From the KnowledgeBase

Title:
CAS: University Central Authentication Service for the Princeton web
Synopsis:
CAS: University Central Authentication Service for web-based applications


Solution:

The University Central Authentication Service (CAS) is a protocol for providing secure authentication for web-based applications -- one that you can trust will protect your University identity and credentials.

CAS-enabling a web application permits users to log on once and to be automatically authenticated to any other CAS-enabled application. This is also called single sign-on technology. The CAS web pages are protected by an Extended Validation SSL certificate from Verisign. The EV SSL certificate is only issued to organizations that have gone through a more rigorous screening to prove their identity.

CAS uses your Princeton University netID and password. A CAS-enabled application ensures that your security credentials are not being collected by web-based applications.

The number of CAS-enabled applications continues to increase. Here are just a few of the CAS-enabled websites and applications:

Applications will automatically re-direct you to the CAS web page to enter your credentials, or you can navigate to the CAS login page by going to www.princeton.edu/cas.

How can I identify a safe site?
You can easily identify websites that are protected with an EV SSL certificate in current versions of most browsers by "green" markers in the browser's URL bar. Below are screen shots of the CAS login page showing the "green bar" of the Extended Validation SSL Certificate in three different browsers:

Internet Explorer Example

Firefox Example

Safari Example

Information for web application developers/programmers
If you are a web application developer and would like to use CAS for authentication, you can find more information on the OIT Security and Data Protection CAS SharePoint site. There you will find information on Princeton University's CAS implementation, CAS clients for Java, PHP and .NET as well as links to the official JA-SIG CAS website. JA-SIG is the organization that maintains CAS program and CAS clients.



Last Updated:
June 25, 2014

Solution ID:
9921