutions - for one single system! The Website.

As a basic introduction to CAS and how these changes under the hood of the Jadu Continuum platform could benefit both your customers and organization - here are 5 reasons we made this change:

 

1. CAS is awesome.

CAS stands for Central Authentication Service. At it's simplest level, it is a standards based, Web Single Sign On (SSO) solution. Originally developed by Yale University back in the early 2k's, it has since been made an open source project that is currently managed by the Apereo foundation.

Organizations' generally have many disparate web applications that their employees or customers sign into on a regular basis, whether that's CMS, CRM, LMS etc. The main principle behind CAS is that you have one central and trusted login screen that is ideally used by all of these CAS enabled web applications. The customer or employee will go to sign into the first CAS enabled web application of the day and will as a result be directed to the central CAS login screen. The individual will then input their credentials into this trusted page and submit them, this will in turn authenticate the credentials supplied against the relevant back office identity management solution (e.g. LDAP), and then return the user back to where they initially wished to sign in from. The now signed in user does not need to manually re-sign into the other CAS enabled web applications within their session, this is all handled for you automatically and behind the scenes (by the relevant CAS clients and the CAS server) when visiting each of the individual web applications.

2. CAS is useful to the enterprise web.

There are a number of benefits that can now be realized from this integration within the Jadu Continuum platform. The primary reason (IMHO) is that of security around an end user's login credentials.

Different applications with their own individual login screens could mean that customer credentials are either locally stored directly in these applications or still pass through the applications login screen. One central identity solution with which the applications are integrated can initially improve this position slightly for your customers (for example the implementation of LDAP) so that they do not need to remember different logins for each application (or worse re-use those same credentials across the applications), but then each application is still using/touching the end user's password from within their own login screens. If one of these applications were then to be compromised, then it becomes feasible for it be used to collect user credentials that are then used to login to all the other applications. Therefore, all applications become only as strong as the weakest link. CAS provides one single and trusted login screen (the only screen to then need to input these credentials to), which then brokers the authentication to all the CASified applications as and when they are visited. If an application were then to be breached in some way, then at least the end user's login credentials are not able to be collected or analyzed from here as none of the applications ever see these.

The earlier introduction of the single identity store also means that internal IT teams can then more simply manage common user support issues such as password resets and account lockouts, whilst enforcing password security policies from one central location.

CAS provides other opportunities such as support for utilizing other standards such as OpenID and SAML where this might be of interest to your own organization's needs.

A powerful side effect of this solution is that it then provides a basis from which the applications can then gather and understand more about who the signed in user is and begin to personalize that user experience to be about them and their roles. This could be to promote specific areas of content relevant to them, provide additional access control measures, prefill personal details within online forms from a single source of truth internal record and so on.

3. CAS can enable authenticated personalization: a single destination for everything 

dickinson college CASWorking closely with Dickinson College during their implementation, there was always the vision to replace multiple point solutions with a single platform for the overall benefit of the student experience. The separate website, CMS, Portal and Mobile solutions were all consolidated down into a single Jadu powered platform solution. At the foundations of this work was the integration with the organization's existing CAS server infrastructure. Additional work was put in to pull in student and faculty user roles, which were then used to personalize the overall experience of the site around that user, such as displaying additional / relevant navigation and content. See more information within the Dickinson College case study.

4. CAS has huge benefits.

People will generally have different agendas and interests with the introduction of CAS to Jadu and the organization wide change that this can bring as a whole, but for me this capability increases the overall security of an organization's available web applications and in turn their customer's login credentials for these, which is of paramount importance in todays web enabled way of life.

For an organization's customers' though, they see an immediate ease of use benefit from only needing to remember a single set of logon credentials, and they only need to login once to access all of the organization's CAS enabled web applications. Hoorah many will shout I am sure! :)

5. You can start using it today. It's open source.

Jadu has now been "CASified" under the hood the front end user sign in process so that it can be enabled to utilise an existing CAS Server implementation where this is available within your organization's internal infrastructure. For existing customers' there are a few things that will need to be done manually to enable CAS authentication within your Jadu Continuum implementation. This broadly boils down to setting up a few basic configuration settings (such as the CAS server URL) and then tweaking some of your existing front end templates to utilise our new front end CAS Authentciation adapter. More detailed guidance on enabling CAS support available from Continuum #18 is available should you be interested in doing this yourselves.

If you would like more information about CAS and how you can implement this within your organization, then please see the CAS project pages on the Apereo foundation site.

 

Learn more about Jadu, Higher Education and our portal, forms and web CMS case studies - or get in touch if you would like to know more.

Share and Enjoy:These icons link to social bookmarking sites where readers can share and discover new web pages.

There is no response to “5 reasons why CAS Support is now included with Jadu Continuum platform”

Share this post

About

The official Jadu Blog (a peek inside). The musings and magic of the Jadu team and log of new web apps, customer super hero stories and mobile web marvels.

Recent posts

Archives

Tags